@aws-sdk/client-acm 3.180.0 → 3.181.0

package/dist-types/models/models_0.d.ts

@@ -1,8 +1,7 @@
 import { ExceptionOptionType as __ExceptionOptionType } from "@aws-sdk/smithy-client";
 import { ACMServiceException as __BaseException } from "./ACMServiceException";
 /**
- * <p>You do not have access
- *       required to perform this action.</p>
+ * <p>You do not have access required to perform this action.</p>
  */
 export declare class AccessDeniedException extends __BaseException {
     readonly name: "AccessDeniedException";
@@ -30,11 +29,9 @@ export interface AddTagsToCertificateRequest {
     /**
      * <p>String that contains the ARN of the ACM certificate to which the tag is to be applied.
      *       This must be of the form:</p>
-     *
      *          <p>
      *             <code>arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012</code>
      *          </p>
-     *
      *          <p>For more information about ARNs, see <a href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource Names (ARNs)</a>.</p>
      */
     CertificateArn: string | undefined;
@@ -101,8 +98,7 @@ export declare class TagPolicyException extends __BaseException {
     constructor(opts: __ExceptionOptionType<TagPolicyException, __BaseException>);
 }
 /**
- * <p>The request was denied
- *       because it exceeded a quota.</p>
+ * <p>The request was denied because it exceeded a quota.</p>
  */
 export declare class ThrottlingException extends __BaseException {
     readonly name: "ThrottlingException";
@@ -127,8 +123,8 @@ export declare enum RecordType {
     CNAME = "CNAME"
 }
 /**
- * <p>Contains a DNS record value that you can use to validate ownership or control
- *       of a domain. This is used by the <a>DescribeCertificate</a> action. </p>
+ * <p>Contains a DNS record value that you can use to validate ownership or control of a domain.
+ *       This is used by the <a>DescribeCertificate</a> action. </p>
  */
 export interface ResourceRecord {
     /**
@@ -173,7 +169,6 @@ export interface DomainValidation {
     ValidationDomain?: string;
     /**
      * <p>The validation status of the domain name. This can be one of the following values:</p>
-     *
      *          <ul>
      *             <li>
      *                <p>
@@ -234,7 +229,6 @@ export interface ExtendedKeyUsage {
     /**
      * <p>An object identifier (OID) for the extension value. OIDs are strings of numbers separated
      *       by periods. The following OIDs are defined in RFC 3280 and RFC 5280. </p>
-     *
      *          <ul>
      *             <li>
      *                <p>
@@ -435,7 +429,8 @@ export interface CertificateDetail {
      */
     DomainName?: string;
     /**
-     * <p>One or more domain names (subject alternative names) included in the certificate. This
+     * <p>One or more domain names (subject alternative names)
+     *       included in the certificate. This
      *       list contains the domain names that are bound to the public key that is contained in the
      *       certificate. The subject alternative names include the canonical domain name (CN) of the
      *       certificate and additional domain names that can be used to connect to the website. </p>
@@ -470,12 +465,17 @@ export interface CertificateDetail {
      */
     IssuedAt?: Date;
     /**
-     * <p>The date and time at which the certificate was imported. This value exists only when the
+     * <p>The date and time when the certificate was imported. This value exists only when the
      *       certificate type is <code>IMPORTED</code>. </p>
      */
     ImportedAt?: Date;
     /**
      * <p>The status of the certificate.</p>
+     *          <p>A certificate enters status PENDING_VALIDATION upon being requested, unless it fails for
+     *       any of the reasons given in the troubleshooting topic <a href="https://docs.aws.amazon.com/acm/latest/userguide/troubleshooting-failed.html">Certificate request fails</a>. ACM makes
+     *       repeated attempts to validate a certificate for 72 hours and then times out. If a certificate
