@aws-sdk/client-acm-pca 3.35.0 → 3.36.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (211) hide show
  1. package/CHANGELOG.md +13 -0
  2. package/dist-cjs/ACMPCA.js +0 -1
  3. package/dist-cjs/ACMPCAClient.js +0 -1
  4. package/dist-cjs/commands/CreateCertificateAuthorityAuditReportCommand.js +0 -1
  5. package/dist-cjs/commands/CreateCertificateAuthorityCommand.js +0 -1
  6. package/dist-cjs/commands/CreatePermissionCommand.js +0 -1
  7. package/dist-cjs/commands/DeleteCertificateAuthorityCommand.js +0 -1
  8. package/dist-cjs/commands/DeletePermissionCommand.js +0 -1
  9. package/dist-cjs/commands/DeletePolicyCommand.js +0 -1
  10. package/dist-cjs/commands/DescribeCertificateAuthorityAuditReportCommand.js +0 -1
  11. package/dist-cjs/commands/DescribeCertificateAuthorityCommand.js +0 -1
  12. package/dist-cjs/commands/GetCertificateAuthorityCertificateCommand.js +0 -1
  13. package/dist-cjs/commands/GetCertificateAuthorityCsrCommand.js +0 -1
  14. package/dist-cjs/commands/GetCertificateCommand.js +0 -1
  15. package/dist-cjs/commands/GetPolicyCommand.js +0 -1
  16. package/dist-cjs/commands/ImportCertificateAuthorityCertificateCommand.js +0 -1
  17. package/dist-cjs/commands/IssueCertificateCommand.js +0 -1
  18. package/dist-cjs/commands/ListCertificateAuthoritiesCommand.js +0 -1
  19. package/dist-cjs/commands/ListPermissionsCommand.js +0 -1
  20. package/dist-cjs/commands/ListTagsCommand.js +0 -1
  21. package/dist-cjs/commands/PutPolicyCommand.js +0 -1
  22. package/dist-cjs/commands/RestoreCertificateAuthorityCommand.js +0 -1
  23. package/dist-cjs/commands/RevokeCertificateCommand.js +0 -1
  24. package/dist-cjs/commands/TagCertificateAuthorityCommand.js +0 -1
  25. package/dist-cjs/commands/UntagCertificateAuthorityCommand.js +0 -1
  26. package/dist-cjs/commands/UpdateCertificateAuthorityCommand.js +0 -1
  27. package/dist-cjs/endpoints.js +0 -1
  28. package/dist-cjs/index.js +0 -1
  29. package/dist-cjs/models/index.js +0 -1
  30. package/dist-cjs/models/models_0.js +0 -1
  31. package/dist-cjs/pagination/Interfaces.js +0 -1
  32. package/dist-cjs/pagination/ListCertificateAuthoritiesPaginator.js +0 -1
  33. package/dist-cjs/pagination/ListPermissionsPaginator.js +0 -1
  34. package/dist-cjs/pagination/ListTagsPaginator.js +0 -1
  35. package/dist-cjs/protocols/Aws_json1_1.js +0 -1
  36. package/dist-cjs/runtimeConfig.browser.js +2 -3
  37. package/dist-cjs/runtimeConfig.js +3 -4
  38. package/dist-cjs/runtimeConfig.native.js +0 -1
  39. package/dist-cjs/runtimeConfig.shared.js +0 -1
  40. package/dist-cjs/waiters/waitForAuditReportCreated.js +0 -1
  41. package/dist-cjs/waiters/waitForCertificateAuthorityCSRCreated.js +0 -1
  42. package/dist-cjs/waiters/waitForCertificateIssued.js +0 -1
  43. package/dist-es/ACMPCA.js +0 -1
  44. package/dist-es/ACMPCAClient.js +0 -1
  45. package/dist-es/commands/CreateCertificateAuthorityAuditReportCommand.js +0 -1
  46. package/dist-es/commands/CreateCertificateAuthorityCommand.js +0 -1
  47. package/dist-es/commands/CreatePermissionCommand.js +0 -1
  48. package/dist-es/commands/DeleteCertificateAuthorityCommand.js +0 -1
  49. package/dist-es/commands/DeletePermissionCommand.js +0 -1
  50. package/dist-es/commands/DeletePolicyCommand.js +0 -1
  51. package/dist-es/commands/DescribeCertificateAuthorityAuditReportCommand.js +0 -1
  52. package/dist-es/commands/DescribeCertificateAuthorityCommand.js +0 -1
  53. package/dist-es/commands/GetCertificateAuthorityCertificateCommand.js +0 -1
  54. package/dist-es/commands/GetCertificateAuthorityCsrCommand.js +0 -1
  55. package/dist-es/commands/GetCertificateCommand.js +0 -1
  56. package/dist-es/commands/GetPolicyCommand.js +0 -1
  57. package/dist-es/commands/ImportCertificateAuthorityCertificateCommand.js +0 -1
  58. package/dist-es/commands/IssueCertificateCommand.js +0 -1
  59. package/dist-es/commands/ListCertificateAuthoritiesCommand.js +0 -1
  60. package/dist-es/commands/ListPermissionsCommand.js +0 -1
  61. package/dist-es/commands/ListTagsCommand.js +0 -1
  62. package/dist-es/commands/PutPolicyCommand.js +0 -1
  63. package/dist-es/commands/RestoreCertificateAuthorityCommand.js +0 -1
  64. package/dist-es/commands/RevokeCertificateCommand.js +0 -1
  65. package/dist-es/commands/TagCertificateAuthorityCommand.js +0 -1
  66. package/dist-es/commands/UntagCertificateAuthorityCommand.js +0 -1
  67. package/dist-es/commands/UpdateCertificateAuthorityCommand.js +0 -1
  68. package/dist-es/endpoints.js +0 -1
  69. package/dist-es/index.js +0 -1
  70. package/dist-es/models/index.js +0 -1
  71. package/dist-es/models/models_0.js +0 -1
  72. package/dist-es/pagination/Interfaces.js +0 -1
  73. package/dist-es/pagination/ListCertificateAuthoritiesPaginator.js +0 -1
  74. package/dist-es/pagination/ListPermissionsPaginator.js +0 -1
  75. package/dist-es/pagination/ListTagsPaginator.js +0 -1
  76. package/dist-es/protocols/Aws_json1_1.js +0 -1
  77. package/dist-es/runtimeConfig.browser.js +1 -2
  78. package/dist-es/runtimeConfig.js +2 -3
  79. package/dist-es/runtimeConfig.native.js +0 -1
  80. package/dist-es/runtimeConfig.shared.js +0 -1
  81. package/dist-es/waiters/waitForAuditReportCreated.js +0 -1
  82. package/dist-es/waiters/waitForCertificateAuthorityCSRCreated.js +0 -1
  83. package/dist-es/waiters/waitForCertificateIssued.js +0 -1
  84. package/package.json +34 -31
  85. package/dist-cjs/ACMPCA.js.map +0 -1
  86. package/dist-cjs/ACMPCAClient.js.map +0 -1
  87. package/dist-cjs/commands/CreateCertificateAuthorityAuditReportCommand.js.map +0 -1
  88. package/dist-cjs/commands/CreateCertificateAuthorityCommand.js.map +0 -1
  89. package/dist-cjs/commands/CreatePermissionCommand.js.map +0 -1
  90. package/dist-cjs/commands/DeleteCertificateAuthorityCommand.js.map +0 -1
  91. package/dist-cjs/commands/DeletePermissionCommand.js.map +0 -1
  92. package/dist-cjs/commands/DeletePolicyCommand.js.map +0 -1
  93. package/dist-cjs/commands/DescribeCertificateAuthorityAuditReportCommand.js.map +0 -1
  94. package/dist-cjs/commands/DescribeCertificateAuthorityCommand.js.map +0 -1
  95. package/dist-cjs/commands/GetCertificateAuthorityCertificateCommand.js.map +0 -1
  96. package/dist-cjs/commands/GetCertificateAuthorityCsrCommand.js.map +0 -1
  97. package/dist-cjs/commands/GetCertificateCommand.js.map +0 -1
  98. package/dist-cjs/commands/GetPolicyCommand.js.map +0 -1
  99. package/dist-cjs/commands/ImportCertificateAuthorityCertificateCommand.js.map +0 -1
  100. package/dist-cjs/commands/IssueCertificateCommand.js.map +0 -1
  101. package/dist-cjs/commands/ListCertificateAuthoritiesCommand.js.map +0 -1
  102. package/dist-cjs/commands/ListPermissionsCommand.js.map +0 -1
  103. package/dist-cjs/commands/ListTagsCommand.js.map +0 -1
  104. package/dist-cjs/commands/PutPolicyCommand.js.map +0 -1
  105. package/dist-cjs/commands/RestoreCertificateAuthorityCommand.js.map +0 -1
  106. package/dist-cjs/commands/RevokeCertificateCommand.js.map +0 -1
  107. package/dist-cjs/commands/TagCertificateAuthorityCommand.js.map +0 -1
  108. package/dist-cjs/commands/UntagCertificateAuthorityCommand.js.map +0 -1
  109. package/dist-cjs/commands/UpdateCertificateAuthorityCommand.js.map +0 -1
  110. package/dist-cjs/endpoints.js.map +0 -1
  111. package/dist-cjs/index.js.map +0 -1
  112. package/dist-cjs/models/index.js.map +0 -1
  113. package/dist-cjs/models/models_0.js.map +0 -1
  114. package/dist-cjs/pagination/Interfaces.js.map +0 -1
  115. package/dist-cjs/pagination/ListCertificateAuthoritiesPaginator.js.map +0 -1
  116. package/dist-cjs/pagination/ListPermissionsPaginator.js.map +0 -1
  117. package/dist-cjs/pagination/ListTagsPaginator.js.map +0 -1
  118. package/dist-cjs/protocols/Aws_json1_1.js.map +0 -1
  119. package/dist-cjs/runtimeConfig.browser.js.map +0 -1
  120. package/dist-cjs/runtimeConfig.js.map +0 -1
  121. package/dist-cjs/runtimeConfig.native.js.map +0 -1
  122. package/dist-cjs/runtimeConfig.shared.js.map +0 -1
  123. package/dist-cjs/waiters/waitForAuditReportCreated.js.map +0 -1
  124. package/dist-cjs/waiters/waitForCertificateAuthorityCSRCreated.js.map +0 -1
  125. package/dist-cjs/waiters/waitForCertificateIssued.js.map +0 -1
  126. package/dist-es/ACMPCA.js.map +0 -1
  127. package/dist-es/ACMPCAClient.js.map +0 -1
  128. package/dist-es/commands/CreateCertificateAuthorityAuditReportCommand.js.map +0 -1
  129. package/dist-es/commands/CreateCertificateAuthorityCommand.js.map +0 -1
  130. package/dist-es/commands/CreatePermissionCommand.js.map +0 -1
  131. package/dist-es/commands/DeleteCertificateAuthorityCommand.js.map +0 -1
  132. package/dist-es/commands/DeletePermissionCommand.js.map +0 -1
  133. package/dist-es/commands/DeletePolicyCommand.js.map +0 -1
  134. package/dist-es/commands/DescribeCertificateAuthorityAuditReportCommand.js.map +0 -1
  135. package/dist-es/commands/DescribeCertificateAuthorityCommand.js.map +0 -1
  136. package/dist-es/commands/GetCertificateAuthorityCertificateCommand.js.map +0 -1
  137. package/dist-es/commands/GetCertificateAuthorityCsrCommand.js.map +0 -1
  138. package/dist-es/commands/GetCertificateCommand.js.map +0 -1
  139. package/dist-es/commands/GetPolicyCommand.js.map +0 -1
  140. package/dist-es/commands/ImportCertificateAuthorityCertificateCommand.js.map +0 -1
  141. package/dist-es/commands/IssueCertificateCommand.js.map +0 -1
  142. package/dist-es/commands/ListCertificateAuthoritiesCommand.js.map +0 -1
  143. package/dist-es/commands/ListPermissionsCommand.js.map +0 -1
  144. package/dist-es/commands/ListTagsCommand.js.map +0 -1
  145. package/dist-es/commands/PutPolicyCommand.js.map +0 -1
