Struct aws_sdk_acmpca::Client

pub struct Client { /* private fields */ }

Client for AWS Certificate Manager Private Certificate Authority

Client for invoking operations on AWS Certificate Manager Private Certificate Authority. Each operation on AWS Certificate Manager Private Certificate Authority is a method on this this struct. .send() MUST be invoked on the generated operations to dispatch the request to the service.

Examples

Constructing a client and invoking an operation

    // create a shared configuration. This can be used & shared between multiple service clients.
    let shared_config = aws_config::load_from_env().await;
    let client = aws_sdk_acmpca::Client::new(&shared_config);
    // invoke an operation
    /* let rsp = client
        .<operation_name>().
        .<param>("some value")
        .send().await; */

Constructing a client with custom configuration

use aws_config::RetryConfig;
let shared_config = aws_config::load_from_env().await;
let config = aws_sdk_acmpca::config::Builder::from(&shared_config)
  .retry_config(RetryConfig::disabled())
  .build();
let client = aws_sdk_acmpca::Client::from_conf(config);

Implementations

impl Client

pub fn with_config(
    client: Client<DynConnector, DynMiddleware<DynConnector>>,
    conf: Config
) -> Self

Creates a client with the given service configuration.

pub fn conf(&self) -> &Config

Returns the client’s configuration.

impl Client

pub fn create_certificate_authority(&self) -> CreateCertificateAuthority

Constructs a fluent builder for the CreateCertificateAuthority operation.

• The fluent builder is configurable:
  • certificate_authority_configuration(CertificateAuthorityConfiguration) / set_certificate_authority_configuration(Option<CertificateAuthorityConfiguration>):

    Name and bit size of the private key algorithm, the name of the signing algorithm, and X.500 certificate subject information.

  • revocation_configuration(RevocationConfiguration) / set_revocation_configuration(Option<RevocationConfiguration>):

    Contains information to enable Online Certificate Status Protocol (OCSP) support, to enable a certificate revocation list (CRL), to enable both, or to enable neither. The default is for both certificate validation mechanisms to be disabled. For more information, see the OcspConfiguration and CrlConfiguration types.

  • certificate_authority_type(CertificateAuthorityType) / set_certificate_authority_type(Option<CertificateAuthorityType>):

    The type of the certificate authority.

  • idempotency_token(impl Into<String>) / set_idempotency_token(Option<String>):

    Custom string that can be used to distinguish between calls to the CreateCertificateAuthority action. Idempotency tokens for CreateCertificateAuthority time out after five minutes. Therefore, if you call CreateCertificateAuthority multiple times with the same idempotency token within five minutes, ACM Private CA recognizes that you are requesting only certificate authority and will issue only one. If you change the idempotency token for each call, PCA recognizes that you are requesting multiple certificate authorities.

  • key_storage_security_standard(KeyStorageSecurityStandard) / set_key_storage_security_standard(Option<KeyStorageSecurityStandard>):

    Specifies a cryptographic key management compliance standard used for handling CA keys.

    Default: FIPS_140_2_LEVEL_3_OR_HIGHER

    Note: FIPS_140_2_LEVEL_3_OR_HIGHER is not supported in Region ap-northeast-3. When creating a CA in the ap-northeast-3, you must provide FIPS_140_2_LEVEL_2_OR_HIGHER as the argument for KeyStorageSecurityStandard. Failure to do this results in an InvalidArgsException with the message, “A certificate authority cannot be created in this region with the specified security standard.”

  • tags(Vec<Tag>) / set_tags(Option<Vec<Tag>>):

    Key-value pairs that will be attached to the new private CA. You can associate up to 50 tags with a private CA. For information using tags with IAM to manage permissions, see Controlling Access Using IAM Tags.

• On success, responds with CreateCertificateAuthorityOutput with field(s):
  • certificate_authority_arn(Option<String>):

    If successful, the Amazon Resource Name (ARN) of the certificate authority (CA). This is of the form:

    arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012 .

