| Copyright | (c) 2013-2023 Brendan Hay |
|---|---|
| License | Mozilla Public License, v. 2.0. |
| Maintainer | Brendan Hay |
| Stability | auto-generated |
| Portability | non-portable (GHC extensions) |
| Safe Haskell | Safe-Inferred |
| Language | Haskell2010 |
Amazonka.CertificateManager.Types
Contents
- Service Configuration
- Errors
- CertificateStatus
- CertificateTransparencyLoggingPreference
- CertificateType
- DomainStatus
- ExtendedKeyUsageName
- FailureReason
- KeyAlgorithm
- KeyUsageName
- RecordType
- RenewalEligibility
- RenewalStatus
- RevocationReason
- SortBy
- SortOrder
- ValidationMethod
- CertificateDetail
- CertificateOptions
- CertificateSummary
- DomainValidation
- DomainValidationOption
- ExpiryEventsConfiguration
- ExtendedKeyUsage
- Filters
- KeyUsage
- RenewalSummary
- ResourceRecord
- Tag
Description
Synopsis
- defaultService :: Service
- _AccessDeniedException :: AsError a => Fold a ServiceError
- _ConflictException :: AsError a => Fold a ServiceError
- _InvalidArgsException :: AsError a => Fold a ServiceError
- _InvalidArnException :: AsError a => Fold a ServiceError
- _InvalidDomainValidationOptionsException :: AsError a => Fold a ServiceError
- _InvalidParameterException :: AsError a => Fold a ServiceError
- _InvalidStateException :: AsError a => Fold a ServiceError
- _InvalidTagException :: AsError a => Fold a ServiceError
- _LimitExceededException :: AsError a => Fold a ServiceError
- _RequestInProgressException :: AsError a => Fold a ServiceError
- _ResourceInUseException :: AsError a => Fold a ServiceError
- _ResourceNotFoundException :: AsError a => Fold a ServiceError
- _TagPolicyException :: AsError a => Fold a ServiceError
- _ThrottlingException :: AsError a => Fold a ServiceError
- _TooManyTagsException :: AsError a => Fold a ServiceError
- _ValidationException :: AsError a => Fold a ServiceError
- newtype CertificateStatus where
- CertificateStatus' { }
- pattern CertificateStatus_EXPIRED :: CertificateStatus
- pattern CertificateStatus_FAILED :: CertificateStatus
- pattern CertificateStatus_INACTIVE :: CertificateStatus
- pattern CertificateStatus_ISSUED :: CertificateStatus
- pattern CertificateStatus_PENDING_VALIDATION :: CertificateStatus
- pattern CertificateStatus_REVOKED :: CertificateStatus
- pattern CertificateStatus_VALIDATION_TIMED_OUT :: CertificateStatus
- newtype CertificateTransparencyLoggingPreference where
- newtype CertificateType where
- CertificateType' { }
- pattern CertificateType_AMAZON_ISSUED :: CertificateType
- pattern CertificateType_IMPORTED :: CertificateType
- pattern CertificateType_PRIVATE :: CertificateType
- newtype DomainStatus where
- DomainStatus' { }
- pattern DomainStatus_FAILED :: DomainStatus
- pattern DomainStatus_PENDING_VALIDATION :: DomainStatus
- pattern DomainStatus_SUCCESS :: DomainStatus
- newtype ExtendedKeyUsageName where
- ExtendedKeyUsageName' { }
- pattern ExtendedKeyUsageName_ANY :: ExtendedKeyUsageName
- pattern ExtendedKeyUsageName_CODE_SIGNING :: ExtendedKeyUsageName
- pattern ExtendedKeyUsageName_CUSTOM :: ExtendedKeyUsageName
- pattern ExtendedKeyUsageName_EMAIL_PROTECTION :: ExtendedKeyUsageName
- pattern ExtendedKeyUsageName_IPSEC_END_SYSTEM :: ExtendedKeyUsageName
- pattern ExtendedKeyUsageName_IPSEC_TUNNEL :: ExtendedKeyUsageName
- pattern ExtendedKeyUsageName_IPSEC_USER :: ExtendedKeyUsageName
- pattern ExtendedKeyUsageName_NONE :: ExtendedKeyUsageName
- pattern ExtendedKeyUsageName_OCSP_SIGNING :: ExtendedKeyUsageName
- pattern ExtendedKeyUsageName_TIME_STAMPING :: ExtendedKeyUsageName
- pattern ExtendedKeyUsageName_TLS_WEB_CLIENT_AUTHENTICATION :: ExtendedKeyUsageName
- pattern ExtendedKeyUsageName_TLS_WEB_SERVER_AUTHENTICATION :: ExtendedKeyUsageName
- newtype FailureReason where
- FailureReason' { }
- pattern FailureReason_ADDITIONAL_VERIFICATION_REQUIRED :: FailureReason
- pattern FailureReason_CAA_ERROR :: FailureReason
- pattern FailureReason_DOMAIN_NOT_ALLOWED :: FailureReason
- pattern FailureReason_DOMAIN_VALIDATION_DENIED :: FailureReason
- pattern FailureReason_INVALID_PUBLIC_DOMAIN :: FailureReason
- pattern FailureReason_NO_AVAILABLE_CONTACTS :: FailureReason
- pattern FailureReason_OTHER :: FailureReason
- pattern FailureReason_PCA_ACCESS_DENIED :: FailureReason
- pattern FailureReason_PCA_INVALID_ARGS :: FailureReason
- pattern FailureReason_PCA_INVALID_ARN :: FailureReason
- pattern FailureReason_PCA_INVALID_DURATION :: FailureReason
- pattern FailureReason_PCA_INVALID_STATE :: FailureReason
- pattern FailureReason_PCA_LIMIT_EXCEEDED :: FailureReason
- pattern FailureReason_PCA_NAME_CONSTRAINTS_VALIDATION :: FailureReason
- pattern FailureReason_PCA_REQUEST_FAILED :: FailureReason
- pattern FailureReason_PCA_RESOURCE_NOT_FOUND :: FailureReason
- pattern FailureReason_SLR_NOT_FOUND :: FailureReason
- newtype KeyAlgorithm where
- KeyAlgorithm' { }
- pattern KeyAlgorithm_EC_prime256v1 :: KeyAlgorithm
- pattern KeyAlgorithm_EC_secp384r1 :: KeyAlgorithm
- pattern KeyAlgorithm_EC_secp521r1 :: KeyAlgorithm
- pattern KeyAlgorithm_RSA_1024 :: KeyAlgorithm
- pattern KeyAlgorithm_RSA_2048 :: KeyAlgorithm
- pattern KeyAlgorithm_RSA_3072 :: KeyAlgorithm
- pattern KeyAlgorithm_RSA_4096 :: KeyAlgorithm
- newtype KeyUsageName where
- KeyUsageName' { }
- pattern KeyUsageName_ANY :: KeyUsageName
- pattern KeyUsageName_CERTIFICATE_SIGNING :: KeyUsageName
- pattern KeyUsageName_CRL_SIGNING :: KeyUsageName
- pattern KeyUsageName_CUSTOM :: KeyUsageName
- pattern KeyUsageName_DATA_ENCIPHERMENT :: KeyUsageName
- pattern KeyUsageName_DECIPHER_ONLY :: KeyUsageName
- pattern KeyUsageName_DIGITAL_SIGNATURE :: KeyUsageName
- pattern KeyUsageName_ENCIPHER_ONLY :: KeyUsageName
- pattern KeyUsageName_KEY_AGREEMENT :: KeyUsageName
- pattern KeyUsageName_KEY_ENCIPHERMENT :: KeyUsageName
- pattern KeyUsageName_NON_REPUDIATION :: KeyUsageName
