com.amazonaws.services.certificatemanager.AWSCertificateManagerClient Maven / Gradle / Ivy
/*
* Copyright 2019-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.certificatemanager;
import org.w3c.dom.*;
import java.net.*;
import java.util.*;
import javax.annotation.Generated;
import org.apache.commons.logging.*;
import com.amazonaws.*;
import com.amazonaws.annotation.SdkInternalApi;
import com.amazonaws.auth.*;
import com.amazonaws.handlers.*;
import com.amazonaws.http.*;
import com.amazonaws.internal.*;
import com.amazonaws.internal.auth.*;
import com.amazonaws.metrics.*;
import com.amazonaws.regions.*;
import com.amazonaws.transform.*;
import com.amazonaws.util.*;
import com.amazonaws.protocol.json.*;
import com.amazonaws.util.AWSRequestMetrics.Field;
import com.amazonaws.annotation.ThreadSafe;
import com.amazonaws.client.AwsSyncClientParams;
import com.amazonaws.client.builder.AdvancedConfig;
import com.amazonaws.services.certificatemanager.AWSCertificateManagerClientBuilder;
import com.amazonaws.services.certificatemanager.waiters.AWSCertificateManagerWaiters;
import com.amazonaws.AmazonServiceException;
import com.amazonaws.services.certificatemanager.model.*;
import com.amazonaws.services.certificatemanager.model.transform.*;
/**
* Client for accessing ACM. All service calls made using this client are blocking, and will not return until the
* service call completes.
*
* Certificate Manager
*
* You can use Certificate Manager (ACM) to manage SSL/TLS certificates for your Amazon Web Services-based websites and
* applications. For more information about using ACM, see the Certificate Manager User Guide.
*
*/
@ThreadSafe
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public class AWSCertificateManagerClient extends AmazonWebServiceClient implements AWSCertificateManager {
/** Provider for AWS credentials. */
private final AWSCredentialsProvider awsCredentialsProvider;
private static final Log log = LogFactory.getLog(AWSCertificateManager.class);
/** Default signing name for the service. */
private static final String DEFAULT_SIGNING_NAME = "acm";
private volatile AWSCertificateManagerWaiters waiters;
/** Client configuration factory providing ClientConfigurations tailored to this client */
protected static final ClientConfigurationFactory configFactory = new ClientConfigurationFactory();
private final AdvancedConfig advancedConfig;
private static final com.amazonaws.protocol.json.SdkJsonProtocolFactory protocolFactory = new com.amazonaws.protocol.json.SdkJsonProtocolFactory(
new JsonClientMetadata()
.withProtocolVersion("1.1")
.withSupportsCbor(false)
.withSupportsIon(false)
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("InvalidTagException").withExceptionUnmarshaller(
com.amazonaws.services.certificatemanager.model.transform.InvalidTagExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("AccessDeniedException").withExceptionUnmarshaller(
com.amazonaws.services.certificatemanager.model.transform.AccessDeniedExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("TooManyTagsException").withExceptionUnmarshaller(
com.amazonaws.services.certificatemanager.model.transform.TooManyTagsExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("ConflictException").withExceptionUnmarshaller(
com.amazonaws.services.certificatemanager.model.transform.ConflictExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("InvalidParameterException").withExceptionUnmarshaller(
com.amazonaws.services.certificatemanager.model.transform.InvalidParameterExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("ResourceInUseException").withExceptionUnmarshaller(
com.amazonaws.services.certificatemanager.model.transform.ResourceInUseExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("ResourceNotFoundException").withExceptionUnmarshaller(
com.amazonaws.services.certificatemanager.model.transform.ResourceNotFoundExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("InvalidArgsException").withExceptionUnmarshaller(
com.amazonaws.services.certificatemanager.model.transform.InvalidArgsExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("InvalidArnException").withExceptionUnmarshaller(
com.amazonaws.services.certificatemanager.model.transform.InvalidArnExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("ThrottlingException").withExceptionUnmarshaller(
com.amazonaws.services.certificatemanager.model.transform.ThrottlingExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("ValidationException").withExceptionUnmarshaller(
com.amazonaws.services.certificatemanager.model.transform.ValidationExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("TagPolicyException").withExceptionUnmarshaller(
com.amazonaws.services.certificatemanager.model.transform.TagPolicyExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("RequestInProgressException").withExceptionUnmarshaller(
com.amazonaws.services.certificatemanager.model.transform.RequestInProgressExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("InvalidStateException").withExceptionUnmarshaller(
com.amazonaws.services.certificatemanager.model.transform.InvalidStateExceptionUnmarshaller.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("InvalidDomainValidationOptionsException")
.withExceptionUnmarshaller(
com.amazonaws.services.certificatemanager.model.transform.InvalidDomainValidationOptionsExceptionUnmarshaller
.getInstance()))
.addErrorMetadata(
new JsonErrorShapeMetadata().withErrorCode("LimitExceededException").withExceptionUnmarshaller(
com.amazonaws.services.certificatemanager.model.transform.LimitExceededExceptionUnmarshaller.getInstance()))
.withBaseServiceExceptionClass(com.amazonaws.services.certificatemanager.model.AWSCertificateManagerException.class));
/**
* Constructs a new client to invoke service methods on ACM. A credentials provider chain will be used that searches
* for credentials in this order:
*
* - Environment Variables - AWS_ACCESS_KEY_ID and AWS_SECRET_KEY
* - Java System Properties - aws.accessKeyId and aws.secretKey
* - Instance profile credentials delivered through the Amazon EC2 metadata service
*
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @see DefaultAWSCredentialsProviderChain
* @deprecated use {@link AWSCertificateManagerClientBuilder#defaultClient()}
*/
@Deprecated
public AWSCertificateManagerClient() {
this(DefaultAWSCredentialsProviderChain.getInstance(), configFactory.getConfig());
}
/**
* Constructs a new client to invoke service methods on ACM. A credentials provider chain will be used that searches
* for credentials in this order:
*
* - Environment Variables - AWS_ACCESS_KEY_ID and AWS_SECRET_KEY
* - Java System Properties - aws.accessKeyId and aws.secretKey
* - Instance profile credentials delivered through the Amazon EC2 metadata service
*
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param clientConfiguration
* The client configuration options controlling how this client connects to ACM (ex: proxy settings, retry
* counts, etc.).