+     *       shows status FAILED or VALIDATION_TIMED_OUT, delete the request, correct the issue with <a href="https://docs.aws.amazon.com/acm/latest/userguide/dns-validation.html">DNS validation</a> or <a href="https://docs.aws.amazon.com/acm/latest/userguide/email-validation.html">Email validation</a>, and
+     *       try again. If validation succeeds, the certificate enters status ISSUED. </p>
      */
     Status?: CertificateStatus | string;
     /**
@@ -512,7 +512,7 @@ export interface CertificateDetail {
     /**
      * <p>The reason the certificate request failed. This value exists only when the certificate
      *       status is <code>FAILED</code>. For more information, see <a href="https://docs.aws.amazon.com/acm/latest/userguide/troubleshooting.html#troubleshooting-failed">Certificate Request
-     *         Failed</a> in the <i>Amazon Web Services Certificate Manager User Guide</i>. </p>
+     *         Failed</a> in the <i>Certificate Manager User Guide</i>. </p>
      */
     FailureReason?: FailureReason | string;
     /**
@@ -521,7 +521,7 @@ export interface CertificateDetail {
      *         <a href="https://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html">managed renewal</a> for
      *       imported certificates. For more information about the differences between certificates that
      *       you import and those that ACM provides, see <a href="https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html">Importing Certificates</a> in the
-     *         <i>Amazon Web Services Certificate Manager User Guide</i>. </p>
+     *         <i>Certificate Manager User Guide</i>. </p>
      */
     Type?: CertificateType | string;
     /**
@@ -542,8 +542,8 @@ export interface CertificateDetail {
      */
     ExtendedKeyUsages?: ExtendedKeyUsage[];
     /**
-     * <p>The Amazon Resource Name (ARN) of the ACM PCA private certificate authority (CA) that issued
-     *       the certificate. This has the following format: </p>
+     * <p>The Amazon Resource Name (ARN) of the private certificate authority (CA) that issued the
+     *       certificate. This has the following format: </p>
      *          <p>
      *             <code>arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012</code>
      *          </p>
@@ -612,9 +612,13 @@ export interface ExportCertificateRequest {
      */
     CertificateArn: string | undefined;
     /**
-     * <p>Passphrase to associate with the encrypted exported private key. If you want to later
-     *       decrypt the private key, you must have the passphrase. You can use the following OpenSSL
-     *       command to decrypt a private key: </p>
+     * <p>Passphrase to associate with the encrypted exported private key. </p>
+     *          <note>
+     *             <p>When creating your passphrase, you can use any ASCII character except #, $, or %.</p>
+     *          </note>
+     *          <p>If you want to later decrypt the private key, you must have the passphrase. You can use
+     *       the following OpenSSL command to decrypt a private key. After entering the command, you are
+     *       prompted for the passphrase.</p>
      *          <p>
      *             <code>openssl rsa -in encrypted_key.pem -out decrypted_key.pem</code>
      *          </p>
@@ -650,8 +654,7 @@ export declare class RequestInProgressException extends __BaseException {
     constructor(opts: __ExceptionOptionType<RequestInProgressException, __BaseException>);
 }
 /**
- * <p>Object containing
- *       expiration events options associated with an Amazon Web Services account.</p>
+ * <p>Object containing expiration events options associated with an Amazon Web Services account.</p>
  */
 export interface ExpiryEventsConfiguration {
     /**
@@ -664,8 +667,7 @@ export interface ExpiryEventsConfiguration {
 }
 export interface GetAccountConfigurationResponse {
     /**
-     * <p>Expiration events
-     *       configuration options associated with the Amazon Web Services account.</p>
+     * <p>Expiration events configuration options associated with the Amazon Web Services account.</p>
      */
     ExpiryEvents?: ExpiryEventsConfiguration;
 }
