Struct aws_sdk_acmpca::Client

source · 
pub struct Client { /* private fields */ }
Expand description

Client for AWS Certificate Manager Private Certificate Authority

Client for invoking operations on AWS Certificate Manager Private Certificate Authority. Each operation on AWS Certificate Manager Private Certificate Authority is a method on this this struct. .send() MUST be invoked on the generated operations to dispatch the request to the service.

§Constructing a Client

A Config is required to construct a client. For most use cases, the aws-config crate should be used to automatically resolve this config using aws_config::load_from_env(), since this will resolve an SdkConfig which can be shared across multiple different AWS SDK clients. This config resolution process can be customized by calling aws_config::from_env() instead, which returns a ConfigLoader that uses the builder pattern to customize the default config.

In the simplest case, creating a client looks as follows:

let config = aws_config::load_from_env().await;
let client = aws_sdk_acmpca::Client::new(&config);

Occasionally, SDKs may have additional service-specific values that can be set on the Config that is absent from SdkConfig, or slightly different settings for a specific client may be desired. The Config struct implements From<&SdkConfig>, so setting these specific settings can be done as follows:

let sdk_config = ::aws_config::load_from_env().await;
let config = aws_sdk_acmpca::config::Builder::from(&sdk_config)
    .some_service_specific_setting("value")
    .build();

See the aws-config docs and Config for more information on customizing configuration.

Note: Client construction is expensive due to connection thread pool initialization, and should be done once at application start-up.

§Using the Client

A client has a function for every operation that can be performed by the service. For example, the CreateCertificateAuthority operation has a Client::create_certificate_authority, function which returns a builder for that operation. The fluent builder ultimately has a send() function that returns an async future that returns a result, as illustrated below:

let result = client.create_certificate_authority()
    .certificate_authority_type("example")
    .send()
    .await;

The underlying HTTP requests that get made by this can be modified with the customize_operation function on the fluent builder. See the customize module for more information.

§Waiters

This client provides wait_until methods behind the Waiters trait. To use them, simply import the trait, and then call one of the wait_until methods. This will return a waiter fluent builder that takes various parameters, which are documented on the builder type. Once parameters have been provided, the wait method can be called to initiate waiting.

For example, if there was a wait_until_thing method, it could look like:

let result = client.wait_until_thing()
    .thing_id("someId")
    .wait(Duration::from_secs(120))
    .await;

Implementations§

source§

impl Client

source

pub fn create_certificate_authority( &self ) -> CreateCertificateAuthorityFluentBuilder

Constructs a fluent builder for the CreateCertificateAuthority operation.

source§

impl Client

source

pub fn create_certificate_authority_audit_report( &self ) -> CreateCertificateAuthorityAuditReportFluentBuilder

Constructs a fluent builder for the CreateCertificateAuthorityAuditReport operation.

source§

impl Client

source

pub fn create_permission(&self) -> CreatePermissionFluentBuilder

Constructs a fluent builder for the CreatePermission operation.

source§

impl Client

source

pub fn delete_certificate_authority( &self ) -> DeleteCertificateAuthorityFluentBuilder

Constructs a fluent builder for the DeleteCertificateAuthority operation.

source§

impl Client

source

pub fn delete_permission(&self) -> DeletePermissionFluentBuilder

Constructs a fluent builder for the DeletePermission operation.

source§

impl Client

source

pub fn delete_policy(&self) -> DeletePolicyFluentBuilder

Constructs a fluent builder for the DeletePolicy operation.

source§

impl Client

source

pub fn describe_certificate_authority( &self ) -> DescribeCertificateAuthorityFluentBuilder

Constructs a fluent builder for the DescribeCertificateAuthority operation.

source§

impl Client

source

pub fn describe_certificate_authority_audit_report( &self ) -> DescribeCertificateAuthorityAuditReportFluentBuilder

Constructs a fluent builder for the DescribeCertificateAuthorityAuditReport operation.

source§

impl Client

source

pub fn get_certificate(&self) -> GetCertificateFluentBuilder

Constructs a fluent builder for the GetCertificate operation.

source§

impl Client

source

pub fn get_certificate_authority_certificate( &self ) -> GetCertificateAuthorityCertificateFluentBuilder

Constructs a fluent builder for the GetCertificateAuthorityCertificate operation.

source§

impl Client

source

pub fn get_certificate_authority_csr( &self ) -> GetCertificateAuthorityCsrFluentBuilder

Constructs a fluent builder for the GetCertificateAuthorityCsr operation.

source§

impl Client

source

pub fn get_policy(&self) -> GetPolicyFluentBuilder

Constructs a fluent builder for the GetPolicy operation.

source§

impl Client

source

pub fn import_certificate_authority_certificate( &self ) -> ImportCertificateAuthorityCertificateFluentBuilder

Constructs a fluent builder for the ImportCertificateAuthorityCertificate operation.

source§

impl Client

source

pub fn issue_certificate(&self) -> IssueCertificateFluentBuilder

Constructs a fluent builder for the IssueCertificate operation.