*
* @see DefaultAWSCredentialsProviderChain
* @deprecated use {@link AWSCertificateManagerClientBuilder#withClientConfiguration(ClientConfiguration)}
*/
@Deprecated
public AWSCertificateManagerClient(ClientConfiguration clientConfiguration) {
this(DefaultAWSCredentialsProviderChain.getInstance(), clientConfiguration);
}
/**
* Constructs a new client to invoke service methods on ACM using the specified AWS account credentials.
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param awsCredentials
* The AWS credentials (access key ID and secret key) to use when authenticating with AWS services.
* @deprecated use {@link AWSCertificateManagerClientBuilder#withCredentials(AWSCredentialsProvider)} for example:
* {@code AWSCertificateManagerClientBuilder.standard().withCredentials(new AWSStaticCredentialsProvider(awsCredentials)).build();}
*/
@Deprecated
public AWSCertificateManagerClient(AWSCredentials awsCredentials) {
this(awsCredentials, configFactory.getConfig());
}
/**
* Constructs a new client to invoke service methods on ACM using the specified AWS account credentials and client
* configuration options.
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param awsCredentials
* The AWS credentials (access key ID and secret key) to use when authenticating with AWS services.
* @param clientConfiguration
* The client configuration options controlling how this client connects to ACM (ex: proxy settings, retry
* counts, etc.).
* @deprecated use {@link AWSCertificateManagerClientBuilder#withCredentials(AWSCredentialsProvider)} and
* {@link AWSCertificateManagerClientBuilder#withClientConfiguration(ClientConfiguration)}
*/
@Deprecated
public AWSCertificateManagerClient(AWSCredentials awsCredentials, ClientConfiguration clientConfiguration) {
super(clientConfiguration);
this.awsCredentialsProvider = new StaticCredentialsProvider(awsCredentials);
this.advancedConfig = AdvancedConfig.EMPTY;
init();
}
/**
* Constructs a new client to invoke service methods on ACM using the specified AWS account credentials provider.
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param awsCredentialsProvider
* The AWS credentials provider which will provide credentials to authenticate requests with AWS services.
* @deprecated use {@link AWSCertificateManagerClientBuilder#withCredentials(AWSCredentialsProvider)}
*/
@Deprecated
public AWSCertificateManagerClient(AWSCredentialsProvider awsCredentialsProvider) {
this(awsCredentialsProvider, configFactory.getConfig());
}
/**
* Constructs a new client to invoke service methods on ACM using the specified AWS account credentials provider and
* client configuration options.
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param awsCredentialsProvider
* The AWS credentials provider which will provide credentials to authenticate requests with AWS services.
* @param clientConfiguration
* The client configuration options controlling how this client connects to ACM (ex: proxy settings, retry
* counts, etc.).
* @deprecated use {@link AWSCertificateManagerClientBuilder#withCredentials(AWSCredentialsProvider)} and
* {@link AWSCertificateManagerClientBuilder#withClientConfiguration(ClientConfiguration)}
*/
@Deprecated
public AWSCertificateManagerClient(AWSCredentialsProvider awsCredentialsProvider, ClientConfiguration clientConfiguration) {
this(awsCredentialsProvider, clientConfiguration, null);
}
/**
* Constructs a new client to invoke service methods on ACM using the specified AWS account credentials provider,
* client configuration options, and request metric collector.
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param awsCredentialsProvider
* The AWS credentials provider which will provide credentials to authenticate requests with AWS services.
* @param clientConfiguration
* The client configuration options controlling how this client connects to ACM (ex: proxy settings, retry
* counts, etc.).
* @param requestMetricCollector
* optional request metric collector
* @deprecated use {@link AWSCertificateManagerClientBuilder#withCredentials(AWSCredentialsProvider)} and
* {@link AWSCertificateManagerClientBuilder#withClientConfiguration(ClientConfiguration)} and
* {@link AWSCertificateManagerClientBuilder#withMetricsCollector(RequestMetricCollector)}
*/
@Deprecated
public AWSCertificateManagerClient(AWSCredentialsProvider awsCredentialsProvider, ClientConfiguration clientConfiguration,
RequestMetricCollector requestMetricCollector) {
super(clientConfiguration, requestMetricCollector);
this.awsCredentialsProvider = awsCredentialsProvider;
this.advancedConfig = AdvancedConfig.EMPTY;
init();
}
public static AWSCertificateManagerClientBuilder builder() {
return AWSCertificateManagerClientBuilder.standard();
}
/**
* Constructs a new client to invoke service methods on ACM using the specified parameters.