• On failure, responds with SdkError<CreateCertificateAuthorityError>

pub fn create_certificate_authority_audit_report(
    &self
) -> CreateCertificateAuthorityAuditReport

Constructs a fluent builder for the CreateCertificateAuthorityAuditReport operation.

• The fluent builder is configurable:
  • certificate_authority_arn(impl Into<String>) / set_certificate_authority_arn(Option<String>):

    The Amazon Resource Name (ARN) of the CA to be audited. This is of the form:

    arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012 .

  • s3_bucket_name(impl Into<String>) / set_s3_bucket_name(Option<String>):

    The name of the S3 bucket that will contain the audit report.

  • audit_report_response_format(AuditReportResponseFormat) / set_audit_report_response_format(Option<AuditReportResponseFormat>):

    The format in which to create the report. This can be either JSON or CSV.

• On success, responds with CreateCertificateAuthorityAuditReportOutput with field(s):
  • audit_report_id(Option<String>):

    An alphanumeric string that contains a report identifier.

  • s3_key(Option<String>):

    The key that uniquely identifies the report file in your S3 bucket.

• On failure, responds with SdkError<CreateCertificateAuthorityAuditReportError>

pub fn create_permission(&self) -> CreatePermission

Constructs a fluent builder for the CreatePermission operation.

• The fluent builder is configurable:
  • certificate_authority_arn(impl Into<String>) / set_certificate_authority_arn(Option<String>):

    The Amazon Resource Name (ARN) of the CA that grants the permissions. You can find the ARN by calling the ListCertificateAuthorities action. This must have the following form:

    arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012 .

  • principal(impl Into<String>) / set_principal(Option<String>):

    The Amazon Web Services service or identity that receives the permission. At this time, the only valid principal is acm.amazonaws.com.

  • source_account(impl Into<String>) / set_source_account(Option<String>):

    The ID of the calling account.

  • actions(Vec<ActionType>) / set_actions(Option<Vec<ActionType>>):

    The actions that the specified Amazon Web Services service principal can use. These include IssueCertificate, GetCertificate, and ListPermissions.

• On success, responds with CreatePermissionOutput
• On failure, responds with SdkError<CreatePermissionError>

pub fn delete_certificate_authority(&self) -> DeleteCertificateAuthority

Constructs a fluent builder for the DeleteCertificateAuthority operation.

• The fluent builder is configurable:
  • certificate_authority_arn(impl Into<String>) / set_certificate_authority_arn(Option<String>):

    The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority. This must have the following form:

    arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012 .

  • permanent_deletion_time_in_days(i32) / set_permanent_deletion_time_in_days(Option<i32>):

    The number of days to make a CA restorable after it has been deleted. This can be anywhere from 7 to 30 days, with 30 being the default.

• On success, responds with DeleteCertificateAuthorityOutput
• On failure, responds with SdkError<DeleteCertificateAuthorityError>

pub fn delete_permission(&self) -> DeletePermission

Constructs a fluent builder for the DeletePermission operation.

• The fluent builder is configurable:
  • certificate_authority_arn(impl Into<String>) / set_certificate_authority_arn(Option<String>):

    The Amazon Resource Number (ARN) of the private CA that issued the permissions. You can find the CA’s ARN by calling the ListCertificateAuthorities action. This must have the following form:

    arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012 .

  • principal(impl Into<String>) / set_principal(Option<String>):

    The Amazon Web Services service or identity that will have its CA permissions revoked. At this time, the only valid service principal is acm.amazonaws.com

  • source_account(impl Into<String>) / set_source_account(Option<String>):

    The Amazon Web Services account that calls this action.

• On success, responds with DeletePermissionOutput
• On failure, responds with SdkError<DeletePermissionError>

pub fn delete_policy(&self) -> DeletePolicy

Constructs a fluent builder for the DeletePolicy operation.