  • The fluent builder is configurable:
    • api_passthrough(ApiPassthrough) / set_api_passthrough(Option<ApiPassthrough>):
      required: false

      Specifies X.509 certificate information to be included in the issued certificate. An APIPassthrough or APICSRPassthrough template variant must be selected, or else this parameter is ignored. For more information about using these templates, see Understanding Certificate Templates.

      If conflicting or duplicate certificate information is supplied during certificate issuance, Amazon Web Services Private CA applies order of operation rules to determine what information is used.


    • certificate_authority_arn(impl Into<String>) / set_certificate_authority_arn(Option<String>):
      required: true

      The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority. This must be of the form:

      arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012


    • csr(Blob) / set_csr(Option<Blob>):
      required: true

      The certificate signing request (CSR) for the certificate you want to issue. As an example, you can use the following OpenSSL command to create the CSR and a 2048 bit RSA private key.

      openssl req -new -newkey rsa:2048 -days 365 -keyout private/test_cert_priv_key.pem -out csr/test_cert_.csr

      If you have a configuration file, you can then use the following OpenSSL command. The usr_cert block in the configuration file contains your X509 version 3 extensions.

      openssl req -new -config openssl_rsa.cnf -extensions usr_cert -newkey rsa:2048 -days 365 -keyout private/test_cert_priv_key.pem -out csr/test_cert_.csr

      Note: A CSR must provide either a subject name or a subject alternative name or the request will be rejected.


    • signing_algorithm(SigningAlgorithm) / set_signing_algorithm(Option<SigningAlgorithm>):
      required: true

      The name of the algorithm that will be used to sign the certificate to be issued.

      This parameter should not be confused with the SigningAlgorithm parameter used to sign a CSR in the CreateCertificateAuthority action.

      The specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA’s secret key.


    • template_arn(impl Into<String>) / set_template_arn(Option<String>):
      required: false

      Specifies a custom configuration template to use when issuing a certificate. If this parameter is not provided, Amazon Web Services Private CA defaults to the EndEntityCertificate/V1 template. For CA certificates, you should choose the shortest path length that meets your needs. The path length is indicated by the PathLenN portion of the ARN, where N is the CA depth.

      Note: The CA depth configured on a subordinate CA certificate must not exceed the limit set by its parents in the CA hierarchy.

      For a list of TemplateArn values supported by Amazon Web Services Private CA, see Understanding Certificate Templates.


    • validity(Validity) / set_validity(Option<Validity>):
      required: true

      Information describing the end of the validity period of the certificate. This parameter sets the “Not After” date for the certificate.

      Certificate validity is the period of time during which a certificate is valid. Validity can be expressed as an explicit date and time when the certificate expires, or as a span of time after issuance, stated in days, months, or years. For more information, see Validity in RFC 5280.

      This value is unaffected when ValidityNotBefore is also specified. For example, if Validity is set to 20 days in the future, the certificate will expire 20 days from issuance time regardless of the ValidityNotBefore value.

      The end of the validity period configured on a certificate must not exceed the limit set on its parents in the CA hierarchy.


    • validity_not_before(Validity) / set_validity_not_before(Option<Validity>):
      required: false

      Information describing the start of the validity period of the certificate. This parameter sets the “Not Before“ date for the certificate.

      By default, when issuing a certificate, Amazon Web Services Private CA sets the “Not Before” date to the issuance time minus 60 minutes. This compensates for clock inconsistencies across computer systems. The ValidityNotBefore parameter can be used to customize the “Not Before” value.

      Unlike the Validity parameter, the ValidityNotBefore parameter is optional.

      The ValidityNotBefore value is expressed as an explicit date and time, using the Validity type value ABSOLUTE. For more information, see Validity in this API reference and Validity in RFC 5280.


    • idempotency_token(impl Into<String>) / set_idempotency_token(Option<String>):
      required: false

      Alphanumeric string that can be used to distinguish between calls to the IssueCertificate action. Idempotency tokens for IssueCertificate time out after five minutes. Therefore, if you call IssueCertificate multiple times with the same idempotency token within five minutes, Amazon Web Services Private CA recognizes that you are requesting only one certificate and will issue only one. If you change the idempotency token for each call, Amazon Web Services Private CA recognizes that you are requesting multiple certificates.