  146. package/dist-es/commands/RestoreCertificateAuthorityCommand.js.map +0 -1
  147. package/dist-es/commands/RevokeCertificateCommand.js.map +0 -1
  148. package/dist-es/commands/TagCertificateAuthorityCommand.js.map +0 -1
  149. package/dist-es/commands/UntagCertificateAuthorityCommand.js.map +0 -1
  150. package/dist-es/commands/UpdateCertificateAuthorityCommand.js.map +0 -1
  151. package/dist-es/endpoints.js.map +0 -1
  152. package/dist-es/index.js.map +0 -1
  153. package/dist-es/models/index.js.map +0 -1
  154. package/dist-es/models/models_0.js.map +0 -1
  155. package/dist-es/pagination/Interfaces.js.map +0 -1
  156. package/dist-es/pagination/ListCertificateAuthoritiesPaginator.js.map +0 -1
  157. package/dist-es/pagination/ListPermissionsPaginator.js.map +0 -1
  158. package/dist-es/pagination/ListTagsPaginator.js.map +0 -1
  159. package/dist-es/protocols/Aws_json1_1.js.map +0 -1
  160. package/dist-es/runtimeConfig.browser.js.map +0 -1
  161. package/dist-es/runtimeConfig.js.map +0 -1
  162. package/dist-es/runtimeConfig.native.js.map +0 -1
  163. package/dist-es/runtimeConfig.shared.js.map +0 -1
  164. package/dist-es/waiters/waitForAuditReportCreated.js.map +0 -1
  165. package/dist-es/waiters/waitForCertificateAuthorityCSRCreated.js.map +0 -1
  166. package/dist-es/waiters/waitForCertificateIssued.js.map +0 -1
  167. package/jest.config.js +0 -4
  168. package/src/ACMPCA.ts +0 -1323
  169. package/src/ACMPCAClient.ts +0 -361
  170. package/src/commands/CreateCertificateAuthorityAuditReportCommand.ts +0 -122
  171. package/src/commands/CreateCertificateAuthorityCommand.ts +0 -118
  172. package/src/commands/CreatePermissionCommand.ts +0 -121
  173. package/src/commands/DeleteCertificateAuthorityCommand.ts +0 -117
  174. package/src/commands/DeletePermissionCommand.ts +0 -123
  175. package/src/commands/DeletePolicyCommand.ts +0 -129
  176. package/src/commands/DescribeCertificateAuthorityAuditReportCommand.ts +0 -113
  177. package/src/commands/DescribeCertificateAuthorityCommand.ts +0 -140
  178. package/src/commands/GetCertificateAuthorityCertificateCommand.ts +0 -109
  179. package/src/commands/GetCertificateAuthorityCsrCommand.ts +0 -102
  180. package/src/commands/GetCertificateCommand.ts +0 -102
  181. package/src/commands/GetPolicyCommand.ts +0 -122
  182. package/src/commands/ImportCertificateAuthorityCertificateCommand.ts +0 -229
  183. package/src/commands/IssueCertificateCommand.ts +0 -102
  184. package/src/commands/ListCertificateAuthoritiesCommand.ts +0 -98
  185. package/src/commands/ListPermissionsCommand.ts +0 -122
  186. package/src/commands/ListTagsCommand.ts +0 -91
  187. package/src/commands/PutPolicyCommand.ts +0 -123
  188. package/src/commands/RestoreCertificateAuthorityCommand.ts +0 -108
  189. package/src/commands/RevokeCertificateCommand.ts +0 -114
  190. package/src/commands/TagCertificateAuthorityCommand.ts +0 -102
  191. package/src/commands/UntagCertificateAuthorityCommand.ts +0 -102
  192. package/src/commands/UpdateCertificateAuthorityCommand.ts +0 -108
  193. package/src/endpoints.ts +0 -91
  194. package/src/index.ts +0 -33
  195. package/src/models/index.ts +0 -1
  196. package/src/models/models_0.ts +0 -2571
  197. package/src/pagination/Interfaces.ts +0 -8
  198. package/src/pagination/ListCertificateAuthoritiesPaginator.ts +0 -59
  199. package/src/pagination/ListPermissionsPaginator.ts +0 -59
  200. package/src/pagination/ListTagsPaginator.ts +0 -55
  201. package/src/protocols/Aws_json1_1.ts +0 -3845
  202. package/src/runtimeConfig.browser.ts +0 -41
  203. package/src/runtimeConfig.native.ts +0 -17
  204. package/src/runtimeConfig.shared.ts +0 -17
  205. package/src/runtimeConfig.ts +0 -46
  206. package/src/waiters/waitForAuditReportCreated.ts +0 -61
  207. package/src/waiters/waitForCertificateAuthorityCSRCreated.ts +0 -49
  208. package/src/waiters/waitForCertificateIssued.ts +0 -43
  209. package/tsconfig.es.json +0 -10
  210. package/tsconfig.json +0 -33
  211. package/tsconfig.types.json +0 -9
package/src/ACMPCA.ts DELETED
@@ -1,1323 +0,0 @@
1
- import { HttpHandlerOptions as __HttpHandlerOptions } from "@aws-sdk/types";
2
-
3
- import { ACMPCAClient } from "./ACMPCAClient";
4
- import {
5
- CreateCertificateAuthorityAuditReportCommand,
6
- CreateCertificateAuthorityAuditReportCommandInput,
7
- CreateCertificateAuthorityAuditReportCommandOutput,
8
- } from "./commands/CreateCertificateAuthorityAuditReportCommand";
9
- import {
10
- CreateCertificateAuthorityCommand,
11
- CreateCertificateAuthorityCommandInput,
12
- CreateCertificateAuthorityCommandOutput,
13
- } from "./commands/CreateCertificateAuthorityCommand";
14
- import {
15
- CreatePermissionCommand,
16
- CreatePermissionCommandInput,
17
- CreatePermissionCommandOutput,
18
- } from "./commands/CreatePermissionCommand";
19
- import {
20
- DeleteCertificateAuthorityCommand,
21
- DeleteCertificateAuthorityCommandInput,
22
- DeleteCertificateAuthorityCommandOutput,
23
- } from "./commands/DeleteCertificateAuthorityCommand";
24
- import {
25
- DeletePermissionCommand,
26
- DeletePermissionCommandInput,
27
- DeletePermissionCommandOutput,
28
- } from "./commands/DeletePermissionCommand";
29
- import {
30
- DeletePolicyCommand,
31
- DeletePolicyCommandInput,
32
- DeletePolicyCommandOutput,
33
- } from "./commands/DeletePolicyCommand";
34
- import {
35
- DescribeCertificateAuthorityAuditReportCommand,
36
- DescribeCertificateAuthorityAuditReportCommandInput,
37
- DescribeCertificateAuthorityAuditReportCommandOutput,
38
- } from "./commands/DescribeCertificateAuthorityAuditReportCommand";
39
- import {
40
- DescribeCertificateAuthorityCommand,
41
- DescribeCertificateAuthorityCommandInput,
42
- DescribeCertificateAuthorityCommandOutput,
43
- } from "./commands/DescribeCertificateAuthorityCommand";
44
- import {
45
- GetCertificateAuthorityCertificateCommand,
46
- GetCertificateAuthorityCertificateCommandInput,
47
- GetCertificateAuthorityCertificateCommandOutput,
48
- } from "./commands/GetCertificateAuthorityCertificateCommand";
49
- import {
50
- GetCertificateAuthorityCsrCommand,
51
- GetCertificateAuthorityCsrCommandInput,
52
- GetCertificateAuthorityCsrCommandOutput,
53
- } from "./commands/GetCertificateAuthorityCsrCommand";
54
- import {
55
- GetCertificateCommand,
56
- GetCertificateCommandInput,
57
- GetCertificateCommandOutput,
58
- } from "./commands/GetCertificateCommand";
59
- import { GetPolicyCommand, GetPolicyCommandInput, GetPolicyCommandOutput } from "./commands/GetPolicyCommand";
60
- import {
61
- ImportCertificateAuthorityCertificateCommand,
62
- ImportCertificateAuthorityCertificateCommandInput,
63
- ImportCertificateAuthorityCertificateCommandOutput,
64
- } from "./commands/ImportCertificateAuthorityCertificateCommand";
65
- import {
66
- IssueCertificateCommand,
67
- IssueCertificateCommandInput,
68
- IssueCertificateCommandOutput,
69
- } from "./commands/IssueCertificateCommand";
70
- import {
71
- ListCertificateAuthoritiesCommand,
72
- ListCertificateAuthoritiesCommandInput,
73
- ListCertificateAuthoritiesCommandOutput,
74
- } from "./commands/ListCertificateAuthoritiesCommand";
75
- import {
76
- ListPermissionsCommand,
77
- ListPermissionsCommandInput,
78
- ListPermissionsCommandOutput,
79
- } from "./commands/ListPermissionsCommand";
80
- import { ListTagsCommand, ListTagsCommandInput, ListTagsCommandOutput } from "./commands/ListTagsCommand";
81
- import { PutPolicyCommand, PutPolicyCommandInput, PutPolicyCommandOutput } from "./commands/PutPolicyCommand";
82
- import {
83
- RestoreCertificateAuthorityCommand,
84
- RestoreCertificateAuthorityCommandInput,
85
- RestoreCertificateAuthorityCommandOutput,
86
- } from "./commands/RestoreCertificateAuthorityCommand";
87
- import {
88
- RevokeCertificateCommand,
89
- RevokeCertificateCommandInput,
90
- RevokeCertificateCommandOutput,
91
- } from "./commands/RevokeCertificateCommand";
92
- import {
93
- TagCertificateAuthorityCommand,
94
- TagCertificateAuthorityCommandInput,
95
- TagCertificateAuthorityCommandOutput,
96
- } from "./commands/TagCertificateAuthorityCommand";
97
- import {
98
- UntagCertificateAuthorityCommand,
99
- UntagCertificateAuthorityCommandInput,
100
- UntagCertificateAuthorityCommandOutput,
101
- } from "./commands/UntagCertificateAuthorityCommand";
102
- import {
103
- UpdateCertificateAuthorityCommand,
104
- UpdateCertificateAuthorityCommandInput,
105
- UpdateCertificateAuthorityCommandOutput,
106
- } from "./commands/UpdateCertificateAuthorityCommand";
107
-
108
- /**
109
- * <p>This is the <i>ACM Private CA API Reference</i>. It provides descriptions,
110
- * syntax, and usage examples for each of the actions and data types involved in creating
111
- * and managing private certificate authorities (CA) for your organization.</p>
112
- * <p>The documentation for each action shows the Query API request parameters and the XML
113
- * response. Alternatively, you can use one of the AWS SDKs to access an API that's
114
- * tailored to the programming language or platform that you're using. For more
115
- * information, see <a href="https://aws.amazon.com/tools/#SDKs">AWS
116
- * SDKs</a>.</p>
117
- * <p>Each ACM Private CA API operation has a quota that determines the number of times the operation
118
- * can be called per second. ACM Private CA throttles API requests at different rates depending
119
- * on the operation. Throttling means that ACM Private CA rejects an otherwise valid request
120
- * because the request exceeds the operation's quota for the number of requests per second.