• The fluent builder is configurable:
  • resource_arn(impl Into<String>) / set_resource_arn(Option<String>):

    The Amazon Resource Number (ARN) of the private CA that will have its policy deleted. You can find the CA’s ARN by calling the ListCertificateAuthorities action. The ARN value must have the form arn:aws:acm-pca:region:account:certificate-authority/01234567-89ab-cdef-0123-0123456789ab.

• On success, responds with DeletePolicyOutput
• On failure, responds with SdkError<DeletePolicyError>

pub fn describe_certificate_authority(&self) -> DescribeCertificateAuthority

Constructs a fluent builder for the DescribeCertificateAuthority operation.

• The fluent builder is configurable:
  • certificate_authority_arn(impl Into<String>) / set_certificate_authority_arn(Option<String>):

    The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority. This must be of the form:

    arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012 .

• On success, responds with DescribeCertificateAuthorityOutput with field(s):
  • certificate_authority(Option<CertificateAuthority>):

    A CertificateAuthority structure that contains information about your private CA.

• On failure, responds with SdkError<DescribeCertificateAuthorityError>

pub fn describe_certificate_authority_audit_report(
    &self
) -> DescribeCertificateAuthorityAuditReport

Constructs a fluent builder for the DescribeCertificateAuthorityAuditReport operation.

• The fluent builder is configurable:
  • certificate_authority_arn(impl Into<String>) / set_certificate_authority_arn(Option<String>):

    The Amazon Resource Name (ARN) of the private CA. This must be of the form:

    arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012 .

  • audit_report_id(impl Into<String>) / set_audit_report_id(Option<String>):

    The report ID returned by calling the CreateCertificateAuthorityAuditReport action.

• On success, responds with DescribeCertificateAuthorityAuditReportOutput with field(s):
  • audit_report_status(Option<AuditReportStatus>):

    Specifies whether report creation is in progress, has succeeded, or has failed.

  • s3_bucket_name(Option<String>):

    Name of the S3 bucket that contains the report.

  • s3_key(Option<String>):

    S3 key that uniquely identifies the report file in your S3 bucket.

  • created_at(Option<DateTime>):

    The date and time at which the report was created.

• On failure, responds with SdkError<DescribeCertificateAuthorityAuditReportError>

pub fn get_certificate(&self) -> GetCertificate

Constructs a fluent builder for the GetCertificate operation.

• The fluent builder is configurable:
  • certificate_authority_arn(impl Into<String>) / set_certificate_authority_arn(Option<String>):

    The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority. This must be of the form:

    arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012 .

  • certificate_arn(impl Into<String>) / set_certificate_arn(Option<String>):

    The ARN of the issued certificate. The ARN contains the certificate serial number and must be in the following form:

    arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012/certificate/286535153982981100925020015808220737245

• On success, responds with GetCertificateOutput with field(s):
  • certificate(Option<String>):

    The base64 PEM-encoded certificate specified by the CertificateArn parameter.

  • certificate_chain(Option<String>):

    The base64 PEM-encoded certificate chain that chains up to the root CA certificate that you used to sign your private CA certificate.

• On failure, responds with SdkError<GetCertificateError>

pub fn get_certificate_authority_certificate(
    &self
) -> GetCertificateAuthorityCertificate

Constructs a fluent builder for the GetCertificateAuthorityCertificate operation.

• The fluent builder is configurable:
  • certificate_authority_arn(impl Into<String>) / set_certificate_authority_arn(Option<String>):

    The Amazon Resource Name (ARN) of your private CA. This is of the form:

    arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012 .

• On success, responds with GetCertificateAuthorityCertificateOutput with field(s):
  • certificate(Option<String>):

    Base64-encoded certificate authority (CA) certificate.

  • certificate_chain(Option<String>):

    Base64-encoded certificate chain that includes any intermediate certificates and chains up to root certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. If this is a root CA, the value will be null.

• On failure, responds with SdkError<GetCertificateAuthorityCertificateError>

pub fn get_certificate_authority_csr(&self) -> GetCertificateAuthorityCsr

Constructs a fluent builder for the GetCertificateAuthorityCsr operation.