@@ -763,11 +765,18 @@ export interface Filters {
      *          <p>Default filtering returns only <code>RSA_1024</code> and <code>RSA_2048</code>
      *       certificates that have at least one domain. To return other certificate types, provide the
      *       desired type signatures in a comma-separated list. For example, <code>"keyTypes":
-     *         ["RSA_2048,RSA_4096"]</code> returns both <code>RSA_2048</code> and <code>RSA_4096</code>
+     *         ["RSA_2048","RSA_4096"]</code> returns both <code>RSA_2048</code> and <code>RSA_4096</code>
      *       certificates.</p>
      */
     keyTypes?: (KeyAlgorithm | string)[];
 }
+export declare enum SortBy {
+    CREATED_AT = "CREATED_AT"
+}
+export declare enum SortOrder {
+    ASCENDING = "ASCENDING",
+    DESCENDING = "DESCENDING"
+}
 export interface ListCertificatesRequest {
     /**
      * <p>Filter the certificate list by status value.</p>
@@ -791,6 +800,16 @@ export interface ListCertificatesRequest {
      *       value in a subsequent request to retrieve additional items.</p>
      */
     MaxItems?: number;
+    /**
+     * <p>Specifies the field to sort results by. If you specify <code>SortBy</code>, you must also
+     *       specify <code>SortOrder</code>.</p>
+     */
+    SortBy?: SortBy | string;
+    /**
+     * <p>Specifies the order of sorted results. If you specify <code>SortOrder</code>, you must
+     *       also specify <code>SortBy</code>.</p>
+     */
+    SortOrder?: SortOrder | string;
 }
 /**
  * <p>This structure is returned in the response object of <a>ListCertificates</a>
@@ -799,11 +818,9 @@ export interface ListCertificatesRequest {
 export interface CertificateSummary {
     /**
      * <p>Amazon Resource Name (ARN) of the certificate. This is of the form:</p>
-     *
      *          <p>
      *             <code>arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012</code>
      *          </p>
-     *
      *          <p>For more information about ARNs, see <a href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource Names (ARNs)</a>.</p>
      */
     CertificateArn?: string;
@@ -812,6 +829,101 @@ export interface CertificateSummary {
      *       certificate.</p>
      */
     DomainName?: string;
+    /**
+     * <p>One or more domain names (subject alternative names)
+     *       included in the certificate. This
+     *       list contains the domain names that are bound to the public key that is contained in the
+     *       certificate. The subject alternative names include the canonical domain name (CN) of the
+     *       certificate and additional domain names that can be used to connect to the website. </p>
+     *          <p>When called by <a href="https://docs.aws.amazon.com/acm/latestAPIReference/API_ListCertificates.html">ListCertificates</a>, this parameter will only return the first 100 subject alternative
+     *       names included in the certificate. To display the full list of subject alternative names, use
+     *         <a href="https://docs.aws.amazon.com/acm/latestAPIReference/API_DescribeCertificate.html">DescribeCertificate</a>.</p>
+     */
+    SubjectAlternativeNameSummaries?: string[];
+    /**
+     * <p>When called by <a href="https://docs.aws.amazon.com/acm/latestAPIReference/API_ListCertificates.html">ListCertificates</a>, indicates whether the full list of subject alternative names has
+     *       been included in the response. If false, the response includes all of the subject alternative
+     *       names included in the certificate. If true, the response only includes the first 100 subject
+     *       alternative names included in the certificate. To display the full list of subject alternative
+     *       names, use <a href="https://docs.aws.amazon.com/acm/latestAPIReference/API_DescribeCertificate.html">DescribeCertificate</a>.</p>
+     */
+    HasAdditionalSubjectAlternativeNames?: boolean;
+    /**
+     * <p>The status of the certificate.</p>
+     *          <p>A certificate enters status PENDING_VALIDATION upon being requested, unless it fails for