121
- * When a request is throttled, ACM Private CA returns a <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/CommonErrors.html">ThrottlingException</a> error. ACM Private CA does not guarantee a minimum request
122
- * rate for APIs. </p>
123
- *
124
- * <p>To see an up-to-date list of your ACM Private CA quotas, or to request a quota increase,
125
- * log into your AWS account and visit the <a href="https://console.aws.amazon.com/servicequotas/">Service Quotas</a>
126
- * console.</p>
127
- */
128
- export class ACMPCA extends ACMPCAClient {
129
- /**
130
- * <p>Creates a root or subordinate private certificate authority (CA). You must specify the
131
- * CA configuration, an optional configuration for Online Certificate Status Protocol (OCSP)
132
- * and/or a certificate revocation list (CRL), the CA type, and
133
- * an optional idempotency token to avoid accidental creation of multiple CAs. The CA
134
- * configuration specifies the name of the algorithm and key size to be used to create the
135
- * CA private key, the type of signing algorithm that the CA uses, and X.500 subject
136
- * information. The OCSP configuration can optionally specify a custom URL for the OCSP responder.
137
- * The CRL configuration specifies the CRL expiration period in days (the
138
- * validity period of the CRL), the Amazon S3 bucket that will contain the CRL, and a CNAME
139
- * alias for the S3 bucket that is included in certificates issued by the CA. If
140
- * successful, this action returns the Amazon Resource Name (ARN) of the CA.</p>
141
- * <p>ACM Private CA assets that are stored in Amazon S3 can be protected with encryption.
142
- * For more information, see <a href="https://docs.aws.amazon.com/acm-pca/latest/userguide/PcaCreateCa.html#crl-encryption">Encrypting Your
143
- * CRLs</a>.</p>
144
- * <note>
145
- * <p>Both PCA and the IAM principal must have permission to write to
146
- * the S3 bucket that you specify. If the IAM principal making the call
147
- * does not have permission to write to the bucket, then an exception is
148
- * thrown. For more information, see <a href="https://docs.aws.amazon.com/acm-pca/latest/userguide/PcaAuthAccess.html">Configure
149
- * Access to ACM Private CA</a>.</p>
150
- * </note>
151
- */
152
- public createCertificateAuthority(
153
- args: CreateCertificateAuthorityCommandInput,
154
- options?: __HttpHandlerOptions
155
- ): Promise<CreateCertificateAuthorityCommandOutput>;
156
- public createCertificateAuthority(
157
- args: CreateCertificateAuthorityCommandInput,
158
- cb: (err: any, data?: CreateCertificateAuthorityCommandOutput) => void
159
- ): void;
160
- public createCertificateAuthority(
161
- args: CreateCertificateAuthorityCommandInput,
162
- options: __HttpHandlerOptions,
163
- cb: (err: any, data?: CreateCertificateAuthorityCommandOutput) => void
164
- ): void;
165
- public createCertificateAuthority(
166
- args: CreateCertificateAuthorityCommandInput,
167
- optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: CreateCertificateAuthorityCommandOutput) => void),
168
- cb?: (err: any, data?: CreateCertificateAuthorityCommandOutput) => void
169
- ): Promise<CreateCertificateAuthorityCommandOutput> | void {
170
- const command = new CreateCertificateAuthorityCommand(args);
171
- if (typeof optionsOrCb === "function") {
172
- this.send(command, optionsOrCb);
173
- } else if (typeof cb === "function") {
174
- if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`);
175
- this.send(command, optionsOrCb || {}, cb);
176
- } else {
177
- return this.send(command, optionsOrCb);
178
- }
179
- }
180
-
181
- /**
182
- * <p>Creates an audit report that lists every time that your CA private key is used. The
183
- * report is saved in the Amazon S3 bucket that you specify on input.
184
- *
185
- * The <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_IssueCertificate.html">IssueCertificate</a> and <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_RevokeCertificate.html">RevokeCertificate</a> actions use
186
- * the private key. </p>
187
- * <note>
188
- * <p>Both PCA and the IAM principal must have permission to write to
189
- * the S3 bucket that you specify. If the IAM principal making the call
190
- * does not have permission to write to the bucket, then an exception is
191
- * thrown. For more information, see <a href="https://docs.aws.amazon.com/acm-pca/latest/userguide/PcaAuthAccess.html">Configure
192
- * Access to ACM Private CA</a>.</p>
193
- * </note>
194
- *
195
- * <p>ACM Private CA assets that are stored in Amazon S3 can be protected with encryption.
196
- * For more information, see <a href="https://docs.aws.amazon.com/acm-pca/latest/userguide/PcaAuditReport.html#audit-report-encryption">Encrypting Your Audit
197
- * Reports</a>.</p>
198
- */
199
- public createCertificateAuthorityAuditReport(
200
- args: CreateCertificateAuthorityAuditReportCommandInput,
201
- options?: __HttpHandlerOptions
202
- ): Promise<CreateCertificateAuthorityAuditReportCommandOutput>;
203
- public createCertificateAuthorityAuditReport(
204
- args: CreateCertificateAuthorityAuditReportCommandInput,
205
- cb: (err: any, data?: CreateCertificateAuthorityAuditReportCommandOutput) => void
206
- ): void;
207
- public createCertificateAuthorityAuditReport(
208
- args: CreateCertificateAuthorityAuditReportCommandInput,
209
- options: __HttpHandlerOptions,
210
- cb: (err: any, data?: CreateCertificateAuthorityAuditReportCommandOutput) => void
211
- ): void;
212
- public createCertificateAuthorityAuditReport(
213
- args: CreateCertificateAuthorityAuditReportCommandInput,
214
- optionsOrCb?:
215
- | __HttpHandlerOptions
216
- | ((err: any, data?: CreateCertificateAuthorityAuditReportCommandOutput) => void),
217
- cb?: (err: any, data?: CreateCertificateAuthorityAuditReportCommandOutput) => void
218
- ): Promise<CreateCertificateAuthorityAuditReportCommandOutput> | void {
219
- const command = new CreateCertificateAuthorityAuditReportCommand(args);
220
- if (typeof optionsOrCb === "function") {
221
- this.send(command, optionsOrCb);
222
- } else if (typeof cb === "function") {
223
- if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`);
224
- this.send(command, optionsOrCb || {}, cb);
225
- } else {
226
- return this.send(command, optionsOrCb);
227
- }
228
- }
229
-
230
- /**
231
- * <p>Grants one or more permissions on a private CA to the AWS Certificate Manager (ACM) service
232
- * principal (<code>acm.amazonaws.com</code>). These permissions allow ACM to issue and
233
- * renew ACM certificates that reside in the same AWS account as the CA.</p>
234
- * <p>You can list current permissions with the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_ListPermissions.html">ListPermissions</a> action and
235
- * revoke them with the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_DeletePermission.html">DeletePermission</a> action.</p>
236
- * <p class="title">
237
- * <b>About Permissions</b>
238
- * </p>
239
- * <ul>
240
- * <li>
241
- * <p>If the private CA and the certificates it issues reside in the same
242
- * account, you can use <code>CreatePermission</code> to grant permissions for ACM to
243
- * carry out automatic certificate renewals.</p>
244
- * </li>
245
- * <li>
246
- * <p>For automatic certificate renewal to succeed, the ACM service principal
247
- * needs permissions to create, retrieve, and list certificates.</p>
248
- * </li>
249
- * <li>
250
- * <p>If the private CA and the ACM certificates reside in different accounts,
251
- * then permissions cannot be used to enable automatic renewals. Instead,
252
- * the ACM certificate owner must set up a resource-based policy to enable
253
- * cross-account issuance and renewals. For more information, see
254
- * <a href="https://docs.aws.amazon.com/acm-pca/latest/userguide/pca-rbp.html">Using a Resource
255
- * Based Policy with ACM Private CA</a>.</p>
256
- * </li>
257
- * </ul>
258
- */
259
- public createPermission(
260
- args: CreatePermissionCommandInput,
261
- options?: __HttpHandlerOptions
262
- ): Promise<CreatePermissionCommandOutput>;
263
- public createPermission(
264
- args: CreatePermissionCommandInput,
265
- cb: (err: any, data?: CreatePermissionCommandOutput) => void
266
- ): void;
267
- public createPermission(
268
- args: CreatePermissionCommandInput,
269
- options: __HttpHandlerOptions,
270
- cb: (err: any, data?: CreatePermissionCommandOutput) => void
271
- ): void;
272
- public createPermission(
273
- args: CreatePermissionCommandInput,
274
- optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: CreatePermissionCommandOutput) => void),
275
- cb?: (err: any, data?: CreatePermissionCommandOutput) => void
276
- ): Promise<CreatePermissionCommandOutput> | void {
277
- const command = new CreatePermissionCommand(args);
278
- if (typeof optionsOrCb === "function") {
279
- this.send(command, optionsOrCb);
280
- } else if (typeof cb === "function") {
281
- if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`);
282
- this.send(command, optionsOrCb || {}, cb);
283
- } else {
284
- return this.send(command, optionsOrCb);
285
- }
286
- }
287
-
288
- /**
289
- * <p>Deletes a private certificate authority (CA). You must provide the Amazon Resource
290
- * Name (ARN) of the private CA that you want to delete. You can find the ARN by calling
291
- * the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_ListCertificateAuthorities.html">ListCertificateAuthorities</a> action. </p>
292
- * <note>
293
- * <p>Deleting a CA will invalidate other CAs and certificates below it in your CA
294
- * hierarchy.</p>
295
- * </note>
296
- * <p>Before you can delete a CA that you have created and activated, you must disable it.