• The fluent builder is configurable:
  • certificate_authority_arn(impl Into<String>) / set_certificate_authority_arn(Option<String>):

    The Amazon Resource Name (ARN) that was returned when you called the CreateCertificateAuthority action. This must be of the form:

    arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012

• On success, responds with GetCertificateAuthorityCsrOutput with field(s):
  • csr(Option<String>):

    The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.

• On failure, responds with SdkError<GetCertificateAuthorityCsrError>

pub fn get_policy(&self) -> GetPolicy

Constructs a fluent builder for the GetPolicy operation.

• The fluent builder is configurable:
  • resource_arn(impl Into<String>) / set_resource_arn(Option<String>):

    The Amazon Resource Number (ARN) of the private CA that will have its policy retrieved. You can find the CA’s ARN by calling the ListCertificateAuthorities action.

• On success, responds with GetPolicyOutput with field(s):
  • policy(Option<String>):

    The policy attached to the private CA as a JSON document.

• On failure, responds with SdkError<GetPolicyError>

pub fn import_certificate_authority_certificate(
    &self
) -> ImportCertificateAuthorityCertificate

Constructs a fluent builder for the ImportCertificateAuthorityCertificate operation.

• The fluent builder is configurable:
  • certificate_authority_arn(impl Into<String>) / set_certificate_authority_arn(Option<String>):

    The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority. This must be of the form:

    arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012

  • certificate(Blob) / set_certificate(Option<Blob>):

    The PEM-encoded certificate for a private CA. This may be a self-signed certificate in the case of a root CA, or it may be signed by another CA that you control.

  • certificate_chain(Blob) / set_certificate_chain(Option<Blob>):

    A PEM-encoded file that contains all of your certificates, other than the certificate you’re importing, chaining up to your root CA. Your ACM Private CA-hosted or on-premises root certificate is the last in the chain, and each certificate in the chain signs the one preceding.

    This parameter must be supplied when you import a subordinate CA. When you import a root CA, there is no chain.

• On success, responds with ImportCertificateAuthorityCertificateOutput
• On failure, responds with SdkError<ImportCertificateAuthorityCertificateError>

pub fn issue_certificate(&self) -> IssueCertificate

Constructs a fluent builder for the IssueCertificate operation.

• The fluent builder is configurable:
  • api_passthrough(ApiPassthrough) / set_api_passthrough(Option<ApiPassthrough>):

    Specifies X.509 certificate information to be included in the issued certificate. An APIPassthrough or APICSRPassthrough template variant must be selected, or else this parameter is ignored. For more information about using these templates, see Understanding Certificate Templates.

    If conflicting or duplicate certificate information is supplied during certificate issuance, ACM Private CA applies order of operation rules to determine what information is used.

  • certificate_authority_arn(impl Into<String>) / set_certificate_authority_arn(Option<String>):

    The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority. This must be of the form:

    arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012

  • csr(Blob) / set_csr(Option<Blob>):

    The certificate signing request (CSR) for the certificate you want to issue. As an example, you can use the following OpenSSL command to create the CSR and a 2048 bit RSA private key.

    openssl req -new -newkey rsa:2048 -days 365 -keyout private/test_cert_priv_key.pem -out csr/test_cert_.csr

    If you have a configuration file, you can then use the following OpenSSL command. The usr_cert block in the configuration file contains your X509 version 3 extensions.

    openssl req -new -config openssl_rsa.cnf -extensions usr_cert -newkey rsa:2048 -days 365 -keyout private/test_cert_priv_key.pem -out csr/test_cert_.csr

    Note: A CSR must provide either a subject name or a subject alternative name or the request will be rejected.

  • signing_algorithm(SigningAlgorithm) / set_signing_algorithm(Option<SigningAlgorithm>):

    The name of the algorithm that will be used to sign the certificate to be issued.

    This parameter should not be confused with the SigningAlgorithm parameter used to sign a CSR in the CreateCertificateAuthority action.

    The specified signing algorithm family (RSA or ECDSA) much match the algorithm family of the CA’s secret key.