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param clientParams
* Object providing client parameters.
*/
AWSCertificateManagerClient(AwsSyncClientParams clientParams) {
this(clientParams, false);
}
/**
* Constructs a new client to invoke service methods on ACM using the specified parameters.
*
*
* All service calls made using this new client object are blocking, and will not return until the service call
* completes.
*
* @param clientParams
* Object providing client parameters.
*/
AWSCertificateManagerClient(AwsSyncClientParams clientParams, boolean endpointDiscoveryEnabled) {
super(clientParams);
this.awsCredentialsProvider = clientParams.getCredentialsProvider();
this.advancedConfig = clientParams.getAdvancedConfig();
init();
}
private void init() {
setServiceNameIntern(DEFAULT_SIGNING_NAME);
setEndpointPrefix(ENDPOINT_PREFIX);
// calling this.setEndPoint(...) will also modify the signer accordingly
setEndpoint("https://acm.us-east-1.amazonaws.com");
HandlerChainFactory chainFactory = new HandlerChainFactory();
requestHandler2s.addAll(chainFactory.newRequestHandlerChain("/com/amazonaws/services/certificatemanager/request.handlers"));
requestHandler2s.addAll(chainFactory.newRequestHandler2Chain("/com/amazonaws/services/certificatemanager/request.handler2s"));
requestHandler2s.addAll(chainFactory.getGlobalHandlers());
}
/**
*
* Adds one or more tags to an ACM certificate. Tags are labels that you can use to identify and organize your
* Amazon Web Services resources. Each tag consists of a key and an optional value. You
* specify the certificate on input by its Amazon Resource Name (ARN). You specify the tag by using a key-value
* pair.
*
*
* You can apply a tag to just one certificate if you want to identify a specific characteristic of that
* certificate, or you can apply the same tag to multiple certificates if you want to filter for a common
* relationship among those certificates. Similarly, you can apply the same tag to multiple resources if you want to
* specify a relationship among those resources. For example, you can add the same tag to an ACM certificate and an
* Elastic Load Balancing load balancer to indicate that they are both used by the same website. For more
* information, see Tagging ACM
* certificates.
*
*
* To remove one or more tags, use the RemoveTagsFromCertificate action. To view all of the tags that have
* been applied to the certificate, use the ListTagsForCertificate action.
*
*
* @param addTagsToCertificateRequest
* @return Result of the AddTagsToCertificate operation returned by the service.
* @throws ResourceNotFoundException
* The specified certificate cannot be found in the caller's account or the caller's account cannot be
* found.
* @throws InvalidArnException
* The requested Amazon Resource Name (ARN) does not refer to an existing resource.
* @throws InvalidTagException
* One or both of the values that make up the key-value pair is not valid. For example, you cannot specify a
* tag value that begins with aws:.
* @throws TooManyTagsException
* The request contains too many tags. Try the request again with fewer tags.
* @throws TagPolicyException
* A specified tag did not comply with an existing tag policy and was rejected.
* @throws InvalidParameterException
* An input parameter was invalid.
* @throws ThrottlingException
* The request was denied because it exceeded a quota.
* @sample AWSCertificateManager.AddTagsToCertificate
* @see AWS API
* Documentation
*/
@Override
public AddTagsToCertificateResult addTagsToCertificate(AddTagsToCertificateRequest request) {
request = beforeClientExecution(request);
return executeAddTagsToCertificate(request);
}
@SdkInternalApi
final AddTagsToCertificateResult executeAddTagsToCertificate(AddTagsToCertificateRequest addTagsToCertificateRequest) {
ExecutionContext executionContext = createExecutionContext(addTagsToCertificateRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new AddTagsToCertificateRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(addTagsToCertificateRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "ACM");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "AddTagsToCertificate");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new AddTagsToCertificateResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Deletes a certificate and its associated private key. If this action succeeds, the certificate no longer appears
* in the list that can be displayed by calling the ListCertificates action or be retrieved by calling the
* GetCertificate action. The certificate will not be available for use by Amazon Web Services services
* integrated with ACM.
*
*
*
* You cannot delete an ACM certificate that is being used by another Amazon Web Services service. To delete a
* certificate that is in use, the certificate association must first be removed.
*
*
*
* @param deleteCertificateRequest
* @return Result of the DeleteCertificate operation returned by the service.
* @throws ResourceNotFoundException
* The specified certificate cannot be found in the caller's account or the caller's account cannot be
* found.
* @throws ResourceInUseException
* The certificate is in use by another Amazon Web Services service in the caller's account. Remove the
* association and try again.
* @throws AccessDeniedException
* You do not have access required to perform this action.
* @throws ThrottlingException
* The request was denied because it exceeded a quota.
* @throws ConflictException
* You are trying to update a resource or configuration that is already being created or updated. Wait for
* the previous operation to finish and try again.