- newtype RecordType where
- RecordType' { }
- pattern RecordType_CNAME :: RecordType
- newtype RenewalEligibility where
- newtype RenewalStatus where
- RenewalStatus' { }
- pattern RenewalStatus_FAILED :: RenewalStatus
- pattern RenewalStatus_PENDING_AUTO_RENEWAL :: RenewalStatus
- pattern RenewalStatus_PENDING_VALIDATION :: RenewalStatus
- pattern RenewalStatus_SUCCESS :: RenewalStatus
- newtype RevocationReason where
- RevocationReason' { }
- pattern RevocationReason_AFFILIATION_CHANGED :: RevocationReason
- pattern RevocationReason_A_A_COMPROMISE :: RevocationReason
- pattern RevocationReason_CA_COMPROMISE :: RevocationReason
- pattern RevocationReason_CERTIFICATE_HOLD :: RevocationReason
- pattern RevocationReason_CESSATION_OF_OPERATION :: RevocationReason
- pattern RevocationReason_KEY_COMPROMISE :: RevocationReason
- pattern RevocationReason_PRIVILEGE_WITHDRAWN :: RevocationReason
- pattern RevocationReason_REMOVE_FROM_CRL :: RevocationReason
- pattern RevocationReason_SUPERCEDED :: RevocationReason
- pattern RevocationReason_UNSPECIFIED :: RevocationReason
- newtype SortBy where
- SortBy' {
- fromSortBy :: Text
- pattern SortBy_CREATED_AT :: SortBy
- SortBy' {
- newtype SortOrder where
- SortOrder' { }
- pattern SortOrder_ASCENDING :: SortOrder
- pattern SortOrder_DESCENDING :: SortOrder
- newtype ValidationMethod where
- ValidationMethod' { }
- pattern ValidationMethod_DNS :: ValidationMethod
- pattern ValidationMethod_EMAIL :: ValidationMethod
- data CertificateDetail = CertificateDetail' {
- certificateArn :: Maybe Text
- certificateAuthorityArn :: Maybe Text
- createdAt :: Maybe POSIX
- domainName :: Maybe Text
- domainValidationOptions :: Maybe (NonEmpty DomainValidation)
- extendedKeyUsages :: Maybe [ExtendedKeyUsage]
- failureReason :: Maybe FailureReason
- importedAt :: Maybe POSIX
- inUseBy :: Maybe [Text]
- issuedAt :: Maybe POSIX
- issuer :: Maybe Text
- keyAlgorithm :: Maybe KeyAlgorithm
- keyUsages :: Maybe [KeyUsage]
- notAfter :: Maybe POSIX
- notBefore :: Maybe POSIX
- options :: Maybe CertificateOptions
- renewalEligibility :: Maybe RenewalEligibility
- renewalSummary :: Maybe RenewalSummary
- revocationReason :: Maybe RevocationReason
- revokedAt :: Maybe POSIX
- serial :: Maybe Text
- signatureAlgorithm :: Maybe Text
- status :: Maybe CertificateStatus
- subject :: Maybe Text
- subjectAlternativeNames :: Maybe (NonEmpty Text)
- type' :: Maybe CertificateType
- newCertificateDetail :: CertificateDetail
- certificateDetail_certificateArn :: Lens' CertificateDetail (Maybe Text)
- certificateDetail_certificateAuthorityArn :: Lens' CertificateDetail (Maybe Text)
- certificateDetail_createdAt :: Lens' CertificateDetail (Maybe UTCTime)
- certificateDetail_domainName :: Lens' CertificateDetail (Maybe Text)
- certificateDetail_domainValidationOptions :: Lens' CertificateDetail (Maybe (NonEmpty DomainValidation))
- certificateDetail_extendedKeyUsages :: Lens' CertificateDetail (Maybe [ExtendedKeyUsage])
- certificateDetail_failureReason :: Lens' CertificateDetail (Maybe FailureReason)
- certificateDetail_importedAt :: Lens' CertificateDetail (Maybe UTCTime)
- certificateDetail_inUseBy :: Lens' CertificateDetail (Maybe [Text])
- certificateDetail_issuedAt :: Lens' CertificateDetail (Maybe UTCTime)
- certificateDetail_issuer :: Lens' CertificateDetail (Maybe Text)
- certificateDetail_keyAlgorithm :: Lens' CertificateDetail (Maybe KeyAlgorithm)
- certificateDetail_keyUsages :: Lens' CertificateDetail (Maybe [KeyUsage])
- certificateDetail_notAfter :: Lens' CertificateDetail (Maybe UTCTime)
- certificateDetail_notBefore :: Lens' CertificateDetail (Maybe UTCTime)
- certificateDetail_options :: Lens' CertificateDetail (Maybe CertificateOptions)
- certificateDetail_renewalEligibility :: Lens' CertificateDetail (Maybe RenewalEligibility)
- certificateDetail_renewalSummary :: Lens' CertificateDetail (Maybe RenewalSummary)
- certificateDetail_revocationReason :: Lens' CertificateDetail (Maybe RevocationReason)
- certificateDetail_revokedAt :: Lens' CertificateDetail (Maybe UTCTime)
- certificateDetail_serial :: Lens' CertificateDetail (Maybe Text)
- certificateDetail_signatureAlgorithm :: Lens' CertificateDetail (Maybe Text)
- certificateDetail_status :: Lens' CertificateDetail (Maybe CertificateStatus)
- certificateDetail_subject :: Lens' CertificateDetail (Maybe Text)
- certificateDetail_subjectAlternativeNames :: Lens' CertificateDetail (Maybe (NonEmpty Text))
- certificateDetail_type :: Lens' CertificateDetail (Maybe CertificateType)
- data CertificateOptions = CertificateOptions' {}
- newCertificateOptions :: CertificateOptions
- certificateOptions_certificateTransparencyLoggingPreference :: Lens' CertificateOptions (Maybe CertificateTransparencyLoggingPreference)
- data CertificateSummary = CertificateSummary' {
- certificateArn :: Maybe Text
- createdAt :: Maybe POSIX
- domainName :: Maybe Text
- exported :: Maybe Bool
- extendedKeyUsages :: Maybe [ExtendedKeyUsageName]
- hasAdditionalSubjectAlternativeNames :: Maybe Bool
- importedAt :: Maybe POSIX
- inUse :: Maybe Bool
- issuedAt :: Maybe POSIX
- keyAlgorithm :: Maybe KeyAlgorithm
- keyUsages :: Maybe [KeyUsageName]
- notAfter :: Maybe POSIX
- notBefore :: Maybe POSIX
- renewalEligibility :: Maybe RenewalEligibility
- revokedAt :: Maybe POSIX
- status :: Maybe CertificateStatus
- subjectAlternativeNameSummaries :: Maybe (NonEmpty Text)
- type' :: Maybe CertificateType
- newCertificateSummary :: CertificateSummary
- certificateSummary_certificateArn :: Lens' CertificateSummary (Maybe Text)
- certificateSummary_createdAt :: Lens' CertificateSummary (Maybe UTCTime)
- certificateSummary_domainName :: Lens' CertificateSummary (Maybe Text)
- certificateSummary_exported :: Lens' CertificateSummary (Maybe Bool)