  • template_arn(impl Into<String>) / set_template_arn(Option<String>):

    Specifies a custom configuration template to use when issuing a certificate. If this parameter is not provided, ACM Private CA defaults to the EndEntityCertificate/V1 template. For CA certificates, you should choose the shortest path length that meets your needs. The path length is indicated by the PathLenN portion of the ARN, where N is the CA depth.

    Note: The CA depth configured on a subordinate CA certificate must not exceed the limit set by its parents in the CA hierarchy.

    For a list of TemplateArn values supported by ACM Private CA, see Understanding Certificate Templates.

  • validity(Validity) / set_validity(Option<Validity>):

    Information describing the end of the validity period of the certificate. This parameter sets the “Not After” date for the certificate.

    Certificate validity is the period of time during which a certificate is valid. Validity can be expressed as an explicit date and time when the certificate expires, or as a span of time after issuance, stated in days, months, or years. For more information, see Validity in RFC 5280.

    This value is unaffected when ValidityNotBefore is also specified. For example, if Validity is set to 20 days in the future, the certificate will expire 20 days from issuance time regardless of the ValidityNotBefore value.

    The end of the validity period configured on a certificate must not exceed the limit set on its parents in the CA hierarchy.

  • validity_not_before(Validity) / set_validity_not_before(Option<Validity>):

    Information describing the start of the validity period of the certificate. This parameter sets the “Not Before“ date for the certificate.

    By default, when issuing a certificate, ACM Private CA sets the “Not Before” date to the issuance time minus 60 minutes. This compensates for clock inconsistencies across computer systems. The ValidityNotBefore parameter can be used to customize the “Not Before” value.

    Unlike the Validity parameter, the ValidityNotBefore parameter is optional.

    The ValidityNotBefore value is expressed as an explicit date and time, using the Validity type value ABSOLUTE. For more information, see Validity in this API reference and Validity in RFC 5280.

  • idempotency_token(impl Into<String>) / set_idempotency_token(Option<String>):

    Alphanumeric string that can be used to distinguish between calls to the IssueCertificate action. Idempotency tokens for IssueCertificate time out after one minute. Therefore, if you call IssueCertificate multiple times with the same idempotency token within one minute, ACM Private CA recognizes that you are requesting only one certificate and will issue only one. If you change the idempotency token for each call, PCA recognizes that you are requesting multiple certificates.

• On success, responds with IssueCertificateOutput with field(s):
  • certificate_arn(Option<String>):

    The Amazon Resource Name (ARN) of the issued certificate and the certificate serial number. This is of the form:

    arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012/certificate/286535153982981100925020015808220737245

• On failure, responds with SdkError<IssueCertificateError>

pub fn list_certificate_authorities(&self) -> ListCertificateAuthorities

Constructs a fluent builder for the ListCertificateAuthorities operation. This operation supports pagination; See into_paginator().

• The fluent builder is configurable:
  • next_token(impl Into<String>) / set_next_token(Option<String>):

    Use this parameter when paginating results in a subsequent request after you receive a response with truncated results. Set it to the value of the NextToken parameter from the response you just received.

  • max_results(i32) / set_max_results(Option<i32>):

    Use this parameter when paginating results to specify the maximum number of items to return in the response on each page. If additional items exist beyond the number you specify, the NextToken element is sent in the response. Use this NextToken value in a subsequent request to retrieve additional items.

  • resource_owner(ResourceOwner) / set_resource_owner(Option<ResourceOwner>):

    Use this parameter to filter the returned set of certificate authorities based on their owner. The default is SELF.

• On success, responds with ListCertificateAuthoritiesOutput with field(s):
  • certificate_authorities(Option<Vec<CertificateAuthority>>):

    Summary information about each certificate authority you have created.

  • next_token(Option<String>):

    When the list is truncated, this value is present and should be used for the NextToken parameter in a subsequent pagination request.

