amazonka-certificatemanager-1.4.0: Amazon Certificate Manager SDK.

Copyright(c) 2013-2016 Brendan Hay
LicenseMozilla Public License, v. 2.0.
MaintainerBrendan Hay <brendan.g.hay@gmail.com>
Stabilityauto-generated
Portabilitynon-portable (GHC extensions)
Safe HaskellNone
LanguageHaskell2010

Network.AWS.CertificateManager

Contents

Description

AWS Certificate Manager

Welcome to the AWS Certificate Manager (ACM) Command Reference. This guide provides descriptions, syntax, and usage examples for each ACM command. You can use AWS Certificate Manager to request ACM Certificates for your AWS-based websites and applications. For general information about using ACM and for more information about using the console, see the AWS Certificate Manager User Guide. For more information about using the ACM API, see the AWS Certificate Manager API Reference.

Synopsis

Service Configuration

certificateManager :: Service Source

API version '2015-12-08' of the Amazon Certificate Manager SDK configuration.

Errors

Error matchers are designed for use with the functions provided by Control.Exception.Lens. This allows catching (and rethrowing) service specific errors returned by CertificateManager.

InvalidDomainValidationOptionsException

_InvalidDomainValidationOptionsException :: AsError a => Getting (First ServiceError) a ServiceError Source

One or more values in the DomainValidationOption structure is incorrect.

RequestInProgressException

_RequestInProgressException :: AsError a => Getting (First ServiceError) a ServiceError Source

The certificate request is in process and the certificate in your account has not yet been issued.

InvalidARNException

_InvalidARNException :: AsError a => Getting (First ServiceError) a ServiceError Source

The requested Amazon Resource Name (ARN) does not refer to an existing resource.

ResourceNotFoundException

_ResourceNotFoundException :: AsError a => Getting (First ServiceError) a ServiceError Source

The specified certificate cannot be found in the caller's account, or the caller's account cannot be found.

InvalidStateException

_InvalidStateException :: AsError a => Getting (First ServiceError) a ServiceError Source

Processing has reached an invalid state. For example, this exception can occur if the specified domain is not using email validation, or the current certificate status does not permit the requested operation. See the exception message returned by ACM to determine which state is not valid.

LimitExceededException

_LimitExceededException :: AsError a => Getting (First ServiceError) a ServiceError Source

An ACM limit has been exceeded. For example, you may have input more domains than are allowed or you've requested too many certificates for your account. See the exception message returned by ACM to determine which limit you have violated. For more information about ACM limits, see the Limits topic.

ResourceInUseException

_ResourceInUseException :: AsError a => Getting (First ServiceError) a ServiceError Source

The certificate is in use by another AWS service in the caller's account. Remove the association and try again.

Waiters

Waiters poll by repeatedly sending a request until some remote success condition configured by the Wait specification is fulfilled. The Wait specification determines how many attempts should be made, in addition to delay and retry strategies.

Operations

Some AWS operations return results that are incomplete and require subsequent requests in order to obtain the entire result set. The process of sending subsequent requests to continue where a previous request left off is called pagination. For example, the ListObjects operation of Amazon S3 returns up to 1000 objects at a time, and you must send subsequent requests with the appropriate Marker in order to retrieve the next page of results.

Operations that have an AWSPager instance can transparently perform subsequent requests, correctly setting Markers and other request facets to iterate through the entire result set of a truncated API operation. Operations which support this have an additional note in the documentation.

Many operations have the ability to filter results on the server side. See the individual operation parameters for details.

ResendValidationEmail

module Network.AWS.CertificateManager.ResendValidationEmail

GetCertificate

module Network.AWS.CertificateManager.GetCertificate

RequestCertificate

module Network.AWS.CertificateManager.RequestCertificate

ListCertificates

module Network.AWS.CertificateManager.ListCertificates

DeleteCertificate

module Network.AWS.CertificateManager.DeleteCertificate

DescribeCertificate

module Network.AWS.CertificateManager.DescribeCertificate

Types

CertificateStatus

data CertificateStatus Source

Constructors

Expired 
Failed 
Inactive 
Issued 
PendingValidation 
Revoked 
ValidationTimedOut 

Instances

KeyAlgorithm

data KeyAlgorithm Source

Constructors

EcPRIME256V1 
Rsa2048 

Instances

RevocationReason

data RevocationReason Source

Constructors

AACompromise 
AffiliationChanged 
CaCompromise 
CertificateHold 
CessationOfOperation 
KeyCompromise 
PrivilegeWithdrawn 
RemoveFromCrl 
Superceded 
Unspecified 

Instances

CertificateDetail

data CertificateDetail Source

This structure is returned in the response object of the DescribeCertificate action.

See: certificateDetail smart constructor.