- certificateSummary_extendedKeyUsages :: Lens' CertificateSummary (Maybe [ExtendedKeyUsageName])
- certificateSummary_hasAdditionalSubjectAlternativeNames :: Lens' CertificateSummary (Maybe Bool)
- certificateSummary_importedAt :: Lens' CertificateSummary (Maybe UTCTime)
- certificateSummary_inUse :: Lens' CertificateSummary (Maybe Bool)
- certificateSummary_issuedAt :: Lens' CertificateSummary (Maybe UTCTime)
- certificateSummary_keyAlgorithm :: Lens' CertificateSummary (Maybe KeyAlgorithm)
- certificateSummary_keyUsages :: Lens' CertificateSummary (Maybe [KeyUsageName])
- certificateSummary_notAfter :: Lens' CertificateSummary (Maybe UTCTime)
- certificateSummary_notBefore :: Lens' CertificateSummary (Maybe UTCTime)
- certificateSummary_renewalEligibility :: Lens' CertificateSummary (Maybe RenewalEligibility)
- certificateSummary_revokedAt :: Lens' CertificateSummary (Maybe UTCTime)
- certificateSummary_status :: Lens' CertificateSummary (Maybe CertificateStatus)
- certificateSummary_subjectAlternativeNameSummaries :: Lens' CertificateSummary (Maybe (NonEmpty Text))
- certificateSummary_type :: Lens' CertificateSummary (Maybe CertificateType)
- data DomainValidation = DomainValidation' {}
- newDomainValidation :: Text -> DomainValidation
- domainValidation_resourceRecord :: Lens' DomainValidation (Maybe ResourceRecord)
- domainValidation_validationDomain :: Lens' DomainValidation (Maybe Text)
- domainValidation_validationEmails :: Lens' DomainValidation (Maybe [Text])
- domainValidation_validationMethod :: Lens' DomainValidation (Maybe ValidationMethod)
- domainValidation_validationStatus :: Lens' DomainValidation (Maybe DomainStatus)
- domainValidation_domainName :: Lens' DomainValidation Text
- data DomainValidationOption = DomainValidationOption' {}
- newDomainValidationOption :: Text -> Text -> DomainValidationOption
- domainValidationOption_domainName :: Lens' DomainValidationOption Text
- domainValidationOption_validationDomain :: Lens' DomainValidationOption Text
- data ExpiryEventsConfiguration = ExpiryEventsConfiguration' {}
- newExpiryEventsConfiguration :: ExpiryEventsConfiguration
- expiryEventsConfiguration_daysBeforeExpiry :: Lens' ExpiryEventsConfiguration (Maybe Natural)
- data ExtendedKeyUsage = ExtendedKeyUsage' {}
- newExtendedKeyUsage :: ExtendedKeyUsage
- extendedKeyUsage_name :: Lens' ExtendedKeyUsage (Maybe ExtendedKeyUsageName)
- extendedKeyUsage_oid :: Lens' ExtendedKeyUsage (Maybe Text)
- data Filters = Filters' {}
- newFilters :: Filters
- filters_extendedKeyUsage :: Lens' Filters (Maybe [ExtendedKeyUsageName])
- filters_keyTypes :: Lens' Filters (Maybe [KeyAlgorithm])
- filters_keyUsage :: Lens' Filters (Maybe [KeyUsageName])
- data KeyUsage = KeyUsage' {}
- newKeyUsage :: KeyUsage
- keyUsage_name :: Lens' KeyUsage (Maybe KeyUsageName)
- data RenewalSummary = RenewalSummary' {}
- newRenewalSummary :: RenewalStatus -> NonEmpty DomainValidation -> UTCTime -> RenewalSummary
- renewalSummary_renewalStatusReason :: Lens' RenewalSummary (Maybe FailureReason)
- renewalSummary_renewalStatus :: Lens' RenewalSummary RenewalStatus
- renewalSummary_domainValidationOptions :: Lens' RenewalSummary (NonEmpty DomainValidation)
- renewalSummary_updatedAt :: Lens' RenewalSummary UTCTime
- data ResourceRecord = ResourceRecord' {}
- newResourceRecord :: Text -> RecordType -> Text -> ResourceRecord
- resourceRecord_name :: Lens' ResourceRecord Text
- resourceRecord_type :: Lens' ResourceRecord RecordType
- resourceRecord_value :: Lens' ResourceRecord Text
- data Tag = Tag' {}
- newTag :: Text -> Tag
- tag_value :: Lens' Tag (Maybe Text)
- tag_key :: Lens' Tag Text
Service Configuration
defaultService :: Service Source #
API version 2015-12-08 of the Amazon Certificate Manager SDK configuration.
Errors
_AccessDeniedException :: AsError a => Fold a ServiceError Source #
You do not have access required to perform this action.
_ConflictException :: AsError a => Fold a ServiceError Source #
You are trying to update a resource or configuration that is already being created or updated. Wait for the previous operation to finish and try again.
_InvalidArgsException :: AsError a => Fold a ServiceError Source #
One or more of of request parameters specified is not valid.
_InvalidArnException :: AsError a => Fold a ServiceError Source #
The requested Amazon Resource Name (ARN) does not refer to an existing resource.
_InvalidDomainValidationOptionsException :: AsError a => Fold a ServiceError Source #
One or more values in the DomainValidationOption structure is incorrect.
_InvalidParameterException :: AsError a => Fold a ServiceError Source #
An input parameter was invalid.
_InvalidStateException :: AsError a => Fold a ServiceError Source #
Processing has reached an invalid state.
_InvalidTagException :: AsError a => Fold a ServiceError Source #
One or both of the values that make up the key-value pair is not valid.
For example, you cannot specify a tag value that begins with aws:.
_LimitExceededException :: AsError a => Fold a ServiceError Source #
An ACM quota has been exceeded.
_RequestInProgressException :: AsError a => Fold a ServiceError Source #
The certificate request is in process and the certificate in your account has not yet been issued.
_ResourceInUseException :: AsError a => Fold a ServiceError Source #
The certificate is in use by another Amazon Web Services service in the caller's account. Remove the association and try again.
_ResourceNotFoundException :: AsError a => Fold a ServiceError Source #
The specified certificate cannot be found in the caller's account or the caller's account cannot be found.
_TagPolicyException :: AsError a => Fold a ServiceError Source #
A specified tag did not comply with an existing tag policy and was rejected.
_ThrottlingException :: AsError a => Fold a ServiceError Source #
The request was denied because it exceeded a quota.