+     *       any of the reasons given in the troubleshooting topic <a href="https://docs.aws.amazon.com/acm/latest/userguide/troubleshooting-failed.html">Certificate request fails</a>. ACM makes
+     *       repeated attempts to validate a certificate for 72 hours and then times out. If a certificate
+     *       shows status FAILED or VALIDATION_TIMED_OUT, delete the request, correct the issue with <a href="https://docs.aws.amazon.com/acm/latest/userguide/dns-validation.html">DNS validation</a> or <a href="https://docs.aws.amazon.com/acm/latest/userguide/email-validation.html">Email validation</a>, and
+     *       try again. If validation succeeds, the certificate enters status ISSUED. </p>
+     */
+    Status?: CertificateStatus | string;
+    /**
+     * <p>The source of the certificate. For certificates provided by ACM, this value is
+     *         <code>AMAZON_ISSUED</code>. For certificates that you imported with <a>ImportCertificate</a>, this value is <code>IMPORTED</code>. ACM does not provide
+     *         <a href="https://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html">managed renewal</a> for
+     *       imported certificates. For more information about the differences between certificates that
+     *       you import and those that ACM provides, see <a href="https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html">Importing Certificates</a> in the
+     *         <i>Certificate Manager User Guide</i>. </p>
+     */
+    Type?: CertificateType | string;
+    /**
+     * <p>The algorithm that was used to generate the public-private key pair.</p>
+     */
+    KeyAlgorithm?: KeyAlgorithm | string;
+    /**
+     * <p>A list of Key Usage X.509 v3 extension objects. Each object is a string value that
+     *       identifies the purpose of the public key contained in the certificate. Possible extension
+     *       values include DIGITAL_SIGNATURE, KEY_ENCHIPHERMENT, NON_REPUDIATION, and more.</p>
+     */
+    KeyUsages?: (KeyUsageName | string)[];
+    /**
+     * <p>Contains a list of Extended Key Usage X.509 v3 extension objects. Each object specifies a
+     *       purpose for which the certificate public key can be used and consists of a name and an object
+     *       identifier (OID). </p>
+     */
+    ExtendedKeyUsages?: (ExtendedKeyUsageName | string)[];
+    /**
+     * <p>Indicates whether the certificate is currently in use by any Amazon Web Services resources.</p>
+     */
+    InUse?: boolean;
+    /**
+     * <p>Indicates whether the certificate has been exported. This value exists only when the
+     *       certificate type is <code>PRIVATE</code>.</p>
+     */
+    Exported?: boolean;
+    /**
+     * <p>Specifies whether the certificate is eligible for renewal. At this time, only exported
+     *       private certificates can be renewed with the <a>RenewCertificate</a>
+     *       command.</p>
+     */
+    RenewalEligibility?: RenewalEligibility | string;
+    /**
+     * <p>The time before which the certificate is not valid.</p>
+     */
+    NotBefore?: Date;
+    /**
+     * <p>The time after which the certificate is not valid.</p>
+     */
+    NotAfter?: Date;
+    /**
+     * <p>The time at which the certificate was requested.</p>
+     */
+    CreatedAt?: Date;
+    /**
+     * <p>The time at which the certificate was issued. This value exists only when the certificate
+     *       type is <code>AMAZON_ISSUED</code>. </p>
+     */
+    IssuedAt?: Date;
+    /**
+     * <p>The date and time when the certificate was imported. This value exists only when the
+     *       certificate type is <code>IMPORTED</code>. </p>
+     */
+    ImportedAt?: Date;
+    /**
+     * <p>The time at which the certificate was revoked. This value exists only when the certificate
+     *       status is <code>REVOKED</code>. </p>
+     */
+    RevokedAt?: Date;
 }
 export interface ListCertificatesResponse {
     /**
@@ -842,9 +954,8 @@ export interface ListTagsForCertificateResponse {
     Tags?: Tag[];
 }
 /**
- * <p>You are trying to
- *       update a resource or configuration that is already being created or updated. Wait for the