297
- * To do this, call the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_UpdateCertificateAuthority.html">UpdateCertificateAuthority</a> action and set the <b>CertificateAuthorityStatus</b> parameter to <code>DISABLED</code>. </p>
298
- * <p>Additionally, you can delete a CA if you are waiting for it to be created (that is,
299
- * the status of the CA is <code>CREATING</code>). You can also delete it if the CA has
300
- * been created but you haven't yet imported the signed certificate into ACM Private CA (that is,
301
- * the status of the CA is <code>PENDING_CERTIFICATE</code>). </p>
302
- * <p>When you successfully call <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_DeleteCertificateAuthority.html">DeleteCertificateAuthority</a>, the CA's status changes to
303
- * <code>DELETED</code>. However, the CA won't be permanently deleted until the restoration
304
- * period has passed. By default, if you do not set the
305
- * <code>PermanentDeletionTimeInDays</code> parameter, the CA remains restorable for 30
306
- * days. You can set the parameter from 7 to 30 days. The <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_DescribeCertificateAuthority.html">DescribeCertificateAuthority</a> action returns the time remaining in the
307
- * restoration window of a private CA in the <code>DELETED</code> state. To restore an
308
- * eligible CA, call the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_RestoreCertificateAuthority.html">RestoreCertificateAuthority</a> action.</p>
309
- */
310
- public deleteCertificateAuthority(
311
- args: DeleteCertificateAuthorityCommandInput,
312
- options?: __HttpHandlerOptions
313
- ): Promise<DeleteCertificateAuthorityCommandOutput>;
314
- public deleteCertificateAuthority(
315
- args: DeleteCertificateAuthorityCommandInput,
316
- cb: (err: any, data?: DeleteCertificateAuthorityCommandOutput) => void
317
- ): void;
318
- public deleteCertificateAuthority(
319
- args: DeleteCertificateAuthorityCommandInput,
320
- options: __HttpHandlerOptions,
321
- cb: (err: any, data?: DeleteCertificateAuthorityCommandOutput) => void
322
- ): void;
323
- public deleteCertificateAuthority(
324
- args: DeleteCertificateAuthorityCommandInput,
325
- optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: DeleteCertificateAuthorityCommandOutput) => void),
326
- cb?: (err: any, data?: DeleteCertificateAuthorityCommandOutput) => void
327
- ): Promise<DeleteCertificateAuthorityCommandOutput> | void {
328
- const command = new DeleteCertificateAuthorityCommand(args);
329
- if (typeof optionsOrCb === "function") {
330
- this.send(command, optionsOrCb);
331
- } else if (typeof cb === "function") {
332
- if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`);
333
- this.send(command, optionsOrCb || {}, cb);
334
- } else {
335
- return this.send(command, optionsOrCb);
336
- }
337
- }
338
-
339
- /**
340
- * <p>Revokes permissions on a private CA granted to the AWS Certificate Manager (ACM) service principal
341
- * (acm.amazonaws.com). </p>
342
- * <p>These permissions allow ACM to issue and renew ACM certificates that reside in the
343
- * same AWS account as the CA. If you revoke these permissions, ACM will no longer
344
- * renew the affected certificates automatically.</p>
345
- * <p>Permissions can be granted with the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreatePermission.html">CreatePermission</a> action and
346
- * listed with the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_ListPermissions.html">ListPermissions</a> action. </p>
347
- * <p class="title">
348
- * <b>About Permissions</b>
349
- * </p>
350
- * <ul>
351
- * <li>
352
- * <p>If the private CA and the certificates it issues reside in the same
353
- * account, you can use <code>CreatePermission</code> to grant permissions for ACM to
354
- * carry out automatic certificate renewals.</p>
355
- * </li>
356
- * <li>
357
- * <p>For automatic certificate renewal to succeed, the ACM service principal
358
- * needs permissions to create, retrieve, and list certificates.</p>
359
- * </li>
360
- * <li>
361
- * <p>If the private CA and the ACM certificates reside in different accounts,
362
- * then permissions cannot be used to enable automatic renewals. Instead,
363
- * the ACM certificate owner must set up a resource-based policy to enable
364
- * cross-account issuance and renewals. For more information, see
365
- * <a href="https://docs.aws.amazon.com/acm-pca/latest/userguide/pca-rbp.html">Using a Resource
366
- * Based Policy with ACM Private CA</a>.</p>
367
- * </li>
368
- * </ul>
369
- */
370
- public deletePermission(
371
- args: DeletePermissionCommandInput,
372
- options?: __HttpHandlerOptions
373
- ): Promise<DeletePermissionCommandOutput>;
374
- public deletePermission(
375
- args: DeletePermissionCommandInput,
376
- cb: (err: any, data?: DeletePermissionCommandOutput) => void
377
- ): void;
378
- public deletePermission(
379
- args: DeletePermissionCommandInput,
380
- options: __HttpHandlerOptions,
381
- cb: (err: any, data?: DeletePermissionCommandOutput) => void
382
- ): void;
383
- public deletePermission(
384
- args: DeletePermissionCommandInput,
385
- optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: DeletePermissionCommandOutput) => void),
386
- cb?: (err: any, data?: DeletePermissionCommandOutput) => void
387
- ): Promise<DeletePermissionCommandOutput> | void {
388
- const command = new DeletePermissionCommand(args);
389
- if (typeof optionsOrCb === "function") {
390
- this.send(command, optionsOrCb);
391
- } else if (typeof cb === "function") {
392
- if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`);
393
- this.send(command, optionsOrCb || {}, cb);
394
- } else {
395
- return this.send(command, optionsOrCb);
396
- }
397
- }
398
-
399
- /**
400
- * <p>Deletes the resource-based policy attached to a private CA. Deletion will remove any
401
- * access that the policy has granted. If there is no policy attached to the private CA,
402
- * this action will return successful.</p>
403
- * <p>If you delete a policy that was applied through AWS Resource Access Manager (RAM), the
404
- * CA will be removed from all shares in which it was included. </p>
405
- * <p>The AWS Certificate Manager Service Linked Role that the policy supports is not affected when you
406
- * delete the policy. </p>
407
- * <p>The current policy can be shown with <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_GetPolicy.html">GetPolicy</a> and updated with <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_PutPolicy.html">PutPolicy</a>.</p>
408
- * <p class="title">
409
- * <b>About Policies</b>
410
- * </p>
411
- * <ul>
412
- * <li>
413
- * <p>A policy grants access on a private CA to an AWS customer account, to AWS Organizations, or to
414
- * an AWS Organizations unit. Policies are under the control of a CA administrator. For more information,
415
- * see <a href="https://docs.aws.amazon.com/acm-pca/latest/userguide/pca-rbp.html">Using a Resource Based Policy with ACM Private CA</a>.</p>
416
- * </li>
417
- * <li>
418
- * <p>A policy permits a user of AWS Certificate Manager (ACM) to issue ACM certificates
419
- * signed by a CA in another account.</p>
420
- * </li>
421
- * <li>
422
- * <p>For ACM to manage automatic renewal of these certificates,
423
- * the ACM user must configure a Service Linked Role (SLR). The SLR allows
424
- * the ACM service to assume the identity of the user, subject to confirmation against the
425
- * ACM Private CA policy. For more information, see
426
- * <a href="https://docs.aws.amazon.com/acm/latest/userguide/acm-slr.html">Using a
427
- * Service Linked Role with ACM</a>.</p>
428
- * </li>
429
- * <li>
430
- * <p>Updates made in AWS Resource Manager (RAM) are reflected in policies. For more information,
431
- * see <a href="https://docs.aws.amazon.com/acm-pca/latest/userguide/pca-ram.html">Attach a Policy for Cross-Account
432
- * Access</a>.</p>
433
- * </li>
434
- * </ul>
435
- */
436
- public deletePolicy(
437
- args: DeletePolicyCommandInput,
438
- options?: __HttpHandlerOptions
439
- ): Promise<DeletePolicyCommandOutput>;
440
- public deletePolicy(args: DeletePolicyCommandInput, cb: (err: any, data?: DeletePolicyCommandOutput) => void): void;
441
- public deletePolicy(
442
- args: DeletePolicyCommandInput,
443
- options: __HttpHandlerOptions,
444
- cb: (err: any, data?: DeletePolicyCommandOutput) => void
445
- ): void;
446
- public deletePolicy(
447
- args: DeletePolicyCommandInput,
448
- optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: DeletePolicyCommandOutput) => void),
449
- cb?: (err: any, data?: DeletePolicyCommandOutput) => void
450
- ): Promise<DeletePolicyCommandOutput> | void {
451
- const command = new DeletePolicyCommand(args);
452
- if (typeof optionsOrCb === "function") {
453
- this.send(command, optionsOrCb);
454
- } else if (typeof cb === "function") {
455
- if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`);
456
- this.send(command, optionsOrCb || {}, cb);
457
- } else {
458
- return this.send(command, optionsOrCb);
459
- }
460
- }
461
-
462
- /**
463
- * <p>Lists information about your private certificate authority (CA) or one that has been
464
- * shared with you. You specify the private CA on input by its ARN (Amazon Resource Name).
465
- * The output contains the status of your CA. This can be any of the following: </p>
466
- * <ul>
467
- * <li>
468
- * <p>
469
- * <code>CREATING</code> - ACM Private CA is creating your private certificate
470
- * authority.</p>
471
- * </li>
472
- * <li>
473
- * <p>
474
- * <code>PENDING_CERTIFICATE</code> - The certificate is pending. You must use
475
- * your ACM Private CA-hosted or on-premises root or subordinate CA to sign your private CA
476
- * CSR and then import it into PCA. </p>
477
- * </li>
478
- * <li>
479
- * <p>
480
- * <code>ACTIVE</code> - Your private CA is active.</p>
481
- * </li>
482
- * <li>
483
- * <p>
484
- * <code>DISABLED</code> - Your private CA has been disabled.</p>
485
- * </li>
486
- * <li>
487
- * <p>
488
- * <code>EXPIRED</code> - Your private CA certificate has expired.</p>
489
- * </li>
490
- * <li>
491
- * <p>
492
- * <code>FAILED</code> - Your private CA has failed. Your CA can fail because of
493
- * problems such a network outage or back-end AWS failure or other errors. A
494
- * failed CA can never return to the pending state. You must create a new CA.