_TooManyTagsException :: AsError a => Fold a ServiceError Source #
The request contains too many tags. Try the request again with fewer tags.
_ValidationException :: AsError a => Fold a ServiceError Source #
The supplied input failed to satisfy constraints of an Amazon Web Services service.
CertificateStatus
newtype CertificateStatus Source #
Constructors
| CertificateStatus' | |
Fields | |
Bundled Patterns
| pattern CertificateStatus_EXPIRED :: CertificateStatus | |
| pattern CertificateStatus_FAILED :: CertificateStatus | |
| pattern CertificateStatus_INACTIVE :: CertificateStatus | |
| pattern CertificateStatus_ISSUED :: CertificateStatus | |
| pattern CertificateStatus_PENDING_VALIDATION :: CertificateStatus | |
| pattern CertificateStatus_REVOKED :: CertificateStatus | |
| pattern CertificateStatus_VALIDATION_TIMED_OUT :: CertificateStatus |
Instances
CertificateTransparencyLoggingPreference
newtype CertificateTransparencyLoggingPreference Source #
Constructors
| CertificateTransparencyLoggingPreference' | |
Bundled Patterns
Instances
CertificateType
newtype CertificateType Source #
Constructors
| CertificateType' | |
Fields | |
Bundled Patterns
| pattern CertificateType_AMAZON_ISSUED :: CertificateType | |
| pattern CertificateType_IMPORTED :: CertificateType | |
| pattern CertificateType_PRIVATE :: CertificateType |
Instances
DomainStatus
newtype DomainStatus Source #
Constructors
| DomainStatus' | |
Fields | |
Bundled Patterns
| pattern DomainStatus_FAILED :: DomainStatus | |
| pattern DomainStatus_PENDING_VALIDATION :: DomainStatus | |
| pattern DomainStatus_SUCCESS :: DomainStatus |
Instances
ExtendedKeyUsageName
newtype ExtendedKeyUsageName Source #
Constructors
| ExtendedKeyUsageName' | |
Fields | |
Bundled Patterns
Instances
FailureReason
newtype FailureReason Source #
Constructors
| FailureReason' | |
Fields | |
Bundled Patterns
| pattern FailureReason_ADDITIONAL_VERIFICATION_REQUIRED :: FailureReason | |
| pattern FailureReason_CAA_ERROR :: FailureReason | |
| pattern FailureReason_DOMAIN_NOT_ALLOWED :: FailureReason | |
| pattern FailureReason_DOMAIN_VALIDATION_DENIED :: FailureReason | |
| pattern FailureReason_INVALID_PUBLIC_DOMAIN :: FailureReason | |
| pattern FailureReason_NO_AVAILABLE_CONTACTS :: FailureReason | |
| pattern FailureReason_OTHER :: FailureReason | |
| pattern FailureReason_PCA_ACCESS_DENIED :: FailureReason | |
| pattern FailureReason_PCA_INVALID_ARGS :: FailureReason | |
| pattern FailureReason_PCA_INVALID_ARN :: FailureReason | |
| pattern FailureReason_PCA_INVALID_DURATION :: FailureReason | |
| pattern FailureReason_PCA_INVALID_STATE :: FailureReason | |
| pattern FailureReason_PCA_LIMIT_EXCEEDED :: FailureReason | |
| pattern FailureReason_PCA_NAME_CONSTRAINTS_VALIDATION :: FailureReason | |
| pattern FailureReason_PCA_REQUEST_FAILED :: FailureReason | |
| pattern FailureReason_PCA_RESOURCE_NOT_FOUND :: FailureReason | |
| pattern FailureReason_SLR_NOT_FOUND :: FailureReason |
Instances
KeyAlgorithm
newtype KeyAlgorithm Source #
Constructors
| KeyAlgorithm' | |
Fields | |
Bundled Patterns
| pattern KeyAlgorithm_EC_prime256v1 :: KeyAlgorithm | |
| pattern KeyAlgorithm_EC_secp384r1 :: KeyAlgorithm | |
| pattern KeyAlgorithm_EC_secp521r1 :: KeyAlgorithm | |
| pattern KeyAlgorithm_RSA_1024 :: KeyAlgorithm | |
| pattern KeyAlgorithm_RSA_2048 :: KeyAlgorithm | |
| pattern KeyAlgorithm_RSA_3072 :: KeyAlgorithm | |
| pattern KeyAlgorithm_RSA_4096 :: KeyAlgorithm |
Instances
KeyUsageName
newtype KeyUsageName Source #
Constructors
| KeyUsageName' | |
Fields | |
Bundled Patterns
| pattern KeyUsageName_ANY :: KeyUsageName | |
| pattern KeyUsageName_CERTIFICATE_SIGNING :: KeyUsageName | |
| pattern KeyUsageName_CRL_SIGNING :: KeyUsageName | |
| pattern KeyUsageName_CUSTOM :: KeyUsageName | |
| pattern KeyUsageName_DATA_ENCIPHERMENT :: KeyUsageName | |
| pattern KeyUsageName_DECIPHER_ONLY :: KeyUsageName | |
| pattern KeyUsageName_DIGITAL_SIGNATURE :: KeyUsageName | |
| pattern KeyUsageName_ENCIPHER_ONLY :: KeyUsageName | |
| pattern KeyUsageName_KEY_AGREEMENT :: KeyUsageName | |
| pattern KeyUsageName_KEY_ENCIPHERMENT :: KeyUsageName | |
| pattern KeyUsageName_NON_REPUDIATION :: KeyUsageName |
Instances
RecordType
newtype RecordType Source #
Constructors
| RecordType' | |
Fields | |
Bundled Patterns
| pattern RecordType_CNAME :: RecordType |
Instances
RenewalEligibility
newtype RenewalEligibility Source #
Constructors
| RenewalEligibility' | |
Fields | |
Bundled Patterns
| pattern RenewalEligibility_ELIGIBLE :: RenewalEligibility | |
| pattern RenewalEligibility_INELIGIBLE :: RenewalEligibility |
Instances
RenewalStatus
newtype RenewalStatus Source #
Constructors
| RenewalStatus' | |
Fields | |
Bundled Patterns
| pattern RenewalStatus_FAILED :: RenewalStatus | |
| pattern RenewalStatus_PENDING_AUTO_RENEWAL :: RenewalStatus | |
| pattern RenewalStatus_PENDING_VALIDATION :: RenewalStatus | |
| pattern RenewalStatus_SUCCESS :: RenewalStatus |
Instances
RevocationReason
newtype RevocationReason Source #
Constructors
| RevocationReason' | |
Fields | |
Bundled Patterns
| pattern RevocationReason_AFFILIATION_CHANGED :: RevocationReason | |
| pattern RevocationReason_A_A_COMPROMISE :: RevocationReason | |
| pattern RevocationReason_CA_COMPROMISE :: RevocationReason | |
| pattern RevocationReason_CERTIFICATE_HOLD :: RevocationReason | |
| pattern RevocationReason_CESSATION_OF_OPERATION :: RevocationReason | |
| pattern RevocationReason_KEY_COMPROMISE :: RevocationReason | |
| pattern RevocationReason_PRIVILEGE_WITHDRAWN :: RevocationReason | |
| pattern RevocationReason_REMOVE_FROM_CRL :: RevocationReason | |
| pattern RevocationReason_SUPERCEDED :: RevocationReason | |
| pattern RevocationReason_UNSPECIFIED :: RevocationReason |
Instances
SortBy
Constructors
| SortBy' | |
Fields
| |
Bundled Patterns
| pattern SortBy_CREATED_AT :: SortBy |
Instances
SortOrder
Constructors
| SortOrder' | |
Fields | |
Bundled Patterns
| pattern SortOrder_ASCENDING :: SortOrder | |
| pattern SortOrder_DESCENDING :: SortOrder |
Instances
ValidationMethod
newtype ValidationMethod Source #
Constructors
| ValidationMethod' | |
Fields | |
Bundled Patterns
| pattern ValidationMethod_DNS :: ValidationMethod | |
| pattern ValidationMethod_EMAIL :: ValidationMethod |
Instances
CertificateDetail
data CertificateDetail Source #
Contains metadata about an ACM certificate. This structure is returned in the response to a DescribeCertificate request.