• On failure, responds with SdkError<ListCertificateAuthoritiesError>

pub fn list_permissions(&self) -> ListPermissions

Constructs a fluent builder for the ListPermissions operation. This operation supports pagination; See into_paginator().

• The fluent builder is configurable:
  • certificate_authority_arn(impl Into<String>) / set_certificate_authority_arn(Option<String>):

    The Amazon Resource Number (ARN) of the private CA to inspect. You can find the ARN by calling the ListCertificateAuthorities action. This must be of the form: arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012 You can get a private CA’s ARN by running the ListCertificateAuthorities action.

  • next_token(impl Into<String>) / set_next_token(Option<String>):

    When paginating results, use this parameter in a subsequent request after you receive a response with truncated results. Set it to the value of NextToken from the response you just received.

  • max_results(i32) / set_max_results(Option<i32>):

    When paginating results, use this parameter to specify the maximum number of items to return in the response. If additional items exist beyond the number you specify, the NextToken element is sent in the response. Use this NextToken value in a subsequent request to retrieve additional items.

• On success, responds with ListPermissionsOutput with field(s):
  • permissions(Option<Vec<Permission>>):

    Summary information about each permission assigned by the specified private CA, including the action enabled, the policy provided, and the time of creation.

  • next_token(Option<String>):

    When the list is truncated, this value is present and should be used for the NextToken parameter in a subsequent pagination request.

• On failure, responds with SdkError<ListPermissionsError>

pub fn list_tags(&self) -> ListTags

Constructs a fluent builder for the ListTags operation. This operation supports pagination; See into_paginator().

• The fluent builder is configurable:
  • certificate_authority_arn(impl Into<String>) / set_certificate_authority_arn(Option<String>):

    The Amazon Resource Name (ARN) that was returned when you called the CreateCertificateAuthority action. This must be of the form:

    arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012

  • next_token(impl Into<String>) / set_next_token(Option<String>):

    Use this parameter when paginating results in a subsequent request after you receive a response with truncated results. Set it to the value of NextToken from the response you just received.

  • max_results(i32) / set_max_results(Option<i32>):

    Use this parameter when paginating results to specify the maximum number of items to return in the response. If additional items exist beyond the number you specify, the NextToken element is sent in the response. Use this NextToken value in a subsequent request to retrieve additional items.

• On success, responds with ListTagsOutput with field(s):
  • tags(Option<Vec<Tag>>):

    The tags associated with your private CA.

  • next_token(Option<String>):

    When the list is truncated, this value is present and should be used for the NextToken parameter in a subsequent pagination request.

• On failure, responds with SdkError<ListTagsError>

pub fn put_policy(&self) -> PutPolicy

Constructs a fluent builder for the PutPolicy operation.

• The fluent builder is configurable:
  • resource_arn(impl Into<String>) / set_resource_arn(Option<String>):

    The Amazon Resource Number (ARN) of the private CA to associate with the policy. The ARN of the CA can be found by calling the ListCertificateAuthorities action.

  • policy(impl Into<String>) / set_policy(Option<String>):

    The path and file name of a JSON-formatted IAM policy to attach to the specified private CA resource. If this policy does not contain all required statements or if it includes any statement that is not allowed, the PutPolicy action returns an InvalidPolicyException. For information about IAM policy and statement structure, see Overview of JSON Policies.

• On success, responds with PutPolicyOutput
• On failure, responds with SdkError<PutPolicyError>

pub fn restore_certificate_authority(&self) -> RestoreCertificateAuthority

Constructs a fluent builder for the RestoreCertificateAuthority operation.

• The fluent builder is configurable:
  • certificate_authority_arn(impl Into<String>) / set_certificate_authority_arn(Option<String>):

    The Amazon Resource Name (ARN) that was returned when you called the CreateCertificateAuthority action. This must be of the form:

    arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012

• On success, responds with RestoreCertificateAuthorityOutput
• On failure, responds with SdkError<RestoreCertificateAuthorityError>

pub fn revoke_certificate(&self) -> RevokeCertificate

Constructs a fluent builder for the RevokeCertificate operation.