495
- * </p>
496
- * </li>
497
- * <li>
498
- * <p>
499
- * <code>DELETED</code> - Your private CA is within the restoration period, after
500
- * which it is permanently deleted. The length of time remaining in the CA's
501
- * restoration period is also included in this action's output.</p>
502
- * </li>
503
- * </ul>
504
- */
505
- public describeCertificateAuthority(
506
- args: DescribeCertificateAuthorityCommandInput,
507
- options?: __HttpHandlerOptions
508
- ): Promise<DescribeCertificateAuthorityCommandOutput>;
509
- public describeCertificateAuthority(
510
- args: DescribeCertificateAuthorityCommandInput,
511
- cb: (err: any, data?: DescribeCertificateAuthorityCommandOutput) => void
512
- ): void;
513
- public describeCertificateAuthority(
514
- args: DescribeCertificateAuthorityCommandInput,
515
- options: __HttpHandlerOptions,
516
- cb: (err: any, data?: DescribeCertificateAuthorityCommandOutput) => void
517
- ): void;
518
- public describeCertificateAuthority(
519
- args: DescribeCertificateAuthorityCommandInput,
520
- optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: DescribeCertificateAuthorityCommandOutput) => void),
521
- cb?: (err: any, data?: DescribeCertificateAuthorityCommandOutput) => void
522
- ): Promise<DescribeCertificateAuthorityCommandOutput> | void {
523
- const command = new DescribeCertificateAuthorityCommand(args);
524
- if (typeof optionsOrCb === "function") {
525
- this.send(command, optionsOrCb);
526
- } else if (typeof cb === "function") {
527
- if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`);
528
- this.send(command, optionsOrCb || {}, cb);
529
- } else {
530
- return this.send(command, optionsOrCb);
531
- }
532
- }
533
-
534
- /**
535
- * <p>Lists information about a specific audit report created by calling the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthorityAuditReport.html">CreateCertificateAuthorityAuditReport</a> action. Audit information is created
536
- * every time the certificate authority (CA) private key is used. The private key is used
537
- * when you call the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_IssueCertificate.html">IssueCertificate</a> action or the
538
- * <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_RevokeCertificate.html">RevokeCertificate</a> action. </p>
539
- */
540
- public describeCertificateAuthorityAuditReport(
541
- args: DescribeCertificateAuthorityAuditReportCommandInput,
542
- options?: __HttpHandlerOptions
543
- ): Promise<DescribeCertificateAuthorityAuditReportCommandOutput>;
544
- public describeCertificateAuthorityAuditReport(
545
- args: DescribeCertificateAuthorityAuditReportCommandInput,
546
- cb: (err: any, data?: DescribeCertificateAuthorityAuditReportCommandOutput) => void
547
- ): void;
548
- public describeCertificateAuthorityAuditReport(
549
- args: DescribeCertificateAuthorityAuditReportCommandInput,
550
- options: __HttpHandlerOptions,
551
- cb: (err: any, data?: DescribeCertificateAuthorityAuditReportCommandOutput) => void
552
- ): void;
553
- public describeCertificateAuthorityAuditReport(
554
- args: DescribeCertificateAuthorityAuditReportCommandInput,
555
- optionsOrCb?:
556
- | __HttpHandlerOptions
557
- | ((err: any, data?: DescribeCertificateAuthorityAuditReportCommandOutput) => void),
558
- cb?: (err: any, data?: DescribeCertificateAuthorityAuditReportCommandOutput) => void
559
- ): Promise<DescribeCertificateAuthorityAuditReportCommandOutput> | void {
560
- const command = new DescribeCertificateAuthorityAuditReportCommand(args);
561
- if (typeof optionsOrCb === "function") {
562
- this.send(command, optionsOrCb);
563
- } else if (typeof cb === "function") {
564
- if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`);
565
- this.send(command, optionsOrCb || {}, cb);
566
- } else {
567
- return this.send(command, optionsOrCb);
568
- }
569
- }
570
-
571
- /**
572
- * <p>Retrieves a certificate from your private CA or one that has been shared with you. The
573
- * ARN of the certificate is returned when you call the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_IssueCertificate.html">IssueCertificate</a> action. You
574
- * must specify both the ARN of your private CA and the ARN of the issued certificate when
575
- * calling the <b>GetCertificate</b> action. You can retrieve the
576
- * certificate if it is in the <b>ISSUED</b> state. You can call
577
- * the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthorityAuditReport.html">CreateCertificateAuthorityAuditReport</a> action to create a report that
578
- * contains information about all of the certificates issued and revoked by your private
579
- * CA. </p>
580
- */
581
- public getCertificate(
582
- args: GetCertificateCommandInput,
583
- options?: __HttpHandlerOptions
584
- ): Promise<GetCertificateCommandOutput>;
585
- public getCertificate(
586
- args: GetCertificateCommandInput,
587
- cb: (err: any, data?: GetCertificateCommandOutput) => void
588
- ): void;
589
- public getCertificate(
590
- args: GetCertificateCommandInput,
591
- options: __HttpHandlerOptions,
592
- cb: (err: any, data?: GetCertificateCommandOutput) => void
593
- ): void;
594
- public getCertificate(
595
- args: GetCertificateCommandInput,
596
- optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: GetCertificateCommandOutput) => void),
597
- cb?: (err: any, data?: GetCertificateCommandOutput) => void
598
- ): Promise<GetCertificateCommandOutput> | void {
599
- const command = new GetCertificateCommand(args);
600
- if (typeof optionsOrCb === "function") {
601
- this.send(command, optionsOrCb);
602
- } else if (typeof cb === "function") {
603
- if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`);
604
- this.send(command, optionsOrCb || {}, cb);
605
- } else {
606
- return this.send(command, optionsOrCb);
607
- }
608
- }
609
-
610
- /**
611
- * <p>Retrieves the certificate and certificate chain for your private certificate authority
612
- * (CA) or one that has been shared with you. Both the certificate and the chain are base64
613
- * PEM-encoded. The chain does not include the CA certificate. Each certificate in the
614
- * chain signs the one before it. </p>
615
- */
616
- public getCertificateAuthorityCertificate(
617
- args: GetCertificateAuthorityCertificateCommandInput,
618
- options?: __HttpHandlerOptions
619
- ): Promise<GetCertificateAuthorityCertificateCommandOutput>;
620
- public getCertificateAuthorityCertificate(
621
- args: GetCertificateAuthorityCertificateCommandInput,
622
- cb: (err: any, data?: GetCertificateAuthorityCertificateCommandOutput) => void
623
- ): void;
624
- public getCertificateAuthorityCertificate(
625
- args: GetCertificateAuthorityCertificateCommandInput,
626
- options: __HttpHandlerOptions,
627
- cb: (err: any, data?: GetCertificateAuthorityCertificateCommandOutput) => void
628
- ): void;
629
- public getCertificateAuthorityCertificate(
630
- args: GetCertificateAuthorityCertificateCommandInput,
631
- optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: GetCertificateAuthorityCertificateCommandOutput) => void),
632
- cb?: (err: any, data?: GetCertificateAuthorityCertificateCommandOutput) => void
633
- ): Promise<GetCertificateAuthorityCertificateCommandOutput> | void {
634
- const command = new GetCertificateAuthorityCertificateCommand(args);
635
- if (typeof optionsOrCb === "function") {
636
- this.send(command, optionsOrCb);
637
- } else if (typeof cb === "function") {
638
- if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`);
639
- this.send(command, optionsOrCb || {}, cb);
640
- } else {
641
- return this.send(command, optionsOrCb);
642
- }
643
- }
644
-
645
- /**
646
- * <p>Retrieves the certificate signing request (CSR) for your private certificate authority
647
- * (CA). The CSR is created when you call the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthority.html">CreateCertificateAuthority</a> action. Sign the CSR with your ACM Private CA-hosted or
648
- * on-premises root or subordinate CA. Then import the signed certificate back into ACM Private CA
649
- * by calling the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_ImportCertificateAuthorityCertificate.html">ImportCertificateAuthorityCertificate</a> action. The CSR is returned as a
650
- * base64 PEM-encoded string. </p>
651
- */
652
- public getCertificateAuthorityCsr(
653
- args: GetCertificateAuthorityCsrCommandInput,
654
- options?: __HttpHandlerOptions
655
- ): Promise<GetCertificateAuthorityCsrCommandOutput>;
656
- public getCertificateAuthorityCsr(
657
- args: GetCertificateAuthorityCsrCommandInput,
658
- cb: (err: any, data?: GetCertificateAuthorityCsrCommandOutput) => void
659
- ): void;
660
- public getCertificateAuthorityCsr(
661
- args: GetCertificateAuthorityCsrCommandInput,
662
- options: __HttpHandlerOptions,
663
- cb: (err: any, data?: GetCertificateAuthorityCsrCommandOutput) => void
664
- ): void;
665
- public getCertificateAuthorityCsr(
666
- args: GetCertificateAuthorityCsrCommandInput,
667
- optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: GetCertificateAuthorityCsrCommandOutput) => void),
668
- cb?: (err: any, data?: GetCertificateAuthorityCsrCommandOutput) => void
669
- ): Promise<GetCertificateAuthorityCsrCommandOutput> | void {
670
- const command = new GetCertificateAuthorityCsrCommand(args);
671
- if (typeof optionsOrCb === "function") {
672
- this.send(command, optionsOrCb);
673
- } else if (typeof cb === "function") {
674
- if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`);
675
- this.send(command, optionsOrCb || {}, cb);
676
- } else {
677
- return this.send(command, optionsOrCb);
678
- }
679
- }
680
-
681
- /**
682
- * <p>Retrieves the resource-based policy attached to a private CA. If either the private CA
683
- * resource or the policy cannot be found, this action returns a
684
- * <code>ResourceNotFoundException</code>. </p>
685