See: newCertificateDetail smart constructor.
Constructors
| CertificateDetail' | |
Fields
| |
Instances
newCertificateDetail :: CertificateDetail Source #
Create a value of CertificateDetail with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:certificateArn:CertificateDetail', certificateDetail_certificateArn - The Amazon Resource Name (ARN) of the certificate. For more information
about ARNs, see
Amazon Resource Names (ARNs)
in the Amazon Web Services General Reference.
$sel:certificateAuthorityArn:CertificateDetail', certificateDetail_certificateAuthorityArn - The Amazon Resource Name (ARN) of the private certificate authority (CA)
that issued the certificate. This has the following format:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
$sel:createdAt:CertificateDetail', certificateDetail_createdAt - The time at which the certificate was requested.
CertificateDetail, certificateDetail_domainName - The fully qualified domain name for the certificate, such as
www.example.com or example.com.
CertificateDetail, certificateDetail_domainValidationOptions - Contains information about the initial validation of each domain name
that occurs as a result of the RequestCertificate request. This field
exists only when the certificate type is AMAZON_ISSUED.
$sel:extendedKeyUsages:CertificateDetail', certificateDetail_extendedKeyUsages - Contains a list of Extended Key Usage X.509 v3 extension objects. Each
object specifies a purpose for which the certificate public key can be
used and consists of a name and an object identifier (OID).
$sel:failureReason:CertificateDetail', certificateDetail_failureReason - The reason the certificate request failed. This value exists only when
the certificate status is FAILED. For more information, see
Certificate Request Failed
in the Certificate Manager User Guide.
$sel:importedAt:CertificateDetail', certificateDetail_importedAt - The date and time when the certificate was imported. This value exists
only when the certificate type is IMPORTED.
$sel:inUseBy:CertificateDetail', certificateDetail_inUseBy - A list of ARNs for the Amazon Web Services resources that are using the
certificate. A certificate can be used by multiple Amazon Web Services
resources.
$sel:issuedAt:CertificateDetail', certificateDetail_issuedAt - The time at which the certificate was issued. This value exists only
when the certificate type is AMAZON_ISSUED.
$sel:issuer:CertificateDetail', certificateDetail_issuer - The name of the certificate authority that issued and signed the
certificate.
$sel:keyAlgorithm:CertificateDetail', certificateDetail_keyAlgorithm - The algorithm that was used to generate the public-private key pair.
$sel:keyUsages:CertificateDetail', certificateDetail_keyUsages - A list of Key Usage X.509 v3 extension objects. Each object is a string
value that identifies the purpose of the public key contained in the
certificate. Possible extension values include DIGITAL_SIGNATURE,
KEY_ENCHIPHERMENT, NON_REPUDIATION, and more.
$sel:notAfter:CertificateDetail', certificateDetail_notAfter - The time after which the certificate is not valid.
$sel:notBefore:CertificateDetail', certificateDetail_notBefore - The time before which the certificate is not valid.
$sel:options:CertificateDetail', certificateDetail_options - Value that specifies whether to add the certificate to a transparency
log. Certificate transparency makes it possible to detect SSL
certificates that have been mistakenly or maliciously issued. A browser
might respond to certificate that has not been logged by showing an
error message. The logs are cryptographically secure.
$sel:renewalEligibility:CertificateDetail', certificateDetail_renewalEligibility - Specifies whether the certificate is eligible for renewal. At this time,
only exported private certificates can be renewed with the
RenewCertificate command.
$sel:renewalSummary:CertificateDetail', certificateDetail_renewalSummary - Contains information about the status of ACM's
managed renewal
for the certificate. This field exists only when the certificate type is
AMAZON_ISSUED.
$sel:revocationReason:CertificateDetail', certificateDetail_revocationReason - The reason the certificate was revoked. This value exists only when the
certificate status is REVOKED.
$sel:revokedAt:CertificateDetail', certificateDetail_revokedAt - The time at which the certificate was revoked. This value exists only
when the certificate status is REVOKED.
$sel:serial:CertificateDetail', certificateDetail_serial - The serial number of the certificate.
$sel:signatureAlgorithm:CertificateDetail', certificateDetail_signatureAlgorithm - The algorithm that was used to sign the certificate.
$sel:status:CertificateDetail', certificateDetail_status - The status of the certificate.
A certificate enters status PENDING_VALIDATION upon being requested, unless it fails for any of the reasons given in the troubleshooting topic Certificate request fails. ACM makes repeated attempts to validate a certificate for 72 hours and then times out. If a certificate shows status FAILED or VALIDATION_TIMED_OUT, delete the request, correct the issue with DNS validation or Email validation, and try again. If validation succeeds, the certificate enters status ISSUED.
$sel:subject:CertificateDetail', certificateDetail_subject - The name of the entity that is associated with the public key contained
in the certificate.
$sel:subjectAlternativeNames:CertificateDetail', certificateDetail_subjectAlternativeNames - One or more domain names (subject alternative names) included in the
certificate. This list contains the domain names that are bound to the
public key that is contained in the certificate. The subject alternative
names include the canonical domain name (CN) of the certificate and
additional domain names that can be used to connect to the website.