Instances

certificateDetail :: CertificateDetail Source

Creates a value of CertificateDetail with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

cdSubject :: Lens' CertificateDetail (Maybe Text) Source

The X.500 distinguished name of the entity associated with the public key contained in the certificate.

cdStatus :: Lens' CertificateDetail (Maybe CertificateStatus) Source

A CertificateStatus enumeration value that can contain one of the following:

  • PENDING_VALIDATION
  • ISSUED
  • INACTIVE
  • EXPIRED
  • REVOKED
  • FAILED
  • VALIDATION_TIMED_OUT

cdSubjectAlternativeNames :: Lens' CertificateDetail (Maybe (NonEmpty Text)) Source

One or more domain names (subject alternative names) included in the certificate request. After the certificate is issued, this list includes the domain names bound to the public key contained in the certificate. The subject alternative names include the canonical domain name (CN) of the certificate and additional domain names that can be used to connect to the website.

cdInUseBy :: Lens' CertificateDetail [Text] Source

List that identifies ARNs that are using the certificate. A single ACM Certificate can be used by multiple AWS resources.

cdCreatedAt :: Lens' CertificateDetail (Maybe UTCTime) Source

Time at which the certificate was requested.

cdCertificateARN :: Lens' CertificateDetail (Maybe Text) Source

Amazon Resource Name (ARN) of the certificate. This is of the form:

'arn:aws:acm:region:123456789012:certificate\/12345678-1234-1234-1234-123456789012'

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces.

cdSerial :: Lens' CertificateDetail (Maybe Text) Source

String that contains the serial number of the certificate.

cdRevokedAt :: Lens' CertificateDetail (Maybe UTCTime) Source

The time, if any, at which the certificate was revoked. This value exists only if the certificate has been revoked.

cdNotBefore :: Lens' CertificateDetail (Maybe UTCTime) Source

Time before which the certificate is not valid.

cdRevocationReason :: Lens' CertificateDetail (Maybe RevocationReason) Source

A RevocationReason enumeration value that indicates why the certificate was revoked. This value exists only if the certificate has been revoked. This can be one of the following vales:

  • UNSPECIFIED
  • KEY_COMPROMISE
  • CA_COMPROMISE
  • AFFILIATION_CHANGED
  • SUPERCEDED
  • CESSATION_OF_OPERATION
  • CERTIFICATE_HOLD
  • REMOVE_FROM_CRL
  • PRIVILEGE_WITHDRAWN
  • A_A_COMPROMISE

cdDomainName :: Lens' CertificateDetail (Maybe Text) Source

Fully qualified domain name (FQDN), such as www.example.com or example.com, for the certificate.

cdKeyAlgorithm :: Lens' CertificateDetail (Maybe KeyAlgorithm) Source

Asymmetric algorithm used to generate the public and private key pair. Currently the only supported value is RSA_2048.

cdIssuedAt :: Lens' CertificateDetail (Maybe UTCTime) Source

Time at which the certificate was issued.

cdSignatureAlgorithm :: Lens' CertificateDetail (Maybe Text) Source

Algorithm used to generate a signature. Currently the only supported value is SHA256WITHRSA.

cdDomainValidationOptions :: Lens' CertificateDetail (Maybe (NonEmpty DomainValidation)) Source

References a DomainValidation structure that contains the domain name in the certificate and the email address that can be used for validation.

cdIssuer :: Lens' CertificateDetail (Maybe Text) Source

The X.500 distinguished name of the CA that issued and signed the certificate.

cdNotAfter :: Lens' CertificateDetail (Maybe UTCTime) Source

Time after which the certificate is not valid.

CertificateSummary

data CertificateSummary Source

This structure is returned in the response object of ListCertificates action.

See: certificateSummary smart constructor.

Instances

certificateSummary :: CertificateSummary Source

Creates a value of CertificateSummary with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

csCertificateARN :: Lens' CertificateSummary (Maybe Text) Source

Amazon Resource Name (ARN) of the certificate. This is of the form:

'arn:aws:acm:region:123456789012:certificate\/12345678-1234-1234-1234-123456789012'

For more information about ARNs, see Amazon Resource Names (ARNs) and AWS Service Namespaces.

csDomainName :: Lens' CertificateSummary (Maybe Text) Source

Fully qualified domain name (FQDN), such as www.example.com or example.com, for the certificate.

DomainValidation

data DomainValidation Source

Structure that contains the domain name, the base validation domain to which validation email is sent, and the email addresses used to validate the domain identity.

See: domainValidation smart constructor.

Instances

domainValidation Source

Arguments

:: Text

dvDomainName

-> DomainValidation 

Creates a value of DomainValidation with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

dvValidationEmails :: Lens' DomainValidation [Text] Source

A list of contact address for the domain registrant.

dvValidationDomain :: Lens' DomainValidation (Maybe Text) Source

The base validation domain that acts as the suffix of the email addresses that are used to send the emails.

dvDomainName :: Lens' DomainValidation Text Source

Fully Qualified Domain Name (FQDN) of the form 'www.example.com or ''example.com'

DomainValidationOption

data DomainValidationOption Source

This structure is used in the request object of the RequestCertificate action.

See: domainValidationOption smart constructor.

Instances

domainValidationOption Source

Arguments

:: Text

dvoDomainName

-> Text

dvoValidationDomain

-> DomainValidationOption 

Creates a value of DomainValidationOption with the minimum fields required to make a request.

Use one of the following lenses to modify other fields as desired:

dvoDomainName :: Lens' DomainValidationOption Text Source

Fully Qualified Domain Name (FQDN) of the certificate being requested.

dvoValidationDomain :: Lens' DomainValidationOption Text Source

The domain to which validation email is sent. This is the base validation domain that will act as the suffix of the email addresses. This must be the same as the DomainName value or a superdomain of the DomainName value. For example, if you requested a certificate for 'site.subdomain.example.com' and specify a ValidationDomain of 'subdomain.example.com', ACM sends email to the domain registrant, technical contact, and administrative contact in WHOIS for the base domain and the and the following five addresses:

  • admin'subdomain.example.com
  • administrator'subdomain.example.com
  • hostmaster'subdomain.example.com
  • postmaster'subdomain.example.com
  • webmaster'subdomain.example.com