- *       previous operation to finish and try again.</p>
+ * <p>You are trying to update a resource or configuration that is already being created or
+ *       updated. Wait for the previous operation to finish and try again.</p>
  */
 export declare class ConflictException extends __BaseException {
     readonly name: "ConflictException";
@@ -856,23 +967,20 @@ export declare class ConflictException extends __BaseException {
 }
 export interface PutAccountConfigurationRequest {
     /**
-     * <p>Specifies expiration
-     *       events associated with an account.</p>
+     * <p>Specifies expiration events associated with an account.</p>
      */
     ExpiryEvents?: ExpiryEventsConfiguration;
     /**
-     * <p>Customer-chosen string
-     *       used to distinguish between calls to <code>PutAccountConfiguration</code>. Idempotency tokens
-     *       time out after one hour. If you call <code>PutAccountConfiguration</code> multiple times with
-     *       the same unexpired idempotency token, ACM treats it as the same request and returns the
-     *       original result. If you change the idempotency token for each call, ACM treats each call as
-     *       a new request.</p>
+     * <p>Customer-chosen string used to distinguish between calls to
+     *         <code>PutAccountConfiguration</code>. Idempotency tokens time out after one hour. If you
+     *       call <code>PutAccountConfiguration</code> multiple times with the same unexpired idempotency
+     *       token, ACM treats it as the same request and returns the original result. If you change the
+     *       idempotency token for each call, ACM treats each call as a new request.</p>
      */
     IdempotencyToken: string | undefined;
 }
 /**
- * <p>The supplied input
- *       failed to satisfy constraints of an Amazon Web Services service.</p>
+ * <p>The supplied input failed to satisfy constraints of an Amazon Web Services service.</p>
  */
 export declare class ValidationException extends __BaseException {
     readonly name: "ValidationException";
@@ -886,11 +994,9 @@ export interface RemoveTagsFromCertificateRequest {
     /**
      * <p>String that contains the ARN of the ACM Certificate with one or more tags that you want
      *       to remove. This must be of the form:</p>
-     *
      *          <p>
      *             <code>arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012</code>
      *          </p>
-     *
      *          <p>For more information about ARNs, see <a href="https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html">Amazon Resource Names (ARNs)</a>.</p>
      */
     CertificateArn: string | undefined;
@@ -960,13 +1066,14 @@ export interface DomainValidationOption {
 }
 export interface RequestCertificateRequest {
     /**
-     * <p> Fully qualified domain name (FQDN), such as www.example.com, that you want to secure with
+     * <p>Fully qualified domain name (FQDN), such as www.example.com, that you want to secure with
      *       an ACM certificate. Use an asterisk (*) to create a wildcard certificate that protects
      *       several sites in the same domain. For example, *.example.com protects www.example.com,
      *       site.example.com, and images.example.com. </p>
-     *
-     *          <p> The first domain name you enter cannot exceed 64 octets, including periods. Each
-     *       subsequent Subject Alternative Name (SAN), however, can be up to 253 octets in length. </p>
+     *          <p>In compliance with <a href="https://datatracker.ietf.org/doc/html/rfc5280">RFC
+     *         5280</a>, the length of the domain name (technically, the Common Name) that you provide
+     *       cannot exceed 64 octets (characters), including periods. To add a longer domain name, specify it in the Subject Alternative
+     *       Name field, which supports names up to 253 octets in length. </p>
      */
     DomainName: string | undefined;
     /**
@@ -982,11 +1089,9 @@ export interface RequestCertificateRequest {
      *       either name. The maximum number of domain names that you can add to an ACM certificate is