$sel:type':CertificateDetail', certificateDetail_type - The source of the certificate. For certificates provided by ACM, this
value is AMAZON_ISSUED. For certificates that you imported with
ImportCertificate, this value is IMPORTED. ACM does not provide
managed renewal
for imported certificates. For more information about the differences
between certificates that you import and those that ACM provides, see
Importing Certificates
in the Certificate Manager User Guide.
certificateDetail_certificateArn :: Lens' CertificateDetail (Maybe Text) Source #
The Amazon Resource Name (ARN) of the certificate. For more information about ARNs, see Amazon Resource Names (ARNs) in the Amazon Web Services General Reference.
certificateDetail_certificateAuthorityArn :: Lens' CertificateDetail (Maybe Text) Source #
The Amazon Resource Name (ARN) of the private certificate authority (CA) that issued the certificate. This has the following format:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
certificateDetail_createdAt :: Lens' CertificateDetail (Maybe UTCTime) Source #
The time at which the certificate was requested.
certificateDetail_domainName :: Lens' CertificateDetail (Maybe Text) Source #
The fully qualified domain name for the certificate, such as www.example.com or example.com.
certificateDetail_domainValidationOptions :: Lens' CertificateDetail (Maybe (NonEmpty DomainValidation)) Source #
Contains information about the initial validation of each domain name
that occurs as a result of the RequestCertificate request. This field
exists only when the certificate type is AMAZON_ISSUED.
certificateDetail_extendedKeyUsages :: Lens' CertificateDetail (Maybe [ExtendedKeyUsage]) Source #
Contains a list of Extended Key Usage X.509 v3 extension objects. Each object specifies a purpose for which the certificate public key can be used and consists of a name and an object identifier (OID).
certificateDetail_failureReason :: Lens' CertificateDetail (Maybe FailureReason) Source #
The reason the certificate request failed. This value exists only when
the certificate status is FAILED. For more information, see
Certificate Request Failed
in the Certificate Manager User Guide.
certificateDetail_importedAt :: Lens' CertificateDetail (Maybe UTCTime) Source #
The date and time when the certificate was imported. This value exists
only when the certificate type is IMPORTED.
certificateDetail_inUseBy :: Lens' CertificateDetail (Maybe [Text]) Source #
A list of ARNs for the Amazon Web Services resources that are using the certificate. A certificate can be used by multiple Amazon Web Services resources.
certificateDetail_issuedAt :: Lens' CertificateDetail (Maybe UTCTime) Source #
The time at which the certificate was issued. This value exists only
when the certificate type is AMAZON_ISSUED.
certificateDetail_issuer :: Lens' CertificateDetail (Maybe Text) Source #
The name of the certificate authority that issued and signed the certificate.
certificateDetail_keyAlgorithm :: Lens' CertificateDetail (Maybe KeyAlgorithm) Source #
The algorithm that was used to generate the public-private key pair.
certificateDetail_keyUsages :: Lens' CertificateDetail (Maybe [KeyUsage]) Source #
A list of Key Usage X.509 v3 extension objects. Each object is a string value that identifies the purpose of the public key contained in the certificate. Possible extension values include DIGITAL_SIGNATURE, KEY_ENCHIPHERMENT, NON_REPUDIATION, and more.
certificateDetail_notAfter :: Lens' CertificateDetail (Maybe UTCTime) Source #
The time after which the certificate is not valid.
certificateDetail_notBefore :: Lens' CertificateDetail (Maybe UTCTime) Source #
The time before which the certificate is not valid.
certificateDetail_options :: Lens' CertificateDetail (Maybe CertificateOptions) Source #
Value that specifies whether to add the certificate to a transparency log. Certificate transparency makes it possible to detect SSL certificates that have been mistakenly or maliciously issued. A browser might respond to certificate that has not been logged by showing an error message. The logs are cryptographically secure.
certificateDetail_renewalEligibility :: Lens' CertificateDetail (Maybe RenewalEligibility) Source #
Specifies whether the certificate is eligible for renewal. At this time, only exported private certificates can be renewed with the RenewCertificate command.
certificateDetail_renewalSummary :: Lens' CertificateDetail (Maybe RenewalSummary) Source #
Contains information about the status of ACM's
managed renewal
for the certificate. This field exists only when the certificate type is
AMAZON_ISSUED.
certificateDetail_revocationReason :: Lens' CertificateDetail (Maybe RevocationReason) Source #
The reason the certificate was revoked. This value exists only when the
certificate status is REVOKED.
certificateDetail_revokedAt :: Lens' CertificateDetail (Maybe UTCTime) Source #
The time at which the certificate was revoked. This value exists only
when the certificate status is REVOKED.
certificateDetail_serial :: Lens' CertificateDetail (Maybe Text) Source #
The serial number of the certificate.
certificateDetail_signatureAlgorithm :: Lens' CertificateDetail (Maybe Text) Source #
The algorithm that was used to sign the certificate.
certificateDetail_status :: Lens' CertificateDetail (Maybe CertificateStatus) Source #
The status of the certificate.
A certificate enters status PENDING_VALIDATION upon being requested, unless it fails for any of the reasons given in the troubleshooting topic Certificate request fails. ACM makes repeated attempts to validate a certificate for 72 hours and then times out. If a certificate shows status FAILED or VALIDATION_TIMED_OUT, delete the request, correct the issue with DNS validation or Email validation, and try again. If validation succeeds, the certificate enters status ISSUED.
certificateDetail_subject :: Lens' CertificateDetail (Maybe Text) Source #
The name of the entity that is associated with the public key contained in the certificate.
certificateDetail_subjectAlternativeNames :: Lens' CertificateDetail (Maybe (NonEmpty Text)) Source #
One or more domain names (subject alternative names) included in the certificate. This list contains the domain names that are bound to the public key that is contained in the certificate. The subject alternative names include the canonical domain name (CN) of the certificate and additional domain names that can be used to connect to the website.
certificateDetail_type :: Lens' CertificateDetail (Maybe CertificateType) Source #
The source of the certificate. For certificates provided by ACM, this
value is AMAZON_ISSUED. For certificates that you imported with
ImportCertificate, this value is IMPORTED. ACM does not provide
managed renewal
for imported certificates. For more information about the differences
between certificates that you import and those that ACM provides, see
Importing Certificates
in the Certificate Manager User Guide.
CertificateOptions
data CertificateOptions Source #
Structure that contains options for your certificate. Currently, you can use this only to specify whether to opt in to or out of certificate transparency logging. Some browsers require that public certificates issued for your domain be recorded in a log. Certificates that are not logged typically generate a browser error. Transparency makes it possible for you to detect SSL/TLS certificates that have been mistakenly or maliciously issued for your domain. For general information, see Certificate Transparency Logging.
See: newCertificateOptions smart constructor.
Constructors
| CertificateOptions' | |
Fields
| |
Instances
newCertificateOptions :: CertificateOptions Source #
Create a value of CertificateOptions with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:certificateTransparencyLoggingPreference:CertificateOptions', certificateOptions_certificateTransparencyLoggingPreference - You can opt out of certificate transparency logging by specifying the
DISABLED option. Opt in by specifying ENABLED.
certificateOptions_certificateTransparencyLoggingPreference :: Lens' CertificateOptions (Maybe CertificateTransparencyLoggingPreference) Source #
You can opt out of certificate transparency logging by specifying the
DISABLED option. Opt in by specifying ENABLED.
CertificateSummary
data CertificateSummary Source #
This structure is returned in the response object of ListCertificates action.
See: newCertificateSummary smart constructor.
Constructors
| CertificateSummary' | |
Fields
| |
Instances
newCertificateSummary :: CertificateSummary Source #
Create a value of CertificateSummary with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:certificateArn:CertificateSummary', certificateSummary_certificateArn - Amazon Resource Name (ARN) of the certificate. This is of the form:
arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012
For more information about ARNs, see Amazon Resource Names (ARNs).
$sel:createdAt:CertificateSummary', certificateSummary_createdAt - The time at which the certificate was requested.
$sel:domainName:CertificateSummary', certificateSummary_domainName - Fully qualified domain name (FQDN), such as www.example.com or
example.com, for the certificate.