* @throws InvalidArnException
* The requested Amazon Resource Name (ARN) does not refer to an existing resource.
* @sample AWSCertificateManager.DeleteCertificate
* @see AWS API
* Documentation
*/
@Override
public DeleteCertificateResult deleteCertificate(DeleteCertificateRequest request) {
request = beforeClientExecution(request);
return executeDeleteCertificate(request);
}
@SdkInternalApi
final DeleteCertificateResult executeDeleteCertificate(DeleteCertificateRequest deleteCertificateRequest) {
ExecutionContext executionContext = createExecutionContext(deleteCertificateRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DeleteCertificateRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(deleteCertificateRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "ACM");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DeleteCertificate");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DeleteCertificateResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns detailed metadata about the specified ACM certificate.
*
*
* If you have just created a certificate using the RequestCertificate action, there is a delay of
* several seconds before you can retrieve information about it.
*
*
* @param describeCertificateRequest
* @return Result of the DescribeCertificate operation returned by the service.
* @throws ResourceNotFoundException
* The specified certificate cannot be found in the caller's account or the caller's account cannot be
* found.
* @throws InvalidArnException
* The requested Amazon Resource Name (ARN) does not refer to an existing resource.
* @sample AWSCertificateManager.DescribeCertificate
* @see AWS API
* Documentation
*/
@Override
public DescribeCertificateResult describeCertificate(DescribeCertificateRequest request) {
request = beforeClientExecution(request);
return executeDescribeCertificate(request);
}
@SdkInternalApi
final DescribeCertificateResult executeDescribeCertificate(DescribeCertificateRequest describeCertificateRequest) {
ExecutionContext executionContext = createExecutionContext(describeCertificateRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new DescribeCertificateRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(describeCertificateRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "ACM");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "DescribeCertificate");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new DescribeCertificateResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Exports a private certificate issued by a private certificate authority (CA) for use anywhere. The exported file
* contains the certificate, the certificate chain, and the encrypted private 2048-bit RSA key associated with the
* public key that is embedded in the certificate. For security, you must assign a passphrase for the private key
* when exporting it.
*
*
* For information about exporting and formatting a certificate using the ACM console or CLI, see Export a Private
* Certificate.
*
*
* @param exportCertificateRequest
* @return Result of the ExportCertificate operation returned by the service.
* @throws ResourceNotFoundException
* The specified certificate cannot be found in the caller's account or the caller's account cannot be
* found.
* @throws RequestInProgressException
* The certificate request is in process and the certificate in your account has not yet been issued.
* @throws InvalidArnException
* The requested Amazon Resource Name (ARN) does not refer to an existing resource.
* @sample AWSCertificateManager.ExportCertificate
* @see AWS API
* Documentation
*/
@Override
public ExportCertificateResult exportCertificate(ExportCertificateRequest request) {
request = beforeClientExecution(request);
return executeExportCertificate(request);
}
@SdkInternalApi
final ExportCertificateResult executeExportCertificate(ExportCertificateRequest exportCertificateRequest) {
ExecutionContext executionContext = createExecutionContext(exportCertificateRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ExportCertificateRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(exportCertificateRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "ACM");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ExportCertificate");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ExportCertificateResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Returns the account configuration options associated with an Amazon Web Services account.
*
*
* @param getAccountConfigurationRequest
* @return Result of the GetAccountConfiguration operation returned by the service.
* @throws AccessDeniedException
* You do not have access required to perform this action.
* @throws ThrottlingException
* The request was denied because it exceeded a quota.
* @sample AWSCertificateManager.GetAccountConfiguration
* @see AWS
* API Documentation
*/
@Override
public GetAccountConfigurationResult getAccountConfiguration(GetAccountConfigurationRequest request) {
request = beforeClientExecution(request);
return executeGetAccountConfiguration(request);
}
@SdkInternalApi
final GetAccountConfigurationResult executeGetAccountConfiguration(GetAccountConfigurationRequest getAccountConfigurationRequest) {
ExecutionContext executionContext = createExecutionContext(getAccountConfigurationRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetAccountConfigurationRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(getAccountConfigurationRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "ACM");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetAccountConfiguration");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new GetAccountConfigurationResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Retrieves a certificate and its certificate chain. The certificate may be either a public or private certificate
* issued using the ACM RequestCertificate action, or a certificate imported into ACM using the
* ImportCertificate action. The chain consists of the certificate of the issuing CA and the
* intermediate certificates of any other subordinate CAs. All of the certificates are base64 encoded. You can use
* OpenSSL to decode the certificates and
* inspect individual fields.
*
*
* @param getCertificateRequest
* @return Result of the GetCertificate operation returned by the service.
* @throws ResourceNotFoundException
* The specified certificate cannot be found in the caller's account or the caller's account cannot be
* found.
* @throws RequestInProgressException
* The certificate request is in process and the certificate in your account has not yet been issued.
* @throws InvalidArnException
* The requested Amazon Resource Name (ARN) does not refer to an existing resource.