• The fluent builder is configurable:
  • certificate_authority_arn(impl Into<String>) / set_certificate_authority_arn(Option<String>):

    Amazon Resource Name (ARN) of the private CA that issued the certificate to be revoked. This must be of the form:

    arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012

  • certificate_serial(impl Into<String>) / set_certificate_serial(Option<String>):

    Serial number of the certificate to be revoked. This must be in hexadecimal format. You can retrieve the serial number by calling GetCertificate with the Amazon Resource Name (ARN) of the certificate you want and the ARN of your private CA. The GetCertificate action retrieves the certificate in the PEM format. You can use the following OpenSSL command to list the certificate in text format and copy the hexadecimal serial number.

    openssl x509 -in file_path -text -noout

    You can also copy the serial number from the console or use the DescribeCertificate action in the Certificate Manager API Reference.

  • revocation_reason(RevocationReason) / set_revocation_reason(Option<RevocationReason>):

    Specifies why you revoked the certificate.

• On success, responds with RevokeCertificateOutput
• On failure, responds with SdkError<RevokeCertificateError>

pub fn tag_certificate_authority(&self) -> TagCertificateAuthority

Constructs a fluent builder for the TagCertificateAuthority operation.

• The fluent builder is configurable:
  • certificate_authority_arn(impl Into<String>) / set_certificate_authority_arn(Option<String>):

    The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority. This must be of the form:

    arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012

  • tags(Vec<Tag>) / set_tags(Option<Vec<Tag>>):

    List of tags to be associated with the CA.

• On success, responds with TagCertificateAuthorityOutput
• On failure, responds with SdkError<TagCertificateAuthorityError>

pub fn untag_certificate_authority(&self) -> UntagCertificateAuthority

Constructs a fluent builder for the UntagCertificateAuthority operation.

• The fluent builder is configurable:
  • certificate_authority_arn(impl Into<String>) / set_certificate_authority_arn(Option<String>):

    The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority. This must be of the form:

    arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012

  • tags(Vec<Tag>) / set_tags(Option<Vec<Tag>>):

    List of tags to be removed from the CA.

• On success, responds with UntagCertificateAuthorityOutput
• On failure, responds with SdkError<UntagCertificateAuthorityError>

pub fn update_certificate_authority(&self) -> UpdateCertificateAuthority

Constructs a fluent builder for the UpdateCertificateAuthority operation.

• The fluent builder is configurable:
  • certificate_authority_arn(impl Into<String>) / set_certificate_authority_arn(Option<String>):

    Amazon Resource Name (ARN) of the private CA that issued the certificate to be revoked. This must be of the form:

    arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012

  • revocation_configuration(RevocationConfiguration) / set_revocation_configuration(Option<RevocationConfiguration>):

    Contains information to enable Online Certificate Status Protocol (OCSP) support, to enable a certificate revocation list (CRL), to enable both, or to enable neither. If this parameter is not supplied, existing capibilites remain unchanged. For more information, see the OcspConfiguration and CrlConfiguration types.

  • status(CertificateAuthorityStatus) / set_status(Option<CertificateAuthorityStatus>):

    Status of your private CA.

• On success, responds with UpdateCertificateAuthorityOutput
• On failure, responds with SdkError<UpdateCertificateAuthorityError>

impl Client

pub fn from_conf_conn<C, E>(conf: Config, conn: C) -> Self where
    C: SmithyConnector<Error = E> + Send + 'static,
    E: Into<ConnectorError>, 

Creates a client with the given service config and connector override.

pub fn new(sdk_config: &SdkConfig) -> Self

Creates a new client from a shared config.

pub fn from_conf(conf: Config) -> Self

Creates a new client from the service Config.

Trait Implementations

impl Clone for Client

fn clone(&self) -> Self

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for Client

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl From<Client<DynConnector, DynMiddleware<DynConnector>, Standard>> for Client

fn from(client: Client<DynConnector, DynMiddleware<DynConnector>>) -> Self

Converts to this type from the input type.