- * <p>The policy can be attached or updated with <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_PutPolicy.html">PutPolicy</a> and removed with <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_DeletePolicy.html">DeletePolicy</a>.</p>
686
- * <p class="title">
687
- * <b>About Policies</b>
688
- * </p>
689
- * <ul>
690
- * <li>
691
- * <p>A policy grants access on a private CA to an AWS customer account, to AWS Organizations, or to
692
- * an AWS Organizations unit. Policies are under the control of a CA administrator. For more information,
693
- * see <a href="https://docs.aws.amazon.com/acm-pca/latest/userguide/pca-rbp.html">Using a Resource Based Policy with ACM Private CA</a>.</p>
694
- * </li>
695
- * <li>
696
- * <p>A policy permits a user of AWS Certificate Manager (ACM) to issue ACM certificates
697
- * signed by a CA in another account.</p>
698
- * </li>
699
- * <li>
700
- * <p>For ACM to manage automatic renewal of these certificates,
701
- * the ACM user must configure a Service Linked Role (SLR). The SLR allows
702
- * the ACM service to assume the identity of the user, subject to confirmation against the
703
- * ACM Private CA policy. For more information, see
704
- * <a href="https://docs.aws.amazon.com/acm/latest/userguide/acm-slr.html">Using a
705
- * Service Linked Role with ACM</a>.</p>
706
- * </li>
707
- * <li>
708
- * <p>Updates made in AWS Resource Manager (RAM) are reflected in policies. For more information,
709
- * see <a href="https://docs.aws.amazon.com/acm-pca/latest/userguide/pca-ram.html">Attach a Policy for Cross-Account
710
- * Access</a>.</p>
711
- * </li>
712
- * </ul>
713
- */
714
- public getPolicy(args: GetPolicyCommandInput, options?: __HttpHandlerOptions): Promise<GetPolicyCommandOutput>;
715
- public getPolicy(args: GetPolicyCommandInput, cb: (err: any, data?: GetPolicyCommandOutput) => void): void;
716
- public getPolicy(
717
- args: GetPolicyCommandInput,
718
- options: __HttpHandlerOptions,
719
- cb: (err: any, data?: GetPolicyCommandOutput) => void
720
- ): void;
721
- public getPolicy(
722
- args: GetPolicyCommandInput,
723
- optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: GetPolicyCommandOutput) => void),
724
- cb?: (err: any, data?: GetPolicyCommandOutput) => void
725
- ): Promise<GetPolicyCommandOutput> | void {
726
- const command = new GetPolicyCommand(args);
727
- if (typeof optionsOrCb === "function") {
728
- this.send(command, optionsOrCb);
729
- } else if (typeof cb === "function") {
730
- if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`);
731
- this.send(command, optionsOrCb || {}, cb);
732
- } else {
733
- return this.send(command, optionsOrCb);
734
- }
735
- }
736
-
737
- /**
738
- * <p>Imports a signed private CA certificate into ACM Private CA. This action is used when you are
739
- * using a chain of trust whose root is located outside ACM Private CA. Before you can call this
740
- * action, the following preparations must in place:</p>
741
- * <ol>
742
- * <li>
743
- * <p>In ACM Private CA, call the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthority.html">CreateCertificateAuthority</a> action to create the private CA that you
744
- * plan to back with the imported certificate.</p>
745
- * </li>
746
- * <li>
747
- * <p>Call the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_GetCertificateAuthorityCsr.html">GetCertificateAuthorityCsr</a> action to generate a certificate signing
748
- * request (CSR).</p>
749
- * </li>
750
- * <li>
751
- * <p>Sign the CSR using a root or intermediate CA hosted by either an on-premises
752
- * PKI hierarchy or by a commercial CA.</p>
753
- * </li>
754
- * <li>
755
- * <p>Create a certificate chain and copy the signed certificate and the certificate
756
- * chain to your working directory.</p>
757
- * </li>
758
- * </ol>
759
- * <p>ACM Private CA supports three scenarios for installing a CA certificate:</p>
760
- * <ul>
761
- * <li>
762
- * <p>Installing a certificate for a root CA hosted by ACM Private CA.</p>
763
- * </li>
764
- * <li>
765
- * <p>Installing a subordinate CA certificate whose parent authority is hosted by
766
- * ACM Private CA.</p>
767
- * </li>
768
- * <li>
769
- * <p>Installing a subordinate CA certificate whose parent authority is externally
770
- * hosted.</p>
771
- * </li>
772
- * </ul>
773
- * <p>The following additional requirements apply when you import a CA certificate.</p>
774
- * <ul>
775
- * <li>
776
- * <p>Only a self-signed certificate can be imported as a root CA.</p>
777
- * </li>
778
- * <li>
779
- * <p>A self-signed certificate cannot be imported as a subordinate CA.</p>
780
- * </li>
781
- * <li>
782
- * <p>Your certificate chain must not include the private CA certificate that you
783
- * are importing.</p>
784
- * </li>
785
- * <li>
786
- * <p>Your root CA must be the last certificate in your chain. The subordinate
787
- * certificate, if any, that your root CA signed must be next to last. The
788
- * subordinate certificate signed by the preceding subordinate CA must come next,
789
- * and so on until your chain is built. </p>
790
- * </li>
791
- * <li>
792
- * <p>The chain must be PEM-encoded.</p>
793
- * </li>
794
- * <li>
795
- * <p>The maximum allowed size of a certificate is 32 KB.</p>
796
- * </li>
797
- * <li>
798
- * <p>The maximum allowed size of a certificate chain is 2 MB.</p>
799
- * </li>
800
- * </ul>
801
- * <p>
802
- * <i>Enforcement of Critical Constraints</i>
803
- * </p>
804
- * <p>ACM Private CA allows the following extensions to be marked critical in the imported CA
805
- * certificate or chain.</p>
806
- * <ul>
807
- * <li>
808
- * <p>Basic constraints (<i>must</i> be marked critical)</p>
809
- * </li>
810
- * <li>
811
- * <p>Subject alternative names</p>
812
- * </li>
813
- * <li>
814
- * <p>Key usage</p>
815
- * </li>
816
- * <li>
817
- * <p>Extended key usage</p>
818
- * </li>
819
- * <li>
820
- * <p>Authority key identifier</p>
821
- * </li>
822
- * <li>
823
- * <p>Subject key identifier</p>
824
- * </li>
825
- * <li>
826
- * <p>Issuer alternative name</p>
827
- * </li>
828
- * <li>
829
- * <p>Subject directory attributes</p>
830
- * </li>
831
- * <li>
832
- * <p>Subject information access</p>
833
- * </li>
834
- * <li>
835
- * <p>Certificate policies</p>
836
- * </li>
837
- * <li>
838
- * <p>Policy mappings</p>
839
- * </li>
840
- * <li>
841
- * <p>Inhibit anyPolicy</p>
842
- * </li>
843
- * </ul>
844
- * <p>ACM Private CA rejects the following extensions when they are marked critical in an imported CA
845
- * certificate or chain.</p>
846
- * <ul>
847
- * <li>
848
- * <p>Name constraints</p>
849
- * </li>
850
- * <li>
851
- * <p>Policy constraints</p>
852
- * </li>
853
- * <li>
854
- * <p>CRL distribution points</p>
855
- * </li>
856
- * <li>
857
- * <p>Authority information access</p>
858
- * </li>
859
- * <li>
860
- * <p>Freshest CRL</p>
861
- * </li>
862
- * <li>
863
- * <p>Any other extension</p>
864
- * </li>
865
- * </ul>
866
- */
867
- public importCertificateAuthorityCertificate(
868
- args: ImportCertificateAuthorityCertificateCommandInput,
869
- options?: __HttpHandlerOptions
870
- ): Promise<ImportCertificateAuthorityCertificateCommandOutput>;
871
- public importCertificateAuthorityCertificate(
872
- args: ImportCertificateAuthorityCertificateCommandInput,
873
- cb: (err: any, data?: ImportCertificateAuthorityCertificateCommandOutput) => void
874
- ): void;
875
- public importCertificateAuthorityCertificate(
876
- args: ImportCertificateAuthorityCertificateCommandInput,
877
- options: __HttpHandlerOptions,
878
- cb: (err: any, data?: ImportCertificateAuthorityCertificateCommandOutput) => void
879
- ): void;
880
- public importCertificateAuthorityCertificate(
881
- args: ImportCertificateAuthorityCertificateCommandInput,
882
- optionsOrCb?:
883
- | __HttpHandlerOptions
884
- | ((err: any, data?: ImportCertificateAuthorityCertificateCommandOutput) => void),
885
- cb?: (err: any, data?: ImportCertificateAuthorityCertificateCommandOutput) => void
886
- ): Promise<ImportCertificateAuthorityCertificateCommandOutput> | void {
887
- const command = new ImportCertificateAuthorityCertificateCommand(args);
888
- if (typeof optionsOrCb === "function") {
889
- this.send(command, optionsOrCb);
890
- } else if (typeof cb === "function") {
891
- if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`);
892
- this.send(command, optionsOrCb || {}, cb);
893
- } else {
894
- return this.send(command, optionsOrCb);
895
- }
896
- }
897
-
898
- /**
899
- * <p>Uses your private certificate authority (CA), or one that has been shared with you, to
900
- * issue a client certificate. This action returns the Amazon Resource Name (ARN) of the
901
- * certificate. You can retrieve the certificate by calling the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_GetCertificate.html">GetCertificate</a> action and
902
- * specifying the ARN. </p>
903
- * <note>
904
- * <p>You cannot use the ACM <b>ListCertificateAuthorities</b> action to retrieve the ARNs of the
905
- * certificates that you issue by using ACM Private CA.</p>
906
- * </note>
907
- */
908
- public issueCertificate(
909
- args: IssueCertificateCommandInput,
910
- options?: __HttpHandlerOptions
911
- ): Promise<IssueCertificateCommandOutput>;
912
- public issueCertificate(
913
- args: IssueCertificateCommandInput,
914
- cb: (err: any, data?: IssueCertificateCommandOutput) => void
915
- ): void;
916
- public issueCertificate(
917
- args: IssueCertificateCommandInput,
918
- options: __HttpHandlerOptions,
919
- cb: (err: any, data?: IssueCertificateCommandOutput) => void
920
- ): void;
921
- public issueCertificate(
922
- args: IssueCertificateCommandInput,
923
- optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: IssueCertificateCommandOutput) => void),
924
- cb?: (err: any, data?: IssueCertificateCommandOutput) => void
925
- ): Promise<IssueCertificateCommandOutput> | void {
926