* @sample AWSCertificateManager.GetCertificate
* @see AWS API
* Documentation
*/
@Override
public GetCertificateResult getCertificate(GetCertificateRequest request) {
request = beforeClientExecution(request);
return executeGetCertificate(request);
}
@SdkInternalApi
final GetCertificateResult executeGetCertificate(GetCertificateRequest getCertificateRequest) {
ExecutionContext executionContext = createExecutionContext(getCertificateRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new GetCertificateRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(getCertificateRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "ACM");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "GetCertificate");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new GetCertificateResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Imports a certificate into Certificate Manager (ACM) to use with services that are integrated with ACM. Note that
* integrated services allow only
* certificate types and keys they support to be associated with their resources. Further, their support differs
* depending on whether the certificate is imported into IAM or into ACM. For more information, see the
* documentation for each service. For more information about importing certificates into ACM, see Importing Certificates in the
* Certificate Manager User Guide.
*
*
*
* ACM does not provide managed
* renewal for certificates that you import.
*
*
*
* Note the following guidelines when importing third party certificates:
*
*
* -
*
* You must enter the private key that matches the certificate you are importing.
*
*
* -
*
* The private key must be unencrypted. You cannot import a private key that is protected by a password or a
* passphrase.
*
*
* -
*
* The private key must be no larger than 5 KB (5,120 bytes).
*
*
* -
*
* The certificate, private key, and certificate chain must be PEM-encoded.
*
*
* -
*
* The current time must be between the Not Before and Not After certificate fields.
*
*
* -
*
* The Issuer field must not be empty.
*
*
* -
*
* The OCSP authority URL, if present, must not exceed 1000 characters.
*
*
* -
*
* To import a new certificate, omit the CertificateArn argument. Include this argument only when you
* want to replace a previously imported certificate.
*
*
* -
*
* When you import a certificate by using the CLI, you must specify the certificate, the certificate chain, and the
* private key by their file names preceded by fileb://. For example, you can specify a certificate
* saved in the C:\temp folder as fileb://C:\temp\certificate_to_import.pem. If you are
* making an HTTP or HTTPS Query request, include these arguments as BLOBs.
*
*
* -
*
* When you import a certificate by using an SDK, you must specify the certificate, the certificate chain, and the
* private key files in the manner required by the programming language you're using.
*
*
* -
*
* The cryptographic algorithm of an imported certificate must match the algorithm of the signing CA. For example,
* if the signing CA key type is RSA, then the certificate key type must also be RSA.
*
*
*
*
* This operation returns the Amazon Resource Name (ARN)
* of the imported certificate.
*
*
* @param importCertificateRequest
* @return Result of the ImportCertificate operation returned by the service.
* @throws ResourceNotFoundException
* The specified certificate cannot be found in the caller's account or the caller's account cannot be
* found.
* @throws LimitExceededException
* An ACM quota has been exceeded.
* @throws InvalidTagException
* One or both of the values that make up the key-value pair is not valid. For example, you cannot specify a
* tag value that begins with aws:.
* @throws TooManyTagsException
* The request contains too many tags. Try the request again with fewer tags.
* @throws TagPolicyException
* A specified tag did not comply with an existing tag policy and was rejected.
* @throws InvalidParameterException
* An input parameter was invalid.
* @throws InvalidArnException
* The requested Amazon Resource Name (ARN) does not refer to an existing resource.
* @sample AWSCertificateManager.ImportCertificate
* @see AWS API
* Documentation
*/
@Override
public ImportCertificateResult importCertificate(ImportCertificateRequest request) {
request = beforeClientExecution(request);
return executeImportCertificate(request);
}
@SdkInternalApi
final ImportCertificateResult executeImportCertificate(ImportCertificateRequest importCertificateRequest) {
ExecutionContext executionContext = createExecutionContext(importCertificateRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ImportCertificateRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(importCertificateRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "ACM");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ImportCertificate");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ImportCertificateResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Retrieves a list of certificate ARNs and domain names. By default, the API returns RSA_2048 certificates. To
* return all certificates in the account, include the keyType filter with the values
* [RSA_1024, RSA_2048, RSA_3072, RSA_4096, EC_prime256v1, EC_secp384r1, EC_secp521r1].
*
*
* In addition to keyType, you can also filter by the CertificateStatuses,
* keyUsage, and extendedKeyUsage attributes on the certificate. For more information, see
* Filters.
*
*
* @param listCertificatesRequest
* @return Result of the ListCertificates operation returned by the service.
* @throws InvalidArgsException
* One or more of of request parameters specified is not valid.
* @throws ValidationException
* The supplied input failed to satisfy constraints of an Amazon Web Services service.
* @sample AWSCertificateManager.ListCertificates
* @see AWS API
* Documentation
*/
@Override
public ListCertificatesResult listCertificates(ListCertificatesRequest request) {
request = beforeClientExecution(request);
return executeListCertificates(request);
}
@SdkInternalApi
final ListCertificatesResult executeListCertificates(ListCertificatesRequest listCertificatesRequest) {
ExecutionContext executionContext = createExecutionContext(listCertificatesRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ListCertificatesRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(listCertificatesRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "ACM");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListCertificates");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new ListCertificatesResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Lists the tags that have been applied to the ACM certificate. Use the certificate's Amazon Resource Name (ARN) to
* specify the certificate. To add a tag to an ACM certificate, use the AddTagsToCertificate action. To
* delete a tag, use the RemoveTagsFromCertificate action.