      *       100. However, the initial quota is 10 domain names. If you need more than 10 names, you must
      *       request a quota increase. For more information, see <a href="https://docs.aws.amazon.com/acm/latest/userguide/acm-limits.html">Quotas</a>.</p>
-     *
      *          <p> The maximum length of a SAN DNS name is 253 octets. The name is made up of multiple
      *       labels separated by periods. No label can be longer than 63 octets. Consider the following
      *       examples: </p>
-     *
      *          <ul>
      *             <li>
      *                <p>
@@ -1032,8 +1137,7 @@ export interface RequestCertificateRequest {
      * <p>The Amazon Resource Name (ARN) of the private certificate authority (CA) that will be used
      *       to issue the certificate. If you do not provide an ARN and you are trying to request a private
      *       certificate, ACM will attempt to issue a public certificate. For more information about
-     *       private CAs, see the <a href="https://docs.aws.amazon.com/acm-pca/latest/userguide/PcaWelcome.html">Amazon Web Services Certificate Manager Private Certificate Authority (PCA)</a> user guide. The ARN must have the following form: </p>
-     *
+     *       private CAs, see the <a href="https://docs.aws.amazon.com/acm-pca/latest/userguide/PcaWelcome.html">Certificate Manager Private Certificate Authority</a> user guide. The ARN must have the following form: </p>
      *          <p>
      *             <code>arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012</code>
      *          </p>
@@ -1070,7 +1174,6 @@ export interface ResendValidationEmailRequest {
      *       generated and returned by the <a>RequestCertificate</a> action as soon as the
      *       request is made. By default, using this parameter causes email to be sent to all top-level
      *       domains you specified in the certificate request. The ARN must be of the form: </p>
-     *
      *          <p>
      *             <code>arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012</code>
      *          </p>

package/dist-types/ts3.4/models/models_0.d.ts

@@ -303,15 +303,40 @@ export interface Filters {
   keyUsage?: (KeyUsageName | string)[];
   keyTypes?: (KeyAlgorithm | string)[];
 }
+export declare enum SortBy {
+  CREATED_AT = "CREATED_AT",
+}
+export declare enum SortOrder {
+  ASCENDING = "ASCENDING",
+  DESCENDING = "DESCENDING",
+}
 export interface ListCertificatesRequest {
   CertificateStatuses?: (CertificateStatus | string)[];
   Includes?: Filters;
   NextToken?: string;
   MaxItems?: number;
+  SortBy?: SortBy | string;
+  SortOrder?: SortOrder | string;
 }
 export interface CertificateSummary {
   CertificateArn?: string;
   DomainName?: string;
+  SubjectAlternativeNameSummaries?: string[];
+  HasAdditionalSubjectAlternativeNames?: boolean;
+  Status?: CertificateStatus | string;
+  Type?: CertificateType | string;
+  KeyAlgorithm?: KeyAlgorithm | string;
+  KeyUsages?: (KeyUsageName | string)[];
+  ExtendedKeyUsages?: (ExtendedKeyUsageName | string)[];
+  InUse?: boolean;
+  Exported?: boolean;
+  RenewalEligibility?: RenewalEligibility | string;
+  NotBefore?: Date;
+  NotAfter?: Date;
+  CreatedAt?: Date;
+  IssuedAt?: Date;
+  ImportedAt?: Date;
+  RevokedAt?: Date;
 }
 export interface ListCertificatesResponse {
   NextToken?: string;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-acm",
   "description": "AWS SDK for JavaScript Acm Client for Node.js, Browser and React Native",
-  "version": "3.180.0",
+  "version": "3.181.0",
   "scripts": {
     "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
     "build:cjs": "tsc -p tsconfig.cjs.json",
@@ -19,9 +19,9 @@
   "dependencies": {
     "@aws-crypto/sha256-browser": "2.0.0",
     "@aws-crypto/sha256-js": "2.0.0",
-    "@aws-sdk/client-sts": "3.180.0",
+    "@aws-sdk/client-sts": "3.181.0",
     "@aws-sdk/config-resolver": "3.178.0",
-    "@aws-sdk/credential-provider-node": "3.180.0",
+    "@aws-sdk/credential-provider-node": "3.181.0",
     "@aws-sdk/fetch-http-handler": "3.178.0",
     "@aws-sdk/hash-node": "3.178.0",
     "@aws-sdk/invalid-dependency": "3.178.0",