$sel:exported:CertificateSummary', certificateSummary_exported - Indicates whether the certificate has been exported. This value exists
only when the certificate type is PRIVATE.
$sel:extendedKeyUsages:CertificateSummary', certificateSummary_extendedKeyUsages - Contains a list of Extended Key Usage X.509 v3 extension objects. Each
object specifies a purpose for which the certificate public key can be
used and consists of a name and an object identifier (OID).
$sel:hasAdditionalSubjectAlternativeNames:CertificateSummary', certificateSummary_hasAdditionalSubjectAlternativeNames - When called by
ListCertificates,
indicates whether the full list of subject alternative names has been
included in the response. If false, the response includes all of the
subject alternative names included in the certificate. If true, the
response only includes the first 100 subject alternative names included
in the certificate. To display the full list of subject alternative
names, use
DescribeCertificate.
$sel:importedAt:CertificateSummary', certificateSummary_importedAt - The date and time when the certificate was imported. This value exists
only when the certificate type is IMPORTED.
$sel:inUse:CertificateSummary', certificateSummary_inUse - Indicates whether the certificate is currently in use by any Amazon Web
Services resources.
$sel:issuedAt:CertificateSummary', certificateSummary_issuedAt - The time at which the certificate was issued. This value exists only
when the certificate type is AMAZON_ISSUED.
$sel:keyAlgorithm:CertificateSummary', certificateSummary_keyAlgorithm - The algorithm that was used to generate the public-private key pair.
$sel:keyUsages:CertificateSummary', certificateSummary_keyUsages - A list of Key Usage X.509 v3 extension objects. Each object is a string
value that identifies the purpose of the public key contained in the
certificate. Possible extension values include DIGITAL_SIGNATURE,
KEY_ENCHIPHERMENT, NON_REPUDIATION, and more.
$sel:notAfter:CertificateSummary', certificateSummary_notAfter - The time after which the certificate is not valid.
$sel:notBefore:CertificateSummary', certificateSummary_notBefore - The time before which the certificate is not valid.
$sel:renewalEligibility:CertificateSummary', certificateSummary_renewalEligibility - Specifies whether the certificate is eligible for renewal. At this time,
only exported private certificates can be renewed with the
RenewCertificate command.
$sel:revokedAt:CertificateSummary', certificateSummary_revokedAt - The time at which the certificate was revoked. This value exists only
when the certificate status is REVOKED.
$sel:status:CertificateSummary', certificateSummary_status - The status of the certificate.
A certificate enters status PENDING_VALIDATION upon being requested, unless it fails for any of the reasons given in the troubleshooting topic Certificate request fails. ACM makes repeated attempts to validate a certificate for 72 hours and then times out. If a certificate shows status FAILED or VALIDATION_TIMED_OUT, delete the request, correct the issue with DNS validation or Email validation, and try again. If validation succeeds, the certificate enters status ISSUED.
$sel:subjectAlternativeNameSummaries:CertificateSummary', certificateSummary_subjectAlternativeNameSummaries - One or more domain names (subject alternative names) included in the
certificate. This list contains the domain names that are bound to the
public key that is contained in the certificate. The subject alternative
names include the canonical domain name (CN) of the certificate and
additional domain names that can be used to connect to the website.
When called by ListCertificates, this parameter will only return the first 100 subject alternative names included in the certificate. To display the full list of subject alternative names, use DescribeCertificate.
$sel:type':CertificateSummary', certificateSummary_type - The source of the certificate. For certificates provided by ACM, this
value is AMAZON_ISSUED. For certificates that you imported with
ImportCertificate, this value is IMPORTED. ACM does not provide
managed renewal
for imported certificates. For more information about the differences
between certificates that you import and those that ACM provides, see
Importing Certificates
in the Certificate Manager User Guide.
certificateSummary_certificateArn :: Lens' CertificateSummary (Maybe Text) Source #
Amazon Resource Name (ARN) of the certificate. This is of the form:
arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012
For more information about ARNs, see Amazon Resource Names (ARNs).
certificateSummary_createdAt :: Lens' CertificateSummary (Maybe UTCTime) Source #
The time at which the certificate was requested.
certificateSummary_domainName :: Lens' CertificateSummary (Maybe Text) Source #
Fully qualified domain name (FQDN), such as www.example.com or example.com, for the certificate.
certificateSummary_exported :: Lens' CertificateSummary (Maybe Bool) Source #
Indicates whether the certificate has been exported. This value exists
only when the certificate type is PRIVATE.
certificateSummary_extendedKeyUsages :: Lens' CertificateSummary (Maybe [ExtendedKeyUsageName]) Source #
Contains a list of Extended Key Usage X.509 v3 extension objects. Each object specifies a purpose for which the certificate public key can be used and consists of a name and an object identifier (OID).
certificateSummary_hasAdditionalSubjectAlternativeNames :: Lens' CertificateSummary (Maybe Bool) Source #
When called by ListCertificates, indicates whether the full list of subject alternative names has been included in the response. If false, the response includes all of the subject alternative names included in the certificate. If true, the response only includes the first 100 subject alternative names included in the certificate. To display the full list of subject alternative names, use DescribeCertificate.
certificateSummary_importedAt :: Lens' CertificateSummary (Maybe UTCTime) Source #
The date and time when the certificate was imported. This value exists
only when the certificate type is IMPORTED.
certificateSummary_inUse :: Lens' CertificateSummary (Maybe Bool) Source #
Indicates whether the certificate is currently in use by any Amazon Web Services resources.
certificateSummary_issuedAt :: Lens' CertificateSummary (Maybe UTCTime) Source #
The time at which the certificate was issued. This value exists only
when the certificate type is AMAZON_ISSUED.
certificateSummary_keyAlgorithm :: Lens' CertificateSummary (Maybe KeyAlgorithm) Source #
The algorithm that was used to generate the public-private key pair.
certificateSummary_keyUsages :: Lens' CertificateSummary (Maybe [KeyUsageName]) Source #
A list of Key Usage X.509 v3 extension objects. Each object is a string value that identifies the purpose of the public key contained in the certificate. Possible extension values include DIGITAL_SIGNATURE, KEY_ENCHIPHERMENT, NON_REPUDIATION, and more.
certificateSummary_notAfter :: Lens' CertificateSummary (Maybe UTCTime) Source #
The time after which the certificate is not valid.
certificateSummary_notBefore :: Lens' CertificateSummary (Maybe UTCTime) Source #
The time before which the certificate is not valid.
certificateSummary_renewalEligibility :: Lens' CertificateSummary (Maybe RenewalEligibility) Source #
Specifies whether the certificate is eligible for renewal. At this time, only exported private certificates can be renewed with the RenewCertificate command.
certificateSummary_revokedAt :: Lens' CertificateSummary (Maybe UTCTime) Source #
The time at which the certificate was revoked. This value exists only
when the certificate status is REVOKED.
certificateSummary_status :: Lens' CertificateSummary (Maybe CertificateStatus) Source #
The status of the certificate.