- const command = new IssueCertificateCommand(args);
927
- if (typeof optionsOrCb === "function") {
928
- this.send(command, optionsOrCb);
929
- } else if (typeof cb === "function") {
930
- if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`);
931
- this.send(command, optionsOrCb || {}, cb);
932
- } else {
933
- return this.send(command, optionsOrCb);
934
- }
935
- }
936
-
937
- /**
938
- * <p>Lists the private certificate authorities that you created by using the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthority.html">CreateCertificateAuthority</a> action.</p>
939
- */
940
- public listCertificateAuthorities(
941
- args: ListCertificateAuthoritiesCommandInput,
942
- options?: __HttpHandlerOptions
943
- ): Promise<ListCertificateAuthoritiesCommandOutput>;
944
- public listCertificateAuthorities(
945
- args: ListCertificateAuthoritiesCommandInput,
946
- cb: (err: any, data?: ListCertificateAuthoritiesCommandOutput) => void
947
- ): void;
948
- public listCertificateAuthorities(
949
- args: ListCertificateAuthoritiesCommandInput,
950
- options: __HttpHandlerOptions,
951
- cb: (err: any, data?: ListCertificateAuthoritiesCommandOutput) => void
952
- ): void;
953
- public listCertificateAuthorities(
954
- args: ListCertificateAuthoritiesCommandInput,
955
- optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: ListCertificateAuthoritiesCommandOutput) => void),
956
- cb?: (err: any, data?: ListCertificateAuthoritiesCommandOutput) => void
957
- ): Promise<ListCertificateAuthoritiesCommandOutput> | void {
958
- const command = new ListCertificateAuthoritiesCommand(args);
959
- if (typeof optionsOrCb === "function") {
960
- this.send(command, optionsOrCb);
961
- } else if (typeof cb === "function") {
962
- if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`);
963
- this.send(command, optionsOrCb || {}, cb);
964
- } else {
965
- return this.send(command, optionsOrCb);
966
- }
967
- }
968
-
969
- /**
970
- * <p>List all permissions on a private CA, if any, granted to the AWS Certificate Manager (ACM) service
971
- * principal (acm.amazonaws.com). </p>
972
- * <p>These permissions allow ACM to issue and renew ACM certificates that reside in the
973
- * same AWS account as the CA. </p>
974
- * <p>Permissions can be granted with the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreatePermission.html">CreatePermission</a> action and
975
- * revoked with the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_DeletePermission.html">DeletePermission</a> action.</p>
976
- * <p class="title">
977
- * <b>About Permissions</b>
978
- * </p>
979
- * <ul>
980
- * <li>
981
- * <p>If the private CA and the certificates it issues reside in the same
982
- * account, you can use <code>CreatePermission</code> to grant permissions for ACM to
983
- * carry out automatic certificate renewals.</p>
984
- * </li>
985
- * <li>
986
- * <p>For automatic certificate renewal to succeed, the ACM service principal
987
- * needs permissions to create, retrieve, and list certificates.</p>
988
- * </li>
989
- * <li>
990
- * <p>If the private CA and the ACM certificates reside in different accounts,
991
- * then permissions cannot be used to enable automatic renewals. Instead,
992
- * the ACM certificate owner must set up a resource-based policy to enable
993
- * cross-account issuance and renewals. For more information, see
994
- * <a href="https://docs.aws.amazon.com/acm-pca/latest/userguide/pca-rbp.html">Using a Resource
995
- * Based Policy with ACM Private CA</a>.</p>
996
- * </li>
997
- * </ul>
998
- */
999
- public listPermissions(
1000
- args: ListPermissionsCommandInput,
1001
- options?: __HttpHandlerOptions
1002
- ): Promise<ListPermissionsCommandOutput>;
1003
- public listPermissions(
1004
- args: ListPermissionsCommandInput,
1005
- cb: (err: any, data?: ListPermissionsCommandOutput) => void
1006
- ): void;
1007
- public listPermissions(
1008
- args: ListPermissionsCommandInput,
1009
- options: __HttpHandlerOptions,
1010
- cb: (err: any, data?: ListPermissionsCommandOutput) => void
1011
- ): void;
1012
- public listPermissions(
1013
- args: ListPermissionsCommandInput,
1014
- optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: ListPermissionsCommandOutput) => void),
1015
- cb?: (err: any, data?: ListPermissionsCommandOutput) => void
1016
- ): Promise<ListPermissionsCommandOutput> | void {
1017
- const command = new ListPermissionsCommand(args);
1018
- if (typeof optionsOrCb === "function") {
1019
- this.send(command, optionsOrCb);
1020
- } else if (typeof cb === "function") {
1021
- if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`);
1022
- this.send(command, optionsOrCb || {}, cb);
1023
- } else {
1024
- return this.send(command, optionsOrCb);
1025
- }
1026
- }
1027
-
1028
- /**
1029
- * <p>Lists the tags, if any, that are associated with your private CA or one that has been
1030
- * shared with you. Tags are labels that you can use to identify and organize your CAs.
1031
- * Each tag consists of a key and an optional value. Call the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_TagCertificateAuthority.html">TagCertificateAuthority</a>
1032
- * action to add one or more tags to your CA. Call the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_UntagCertificateAuthority.html">UntagCertificateAuthority</a> action to remove tags. </p>
1033
- */
1034
- public listTags(args: ListTagsCommandInput, options?: __HttpHandlerOptions): Promise<ListTagsCommandOutput>;
1035
- public listTags(args: ListTagsCommandInput, cb: (err: any, data?: ListTagsCommandOutput) => void): void;
1036
- public listTags(
1037
- args: ListTagsCommandInput,
1038
- options: __HttpHandlerOptions,
1039
- cb: (err: any, data?: ListTagsCommandOutput) => void
1040
- ): void;
1041
- public listTags(
1042
- args: ListTagsCommandInput,
1043
- optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: ListTagsCommandOutput) => void),
1044
- cb?: (err: any, data?: ListTagsCommandOutput) => void
1045
- ): Promise<ListTagsCommandOutput> | void {
1046
- const command = new ListTagsCommand(args);
1047
- if (typeof optionsOrCb === "function") {
1048
- this.send(command, optionsOrCb);
1049
- } else if (typeof cb === "function") {
1050
- if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`);
1051
- this.send(command, optionsOrCb || {}, cb);
1052
- } else {
1053
- return this.send(command, optionsOrCb);
1054
- }
1055
- }
1056
-
1057
- /**
1058
- * <p>Attaches a resource-based policy to a private CA. </p>
1059
- * <p>A policy can also be applied by sharing a private CA through AWS Resource Access
1060
- * Manager (RAM). For more information, see <a href="https://docs.aws.amazon.com/acm-pca/latest/userguide/pca-ram.html">Attach a Policy for Cross-Account
1061
- * Access</a>.</p>
1062
- * <p>The policy can be displayed with <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_GetPolicy.html">GetPolicy</a> and removed with <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_DeletePolicy.html">DeletePolicy</a>.</p>
1063
- * <p class="title">
1064
- * <b>About Policies</b>
1065
- * </p>
1066
- * <ul>
1067
- * <li>
1068
- * <p>A policy grants access on a private CA to an AWS customer account, to AWS Organizations, or to
1069
- * an AWS Organizations unit. Policies are under the control of a CA administrator. For more information,
1070
- * see <a href="https://docs.aws.amazon.com/acm-pca/latest/userguide/pca-rbp.html">Using a Resource Based Policy with ACM Private CA</a>.</p>
1071
- * </li>
1072
- * <li>
1073
- * <p>A policy permits a user of AWS Certificate Manager (ACM) to issue ACM certificates
1074
- * signed by a CA in another account.</p>
1075
- * </li>
1076
- * <li>
1077
- * <p>For ACM to manage automatic renewal of these certificates,
1078
- * the ACM user must configure a Service Linked Role (SLR). The SLR allows
1079
- * the ACM service to assume the identity of the user, subject to confirmation against the
1080
- * ACM Private CA policy. For more information, see
1081
- * <a href="https://docs.aws.amazon.com/acm/latest/userguide/acm-slr.html">Using a
1082
- * Service Linked Role with ACM</a>.</p>
1083
- * </li>
1084
- * <li>
1085
- * <p>Updates made in AWS Resource Manager (RAM) are reflected in policies. For more information,
1086
- * see <a href="https://docs.aws.amazon.com/acm-pca/latest/userguide/pca-ram.html">Attach a Policy for Cross-Account
1087
- * Access</a>.</p>
1088
- * </li>
1089
- * </ul>
1090
- */
1091
- public putPolicy(args: PutPolicyCommandInput, options?: __HttpHandlerOptions): Promise<PutPolicyCommandOutput>;
1092
- public putPolicy(args: PutPolicyCommandInput, cb: (err: any, data?: PutPolicyCommandOutput) => void): void;
1093
- public putPolicy(
1094
- args: PutPolicyCommandInput,
1095
- options: __HttpHandlerOptions,
1096
- cb: (err: any, data?: PutPolicyCommandOutput) => void
1097
- ): void;
1098
- public putPolicy(
1099
- args: PutPolicyCommandInput,
1100
- optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: PutPolicyCommandOutput) => void),
1101
- cb?: (err: any, data?: PutPolicyCommandOutput) => void
1102
- ): Promise<PutPolicyCommandOutput> | void {
1103
- const command = new PutPolicyCommand(args);
1104
- if (typeof optionsOrCb === "function") {
1105
- this.send(command, optionsOrCb);
1106
- } else if (typeof cb === "function") {
1107
- if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`);
1108
- this.send(command, optionsOrCb || {}, cb);
1109
- } else {
1110
- return this.send(command, optionsOrCb);
1111
- }
1112
- }
1113
-
1114
- /**
1115
- * <p>Restores a certificate authority (CA) that is in the <code>DELETED</code> state. You
1116
- * can restore a CA during the period that you defined in the <b>PermanentDeletionTimeInDays</b> parameter of the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_DeleteCertificateAuthority.html">DeleteCertificateAuthority</a> action. Currently, you can specify 7 to 30 days.