  • On success, responds with IssueCertificateOutput with field(s):
    • certificate_arn(Option<String>):

      The Amazon Resource Name (ARN) of the issued certificate and the certificate serial number. This is of the form:

      arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012/certificate/286535153982981100925020015808220737245

  • On failure, responds with SdkError<IssueCertificateError>
source§

impl Client

source

pub fn list_certificate_authorities( &self ) -> ListCertificateAuthoritiesFluentBuilder

Constructs a fluent builder for the ListCertificateAuthorities operation. This operation supports pagination; See into_paginator().

source§

impl Client

source

pub fn list_permissions(&self) -> ListPermissionsFluentBuilder

Constructs a fluent builder for the ListPermissions operation. This operation supports pagination; See into_paginator().

source§

impl Client

source

pub fn list_tags(&self) -> ListTagsFluentBuilder

Constructs a fluent builder for the ListTags operation. This operation supports pagination; See into_paginator().

source§

impl Client

source

pub fn put_policy(&self) -> PutPolicyFluentBuilder

Constructs a fluent builder for the PutPolicy operation.

source§

impl Client

source

pub fn restore_certificate_authority( &self ) -> RestoreCertificateAuthorityFluentBuilder

Constructs a fluent builder for the RestoreCertificateAuthority operation.

source§

impl Client

source

pub fn revoke_certificate(&self) -> RevokeCertificateFluentBuilder

Constructs a fluent builder for the RevokeCertificate operation.

source§

impl Client

source

pub fn tag_certificate_authority(&self) -> TagCertificateAuthorityFluentBuilder

Constructs a fluent builder for the TagCertificateAuthority operation.

source§

impl Client

source

pub fn untag_certificate_authority( &self ) -> UntagCertificateAuthorityFluentBuilder

Constructs a fluent builder for the UntagCertificateAuthority operation.

source§

impl Client

source

pub fn update_certificate_authority( &self ) -> UpdateCertificateAuthorityFluentBuilder

Constructs a fluent builder for the UpdateCertificateAuthority operation.

source§

impl Client

source

pub fn from_conf(conf: Config) -> Self

Creates a new client from the service Config.

§Panics

This method will panic in the following cases:

  • Retries or timeouts are enabled without a sleep_impl configured.
  • Identity caching is enabled without a sleep_impl and time_source configured.
  • No behavior_version is provided.

The panic message for each of these will have instructions on how to resolve them.

source

pub fn config(&self) -> &Config

Returns the client’s configuration.

source§

impl Client

source

pub fn new(sdk_config: &SdkConfig) -> Self

Creates a new client from an SDK Config.

§Panics
  • This method will panic if the sdk_config is missing an async sleep implementation. If you experience this panic, set the sleep_impl on the Config passed into this function to fix it.
  • This method will panic if the sdk_config is missing an HTTP connector. If you experience this panic, set the http_connector on the Config passed into this function to fix it.
  • This method will panic if no BehaviorVersion is provided. If you experience this panic, set behavior_version on the Config or enable the behavior-version-latest Cargo feature.

Trait Implementations§

source§

impl Clone for Client

source§

fn clone(&self) -> Client

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl Debug for Client

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl Waiters for Client

source§

fn wait_until_audit_report_created(&self) -> AuditReportCreatedFluentBuilder

Wait until a Audit Report is created
source§

fn wait_until_certificate_issued(&self) -> CertificateIssuedFluentBuilder

Wait until a certificate is issued
source§

fn wait_until_certificate_authority_csr_created( &self ) -> CertificateAuthorityCsrCreatedFluentBuilder

Wait until a Certificate Authority CSR is created

Auto Trait Implementations§

§

impl Freeze for Client

§

impl !RefUnwindSafe for Client

§

impl Send for Client

§

impl Sync for Client

§

impl Unpin for Client

§

impl !UnwindSafe for Client

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T> Instrument for T

source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> IntoEither for T

source§

fn into_either(self, into_left: bool) -> Either<Self, Self>

Converts self into a Left variant of Either<Self, Self> if into_left is true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
source§

fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
where F: FnOnce(&Self) -> bool,

Converts self into a Left variant of Either<Self, Self> if into_left(&self) returns true. Converts self into a Right variant of Either<Self, Self> otherwise. Read more
source§

impl<Unshared, Shared> IntoShared<Shared> for Unshared
where Shared: FromUnshared<Unshared>,

source§

fn into_shared(self) -> Shared

Creates a shared type from an unshared type.
source§

impl<T> Same for T

§

type Output = T

Should always be Self
source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<T> WithSubscriber for T

source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more