*
*
* @param listTagsForCertificateRequest
* @return Result of the ListTagsForCertificate operation returned by the service.
* @throws ResourceNotFoundException
* The specified certificate cannot be found in the caller's account or the caller's account cannot be
* found.
* @throws InvalidArnException
* The requested Amazon Resource Name (ARN) does not refer to an existing resource.
* @sample AWSCertificateManager.ListTagsForCertificate
* @see AWS API
* Documentation
*/
@Override
public ListTagsForCertificateResult listTagsForCertificate(ListTagsForCertificateRequest request) {
request = beforeClientExecution(request);
return executeListTagsForCertificate(request);
}
@SdkInternalApi
final ListTagsForCertificateResult executeListTagsForCertificate(ListTagsForCertificateRequest listTagsForCertificateRequest) {
ExecutionContext executionContext = createExecutionContext(listTagsForCertificateRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ListTagsForCertificateRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(listTagsForCertificateRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "ACM");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ListTagsForCertificate");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new ListTagsForCertificateResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Adds or modifies account-level configurations in ACM.
*
*
* The supported configuration option is DaysBeforeExpiry. This option specifies the number of days
* prior to certificate expiration when ACM starts generating EventBridge events. ACM sends one event
* per day per certificate until the certificate expires. By default, accounts receive events starting 45 days
* before certificate expiration.
*
*
* @param putAccountConfigurationRequest
* @return Result of the PutAccountConfiguration operation returned by the service.
* @throws ValidationException
* The supplied input failed to satisfy constraints of an Amazon Web Services service.
* @throws ThrottlingException
* The request was denied because it exceeded a quota.
* @throws AccessDeniedException
* You do not have access required to perform this action.
* @throws ConflictException
* You are trying to update a resource or configuration that is already being created or updated. Wait for
* the previous operation to finish and try again.
* @sample AWSCertificateManager.PutAccountConfiguration
* @see AWS
* API Documentation
*/
@Override
public PutAccountConfigurationResult putAccountConfiguration(PutAccountConfigurationRequest request) {
request = beforeClientExecution(request);
return executePutAccountConfiguration(request);
}
@SdkInternalApi
final PutAccountConfigurationResult executePutAccountConfiguration(PutAccountConfigurationRequest putAccountConfigurationRequest) {
ExecutionContext executionContext = createExecutionContext(putAccountConfigurationRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new PutAccountConfigurationRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(putAccountConfigurationRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "ACM");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "PutAccountConfiguration");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new PutAccountConfigurationResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Remove one or more tags from an ACM certificate. A tag consists of a key-value pair. If you do not specify the
* value portion of the tag when calling this function, the tag will be removed regardless of value. If you specify
* a value, the tag is removed only if it is associated with the specified value.
*
*
* To add tags to a certificate, use the AddTagsToCertificate action. To view all of the tags that have been
* applied to a specific ACM certificate, use the ListTagsForCertificate action.
*
*
* @param removeTagsFromCertificateRequest
* @return Result of the RemoveTagsFromCertificate operation returned by the service.
* @throws ResourceNotFoundException
* The specified certificate cannot be found in the caller's account or the caller's account cannot be
* found.
* @throws InvalidArnException
* The requested Amazon Resource Name (ARN) does not refer to an existing resource.
* @throws InvalidTagException
* One or both of the values that make up the key-value pair is not valid. For example, you cannot specify a
* tag value that begins with aws:.
* @throws TagPolicyException
* A specified tag did not comply with an existing tag policy and was rejected.
* @throws InvalidParameterException
* An input parameter was invalid.
* @throws ThrottlingException
* The request was denied because it exceeded a quota.
* @sample AWSCertificateManager.RemoveTagsFromCertificate
* @see AWS
* API Documentation
*/
@Override
public RemoveTagsFromCertificateResult removeTagsFromCertificate(RemoveTagsFromCertificateRequest request) {
request = beforeClientExecution(request);
return executeRemoveTagsFromCertificate(request);
}
@SdkInternalApi
final RemoveTagsFromCertificateResult executeRemoveTagsFromCertificate(RemoveTagsFromCertificateRequest removeTagsFromCertificateRequest) {
ExecutionContext executionContext = createExecutionContext(removeTagsFromCertificateRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new RemoveTagsFromCertificateRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(removeTagsFromCertificateRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "ACM");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "RemoveTagsFromCertificate");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new RemoveTagsFromCertificateResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Renews an eligible ACM certificate. At this time, only exported private certificates can be renewed with this
* operation. In order to renew your Amazon Web Services Private CA certificates with ACM, you must first grant the ACM service principal
* permission to do so. For more information, see Testing Managed Renewal in the
* ACM User Guide.
*
*
* @param renewCertificateRequest
* @return Result of the RenewCertificate operation returned by the service.
* @throws ResourceNotFoundException
* The specified certificate cannot be found in the caller's account or the caller's account cannot be
* found.
* @throws InvalidArnException
* The requested Amazon Resource Name (ARN) does not refer to an existing resource.