1117
- * If you did not specify a <b>PermanentDeletionTimeInDays</b>
1118
- * value, by default you can restore the CA at any time in a 30 day period. You can check
1119
- * the time remaining in the restoration period of a private CA in the <code>DELETED</code>
1120
- * state by calling the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_DescribeCertificateAuthority.html">DescribeCertificateAuthority</a> or <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_ListCertificateAuthorities.html">ListCertificateAuthorities</a> actions. The status of a restored CA is set to
1121
- * its pre-deletion status when the <b>RestoreCertificateAuthority</b> action returns. To change its status to
1122
- * <code>ACTIVE</code>, call the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_UpdateCertificateAuthority.html">UpdateCertificateAuthority</a> action. If the private CA was in the
1123
- * <code>PENDING_CERTIFICATE</code> state at deletion, you must use the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_ImportCertificateAuthorityCertificate.html">ImportCertificateAuthorityCertificate</a> action to import a certificate
1124
- * authority into the private CA before it can be activated. You cannot restore a CA after
1125
- * the restoration period has ended.</p>
1126
- */
1127
- public restoreCertificateAuthority(
1128
- args: RestoreCertificateAuthorityCommandInput,
1129
- options?: __HttpHandlerOptions
1130
- ): Promise<RestoreCertificateAuthorityCommandOutput>;
1131
- public restoreCertificateAuthority(
1132
- args: RestoreCertificateAuthorityCommandInput,
1133
- cb: (err: any, data?: RestoreCertificateAuthorityCommandOutput) => void
1134
- ): void;
1135
- public restoreCertificateAuthority(
1136
- args: RestoreCertificateAuthorityCommandInput,
1137
- options: __HttpHandlerOptions,
1138
- cb: (err: any, data?: RestoreCertificateAuthorityCommandOutput) => void
1139
- ): void;
1140
- public restoreCertificateAuthority(
1141
- args: RestoreCertificateAuthorityCommandInput,
1142
- optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: RestoreCertificateAuthorityCommandOutput) => void),
1143
- cb?: (err: any, data?: RestoreCertificateAuthorityCommandOutput) => void
1144
- ): Promise<RestoreCertificateAuthorityCommandOutput> | void {
1145
- const command = new RestoreCertificateAuthorityCommand(args);
1146
- if (typeof optionsOrCb === "function") {
1147
- this.send(command, optionsOrCb);
1148
- } else if (typeof cb === "function") {
1149
- if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`);
1150
- this.send(command, optionsOrCb || {}, cb);
1151
- } else {
1152
- return this.send(command, optionsOrCb);
1153
- }
1154
- }
1155
-
1156
- /**
1157
- * <p>Revokes a certificate that was issued inside ACM Private CA. If you enable a certificate
1158
- * revocation list (CRL) when you create or update your private CA, information about the
1159
- * revoked certificates will be included in the CRL. ACM Private CA writes the CRL to an S3 bucket
1160
- * that you specify. A CRL is typically updated approximately 30 minutes after a
1161
- * certificate is revoked. If for any reason the CRL update fails, ACM Private CA attempts makes
1162
- * further attempts every 15 minutes. With Amazon CloudWatch, you can create alarms for the
1163
- * metrics <code>CRLGenerated</code> and <code>MisconfiguredCRLBucket</code>. For more
1164
- * information, see <a href="https://docs.aws.amazon.com/acm-pca/latest/userguide/PcaCloudWatch.html">Supported CloudWatch Metrics</a>.</p>
1165
- * <note>
1166
- * <p>Both PCA and the IAM principal must have permission to write to
1167
- * the S3 bucket that you specify. If the IAM principal making the call
1168
- * does not have permission to write to the bucket, then an exception is
1169
- * thrown. For more information, see <a href="https://docs.aws.amazon.com/acm-pca/latest/userguide/PcaAuthAccess.html">Configure
1170
- * Access to ACM Private CA</a>.</p>
1171
- * </note>
1172
- * <p>ACM Private CA also writes
1173
- * revocation information to the audit report. For more information, see <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_CreateCertificateAuthorityAuditReport.html">CreateCertificateAuthorityAuditReport</a>.</p>
1174
- * <note>
1175
- * <p>You cannot revoke a root CA self-signed certificate.</p>
1176
- * </note>
1177
- */
1178
- public revokeCertificate(
1179
- args: RevokeCertificateCommandInput,
1180
- options?: __HttpHandlerOptions
1181
- ): Promise<RevokeCertificateCommandOutput>;
1182
- public revokeCertificate(
1183
- args: RevokeCertificateCommandInput,
1184
- cb: (err: any, data?: RevokeCertificateCommandOutput) => void
1185
- ): void;
1186
- public revokeCertificate(
1187
- args: RevokeCertificateCommandInput,
1188
- options: __HttpHandlerOptions,
1189
- cb: (err: any, data?: RevokeCertificateCommandOutput) => void
1190
- ): void;
1191
- public revokeCertificate(
1192
- args: RevokeCertificateCommandInput,
1193
- optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: RevokeCertificateCommandOutput) => void),
1194
- cb?: (err: any, data?: RevokeCertificateCommandOutput) => void
1195
- ): Promise<RevokeCertificateCommandOutput> | void {
1196
- const command = new RevokeCertificateCommand(args);
1197
- if (typeof optionsOrCb === "function") {
1198
- this.send(command, optionsOrCb);
1199
- } else if (typeof cb === "function") {
1200
- if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`);
1201
- this.send(command, optionsOrCb || {}, cb);
1202
- } else {
1203
- return this.send(command, optionsOrCb);
1204
- }
1205
- }
1206
-
1207
- /**
1208
- * <p>Adds one or more tags to your private CA. Tags are labels that you can use to identify
1209
- * and organize your AWS resources. Each tag consists of a key and an optional value. You
1210
- * specify the private CA on input by its Amazon Resource Name (ARN). You specify the tag
1211
- * by using a key-value pair. You can apply a tag to just one private CA if you want to
1212
- * identify a specific characteristic of that CA, or you can apply the same tag to multiple
1213
- * private CAs if you want to filter for a common relationship among those CAs. To remove
1214
- * one or more tags, use the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_UntagCertificateAuthority.html">UntagCertificateAuthority</a> action. Call the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_ListTags.html">ListTags</a> action to see what tags are
1215
- * associated with your CA. </p>
1216
- */
1217
- public tagCertificateAuthority(
1218
- args: TagCertificateAuthorityCommandInput,
1219
- options?: __HttpHandlerOptions
1220
- ): Promise<TagCertificateAuthorityCommandOutput>;
1221
- public tagCertificateAuthority(
1222
- args: TagCertificateAuthorityCommandInput,
1223
- cb: (err: any, data?: TagCertificateAuthorityCommandOutput) => void
1224
- ): void;
1225
- public tagCertificateAuthority(
1226
- args: TagCertificateAuthorityCommandInput,
1227
- options: __HttpHandlerOptions,
1228
- cb: (err: any, data?: TagCertificateAuthorityCommandOutput) => void
1229
- ): void;
1230
- public tagCertificateAuthority(
1231
- args: TagCertificateAuthorityCommandInput,
1232
- optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: TagCertificateAuthorityCommandOutput) => void),
1233
- cb?: (err: any, data?: TagCertificateAuthorityCommandOutput) => void
1234
- ): Promise<TagCertificateAuthorityCommandOutput> | void {
1235
- const command = new TagCertificateAuthorityCommand(args);
1236
- if (typeof optionsOrCb === "function") {
1237
- this.send(command, optionsOrCb);
1238
- } else if (typeof cb === "function") {
1239
- if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`);
1240
- this.send(command, optionsOrCb || {}, cb);
1241
- } else {
1242
- return this.send(command, optionsOrCb);
1243
- }
1244
- }
1245
-
1246
- /**
1247
- * <p>Remove one or more tags from your private CA. A tag consists of a key-value pair. If
1248
- * you do not specify the value portion of the tag when calling this action, the tag will
1249
- * be removed regardless of value. If you specify a value, the tag is removed only if it is
1250
- * associated with the specified value. To add tags to a private CA, use the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_TagCertificateAuthority.html">TagCertificateAuthority</a>. Call the <a href="https://docs.aws.amazon.com/acm-pca/latest/APIReference/API_ListTags.html">ListTags</a> action to see what tags are
1251
- * associated with your CA. </p>
1252
- */
1253
- public untagCertificateAuthority(
1254
- args: UntagCertificateAuthorityCommandInput,
1255
- options?: __HttpHandlerOptions
1256
- ): Promise<UntagCertificateAuthorityCommandOutput>;
1257
- public untagCertificateAuthority(
1258
- args: UntagCertificateAuthorityCommandInput,
1259
- cb: (err: any, data?: UntagCertificateAuthorityCommandOutput) => void
1260
- ): void;
1261
- public untagCertificateAuthority(
1262
- args: UntagCertificateAuthorityCommandInput,
1263
- options: __HttpHandlerOptions,
1264
- cb: (err: any, data?: UntagCertificateAuthorityCommandOutput) => void
1265
- ): void;
1266
- public untagCertificateAuthority(
1267
- args: UntagCertificateAuthorityCommandInput,
1268
- optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: UntagCertificateAuthorityCommandOutput) => void),
1269
- cb?: (err: any, data?: UntagCertificateAuthorityCommandOutput) => void
1270
- ): Promise<UntagCertificateAuthorityCommandOutput> | void {
1271
- const command = new UntagCertificateAuthorityCommand(args);
1272
- if (typeof optionsOrCb === "function") {
1273
- this.send(command, optionsOrCb);
1274
- } else if (typeof cb === "function") {
1275
- if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`);
1276
- this.send(command, optionsOrCb || {}, cb);
1277
- } else {
1278
- return this.send(command, optionsOrCb);
1279
- }
1280
- }
1281
-
1282
- /**
1283
- * <p>Updates the status or configuration of a private certificate authority (CA). Your
1284
- * private CA must be in the <code>ACTIVE</code> or <code>DISABLED</code> state before you
1285
- * can update it. You can disable a private CA that is in the <code>ACTIVE</code> state or
1286
- * make a CA that is in the <code>DISABLED</code> state active again.</p>
1287
- * <note>
1288
- * <p>Both PCA and the IAM principal must have permission to write to
1289
- * the S3 bucket that you specify. If the IAM principal making the call
1290
- * does not have permission to write to the bucket, then an exception is
1291
- * thrown. For more information, see <a href="https://docs.aws.amazon.com/acm-pca/latest/userguide/PcaAuthAccess.html">Configure
1292
- * Access to ACM Private CA</a>.</p>
1293
- * </note>
1294
- */
1295
- public updateCertificateAuthority(
1296
- args: UpdateCertificateAuthorityCommandInput,
1297
- options?: __HttpHandlerOptions
1298
- ): Promise<UpdateCertificateAuthorityCommandOutput>;
1299
- public updateCertificateAuthority(
1300
- args: UpdateCertificateAuthorityCommandInput,
1301
- cb: (err: any, data?: UpdateCertificateAuthorityCommandOutput) => void
1302
- ): void;
1303
- public updateCertificateAuthority(
1304
- args: UpdateCertificateAuthorityCommandInput,
1305
- options: __HttpHandlerOptions,
1306
- cb: (err: any, data?: UpdateCertificateAuthorityCommandOutput) => void
1307
- ): void;
1308
- public updateCertificateAuthority(
1309
- args: UpdateCertificateAuthorityCommandInput,
1310
- optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: UpdateCertificateAuthorityCommandOutput) => void),
1311
- cb?: (err: any, data?: UpdateCertificateAuthorityCommandOutput) => void
1312
- ): Promise<UpdateCertificateAuthorityCommandOutput> | void {
1313
- const command = new UpdateCertificateAuthorityCommand(args);
1314
- if (typeof optionsOrCb === "function") {
1315
- this.send(command, optionsOrCb);
1316
- } else if (typeof cb === "function") {
1317
- if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`);
1318
- this.send(command, optionsOrCb || {}, cb);
1319
- } else {
1320
- return this.send(command, optionsOrCb);
1321
- }
1322
- }
1323
- }