* @sample AWSCertificateManager.RenewCertificate
* @see AWS API
* Documentation
*/
@Override
public RenewCertificateResult renewCertificate(RenewCertificateRequest request) {
request = beforeClientExecution(request);
return executeRenewCertificate(request);
}
@SdkInternalApi
final RenewCertificateResult executeRenewCertificate(RenewCertificateRequest renewCertificateRequest) {
ExecutionContext executionContext = createExecutionContext(renewCertificateRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new RenewCertificateRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(renewCertificateRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "ACM");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "RenewCertificate");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new RenewCertificateResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Requests an ACM certificate for use with other Amazon Web Services services. To request an ACM certificate, you
* must specify a fully qualified domain name (FQDN) in the DomainName parameter. You can also specify
* additional FQDNs in the SubjectAlternativeNames parameter.
*
*
* If you are requesting a private certificate, domain validation is not required. If you are requesting a public
* certificate, each domain name that you specify must be validated to verify that you own or control the domain.
* You can use DNS
* validation or email
* validation. We recommend that you use DNS validation. ACM issues public certificates after receiving approval
* from the domain owner.
*
*
*
* ACM behavior differs from the RFC 6125
* specification of the certificate validation process. ACM first checks for a Subject Alternative Name, and, if it
* finds one, ignores the common name (CN).
*
*
*
* After successful completion of the RequestCertificate action, there is a delay of several seconds
* before you can retrieve information about the new certificate.
*
*
* @param requestCertificateRequest
* @return Result of the RequestCertificate operation returned by the service.
* @throws LimitExceededException
* An ACM quota has been exceeded.
* @throws InvalidDomainValidationOptionsException
* One or more values in the DomainValidationOption structure is incorrect.
* @throws InvalidArnException
* The requested Amazon Resource Name (ARN) does not refer to an existing resource.
* @throws InvalidTagException
* One or both of the values that make up the key-value pair is not valid. For example, you cannot specify a
* tag value that begins with aws:.
* @throws TooManyTagsException
* The request contains too many tags. Try the request again with fewer tags.
* @throws TagPolicyException
* A specified tag did not comply with an existing tag policy and was rejected.
* @throws InvalidParameterException
* An input parameter was invalid.
* @sample AWSCertificateManager.RequestCertificate
* @see AWS API
* Documentation
*/
@Override
public RequestCertificateResult requestCertificate(RequestCertificateRequest request) {
request = beforeClientExecution(request);
return executeRequestCertificate(request);
}
@SdkInternalApi
final RequestCertificateResult executeRequestCertificate(RequestCertificateRequest requestCertificateRequest) {
ExecutionContext executionContext = createExecutionContext(requestCertificateRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new RequestCertificateRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(requestCertificateRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "ACM");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "RequestCertificate");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false), new RequestCertificateResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Resends the email that requests domain ownership validation. The domain owner or an authorized representative
* must approve the ACM certificate before it can be issued. The certificate can be approved by clicking a link in
* the mail to navigate to the Amazon certificate approval website and then clicking I Approve. However, the
* validation email can be blocked by spam filters. Therefore, if you do not receive the original mail, you can
* request that the mail be resent within 72 hours of requesting the ACM certificate. If more than 72 hours have
* elapsed since your original request or since your last attempt to resend validation mail, you must request a new
* certificate. For more information about setting up your contact email addresses, see Configure Email for your Domain.
*
*
* @param resendValidationEmailRequest
* @return Result of the ResendValidationEmail operation returned by the service.
* @throws ResourceNotFoundException
* The specified certificate cannot be found in the caller's account or the caller's account cannot be
* found.
* @throws InvalidStateException
* Processing has reached an invalid state.
* @throws InvalidArnException
* The requested Amazon Resource Name (ARN) does not refer to an existing resource.
* @throws InvalidDomainValidationOptionsException
* One or more values in the DomainValidationOption structure is incorrect.
* @sample AWSCertificateManager.ResendValidationEmail
* @see AWS API
* Documentation
*/
@Override
public ResendValidationEmailResult resendValidationEmail(ResendValidationEmailRequest request) {
request = beforeClientExecution(request);
return executeResendValidationEmail(request);
}
@SdkInternalApi
final ResendValidationEmailResult executeResendValidationEmail(ResendValidationEmailRequest resendValidationEmailRequest) {
ExecutionContext executionContext = createExecutionContext(resendValidationEmailRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new ResendValidationEmailRequestProtocolMarshaller(protocolFactory).marshall(super.beforeMarshalling(resendValidationEmailRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "ACM");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "ResendValidationEmail");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory
.createResponseHandler(new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new ResendValidationEmailResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
*
* Updates a certificate. Currently, you can use this function to specify whether to opt in to or out of recording
* your certificate in a certificate transparency log. For more information, see
* Opting Out of Certificate Transparency Logging.
*
*
* @param updateCertificateOptionsRequest
* @return Result of the UpdateCertificateOptions operation returned by the service.
* @throws ResourceNotFoundException
* The specified certificate cannot be found in the caller's account or the caller's account cannot be
* found.
* @throws LimitExceededException
* An ACM quota has been exceeded.
* @throws InvalidStateException
* Processing has reached an invalid state.
* @throws InvalidArnException
* The requested Amazon Resource Name (ARN) does not refer to an existing resource.
* @sample AWSCertificateManager.UpdateCertificateOptions
* @see AWS
* API Documentation
*/
@Override
public UpdateCertificateOptionsResult updateCertificateOptions(UpdateCertificateOptionsRequest request) {
request = beforeClientExecution(request);
return executeUpdateCertificateOptions(request);
}
@SdkInternalApi
final UpdateCertificateOptionsResult executeUpdateCertificateOptions(UpdateCertificateOptionsRequest updateCertificateOptionsRequest) {
ExecutionContext executionContext = createExecutionContext(updateCertificateOptionsRequest);
AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics();
awsRequestMetrics.startEvent(Field.ClientExecuteTime);
Request request = null;
Response response = null;
try {
awsRequestMetrics.startEvent(Field.RequestMarshallTime);
try {
request = new UpdateCertificateOptionsRequestProtocolMarshaller(protocolFactory).marshall(super
.beforeMarshalling(updateCertificateOptionsRequest));
// Binds the request metrics to the current request.
request.setAWSRequestMetrics(awsRequestMetrics);
request.addHandlerContext(HandlerContextKey.CLIENT_ENDPOINT, endpoint);
request.addHandlerContext(HandlerContextKey.ENDPOINT_OVERRIDDEN, isEndpointOverridden());
request.addHandlerContext(HandlerContextKey.SIGNING_REGION, getSigningRegion());
request.addHandlerContext(HandlerContextKey.SERVICE_ID, "ACM");
request.addHandlerContext(HandlerContextKey.OPERATION_NAME, "UpdateCertificateOptions");
request.addHandlerContext(HandlerContextKey.ADVANCED_CONFIG, advancedConfig);
} finally {
awsRequestMetrics.endEvent(Field.RequestMarshallTime);
}
HttpResponseHandler> responseHandler = protocolFactory.createResponseHandler(
new JsonOperationMetadata().withPayloadJson(true).withHasStreamingSuccessResponse(false),
new UpdateCertificateOptionsResultJsonUnmarshaller());
response = invoke(request, responseHandler, executionContext);
return response.getAwsResponse();
} finally {
endClientExecution(awsRequestMetrics, request, response);
}
}
/**
* Returns additional metadata for a previously executed successful, request, typically used for debugging issues
* where a service isn't acting as expected. This data isn't considered part of the result data returned by an
* operation, so it's available through this separate, diagnostic interface.
*
* Response metadata is only cached for a limited period of time, so if you need to access this extra diagnostic
* information for an executed request, you should use this method to retrieve it as soon as possible after
* executing the request.
*
* @param request
* The originally executed request
*
* @return The response metadata for the specified request, or null if none is available.
*/
public ResponseMetadata getCachedResponseMetadata(AmazonWebServiceRequest request) {
return client.getResponseMetadataForRequest(request);
}
/**
* Normal invoke with authentication. Credentials are required and may be overriden at the request level.
**/
private Response invoke(Request request, HttpResponseHandler> responseHandler,
ExecutionContext executionContext) {
return invoke(request, responseHandler, executionContext, null, null);
}
/**
* Normal invoke with authentication. Credentials are required and may be overriden at the request level.
**/
private Response invoke(Request request, HttpResponseHandler> responseHandler,
ExecutionContext executionContext, URI cachedEndpoint, URI uriFromEndpointTrait) {
executionContext.setCredentialsProvider(CredentialUtils.getCredentialsProvider(request.getOriginalRequest(), awsCredentialsProvider));
return doInvoke(request, responseHandler, executionContext, cachedEndpoint, uriFromEndpointTrait);
}
/**
* Invoke with no authentication. Credentials are not required and any credentials set on the client or request will
* be ignored for this operation.
**/
private Response anonymousInvoke(Request request,
HttpResponseHandler> responseHandler, ExecutionContext executionContext) {
return doInvoke(request, responseHandler, executionContext, null, null);
}
/**
* Invoke the request using the http client. Assumes credentials (or lack thereof) have been configured in the
* ExecutionContext beforehand.
**/
private Response doInvoke(Request request, HttpResponseHandler> responseHandler,
ExecutionContext executionContext, URI discoveredEndpoint, URI uriFromEndpointTrait) {
if (discoveredEndpoint != null) {
request.setEndpoint(discoveredEndpoint);
request.getOriginalRequest().getRequestClientOptions().appendUserAgent("endpoint-discovery");
} else if (uriFromEndpointTrait != null) {
request.setEndpoint(uriFromEndpointTrait);
} else {
request.setEndpoint(endpoint);
}
request.setTimeOffset(timeOffset);
HttpResponseHandler errorResponseHandler = protocolFactory.createErrorResponseHandler(new JsonErrorResponseMetadata());
return client.execute(request, responseHandler, errorResponseHandler, executionContext);
}
@com.amazonaws.annotation.SdkInternalApi
static com.amazonaws.protocol.json.SdkJsonProtocolFactory getProtocolFactory() {
return protocolFactory;
}
@Override
public AWSCertificateManagerWaiters waiters() {
if (waiters == null) {
synchronized (this) {
if (waiters == null) {
waiters = new AWSCertificateManagerWaiters(this);
}
}
}
return waiters;
}
@Override
public void shutdown() {
super.shutdown();
if (waiters != null) {
waiters.shutdown();
}
}
}