A certificate enters status PENDING_VALIDATION upon being requested, unless it fails for any of the reasons given in the troubleshooting topic Certificate request fails. ACM makes repeated attempts to validate a certificate for 72 hours and then times out. If a certificate shows status FAILED or VALIDATION_TIMED_OUT, delete the request, correct the issue with DNS validation or Email validation, and try again. If validation succeeds, the certificate enters status ISSUED.
certificateSummary_subjectAlternativeNameSummaries :: Lens' CertificateSummary (Maybe (NonEmpty Text)) Source #
One or more domain names (subject alternative names) included in the certificate. This list contains the domain names that are bound to the public key that is contained in the certificate. The subject alternative names include the canonical domain name (CN) of the certificate and additional domain names that can be used to connect to the website.
When called by ListCertificates, this parameter will only return the first 100 subject alternative names included in the certificate. To display the full list of subject alternative names, use DescribeCertificate.
certificateSummary_type :: Lens' CertificateSummary (Maybe CertificateType) Source #
The source of the certificate. For certificates provided by ACM, this
value is AMAZON_ISSUED. For certificates that you imported with
ImportCertificate, this value is IMPORTED. ACM does not provide
managed renewal
for imported certificates. For more information about the differences
between certificates that you import and those that ACM provides, see
Importing Certificates
in the Certificate Manager User Guide.
DomainValidation
data DomainValidation Source #
Contains information about the validation of each domain name in the certificate.
See: newDomainValidation smart constructor.
Constructors
| DomainValidation' | |
Fields
| |
Instances
Arguments
| :: Text | |
| -> DomainValidation |
Create a value of DomainValidation with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:resourceRecord:DomainValidation', domainValidation_resourceRecord - Contains the CNAME record that you add to your DNS database for domain
validation. For more information, see
Use DNS to Validate Domain Ownership.
Note: The CNAME information that you need does not include the name of your domain. If you include your domain name in the DNS database CNAME record, validation fails. For example, if the name is "_a79865eb4cd1a6ab990a45779b4e0b96.yourdomain.com", only "_a79865eb4cd1a6ab990a45779b4e0b96" must be used.
$sel:validationDomain:DomainValidation', domainValidation_validationDomain - The domain name that ACM used to send domain validation emails.
$sel:validationEmails:DomainValidation', domainValidation_validationEmails - A list of email addresses that ACM used to send domain validation
emails.
$sel:validationMethod:DomainValidation', domainValidation_validationMethod - Specifies the domain validation method.
$sel:validationStatus:DomainValidation', domainValidation_validationStatus - The validation status of the domain name. This can be one of the
following values:
PENDING_VALIDATION
- SUCCESS
- FAILED
$sel:domainName:DomainValidation', domainValidation_domainName - A fully qualified domain name (FQDN) in the certificate. For example,
www.example.com or example.com.
domainValidation_resourceRecord :: Lens' DomainValidation (Maybe ResourceRecord) Source #
Contains the CNAME record that you add to your DNS database for domain validation. For more information, see Use DNS to Validate Domain Ownership.
Note: The CNAME information that you need does not include the name of your domain. If you include your domain name in the DNS database CNAME record, validation fails. For example, if the name is "_a79865eb4cd1a6ab990a45779b4e0b96.yourdomain.com", only "_a79865eb4cd1a6ab990a45779b4e0b96" must be used.
domainValidation_validationDomain :: Lens' DomainValidation (Maybe Text) Source #
The domain name that ACM used to send domain validation emails.
domainValidation_validationEmails :: Lens' DomainValidation (Maybe [Text]) Source #
A list of email addresses that ACM used to send domain validation emails.
domainValidation_validationMethod :: Lens' DomainValidation (Maybe ValidationMethod) Source #
Specifies the domain validation method.
domainValidation_validationStatus :: Lens' DomainValidation (Maybe DomainStatus) Source #
The validation status of the domain name. This can be one of the following values:
PENDING_VALIDATION
- SUCCESS
- FAILED
domainValidation_domainName :: Lens' DomainValidation Text Source #
A fully qualified domain name (FQDN) in the certificate. For example,
www.example.com or example.com.
DomainValidationOption
data DomainValidationOption Source #
Contains information about the domain names that you want ACM to use to send you emails that enable you to validate domain ownership.
See: newDomainValidationOption smart constructor.
Constructors
| DomainValidationOption' | |
Fields
| |
Instances
newDomainValidationOption Source #
Arguments
| :: Text | |
| -> Text | |
| -> DomainValidationOption |
Create a value of DomainValidationOption with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:domainName:DomainValidationOption', domainValidationOption_domainName - A fully qualified domain name (FQDN) in the certificate request.
$sel:validationDomain:DomainValidationOption', domainValidationOption_validationDomain - The domain name that you want ACM to use to send you validation emails.
This domain name is the suffix of the email addresses that you want ACM
to use. This must be the same as the DomainName value or a superdomain
of the DomainName value. For example, if you request a certificate for
testing.example.com, you can specify example.com for this value. In
that case, ACM sends domain validation emails to the following five
addresses:
- admin@example.com
- administrator@example.com
- hostmaster@example.com
- postmaster@example.com
- webmaster@example.com
domainValidationOption_domainName :: Lens' DomainValidationOption Text Source #
A fully qualified domain name (FQDN) in the certificate request.
domainValidationOption_validationDomain :: Lens' DomainValidationOption Text Source #
The domain name that you want ACM to use to send you validation emails.
This domain name is the suffix of the email addresses that you want ACM
to use. This must be the same as the DomainName value or a superdomain
of the DomainName value. For example, if you request a certificate for
testing.example.com, you can specify example.com for this value. In
that case, ACM sends domain validation emails to the following five
addresses:
- admin@example.com
- administrator@example.com
- hostmaster@example.com
- postmaster@example.com
- webmaster@example.com
ExpiryEventsConfiguration
data ExpiryEventsConfiguration Source #
Object containing expiration events options associated with an Amazon Web Services account.
See: newExpiryEventsConfiguration smart constructor.
Constructors
| ExpiryEventsConfiguration' | |
Fields
| |
Instances
newExpiryEventsConfiguration :: ExpiryEventsConfiguration Source #
Create a value of ExpiryEventsConfiguration with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:daysBeforeExpiry:ExpiryEventsConfiguration', expiryEventsConfiguration_daysBeforeExpiry - Specifies the number of days prior to certificate expiration when ACM
starts generating EventBridge events. ACM sends one event per day per
certificate until the certificate expires. By default, accounts receive
events starting 45 days before certificate expiration.
expiryEventsConfiguration_daysBeforeExpiry :: Lens' ExpiryEventsConfiguration (Maybe Natural) Source #
Specifies the number of days prior to certificate expiration when ACM
starts generating EventBridge events. ACM sends one event per day per
certificate until the certificate expires. By default, accounts receive
events starting 45 days before certificate expiration.
ExtendedKeyUsage
data ExtendedKeyUsage Source #
The Extended Key Usage X.509 v3 extension defines one or more purposes for which the public key can be used. This is in addition to or in place of the basic purposes specified by the Key Usage extension.
See: newExtendedKeyUsage smart constructor.
Constructors
| ExtendedKeyUsage' | |
Fields
| |
Instances
newExtendedKeyUsage :: ExtendedKeyUsage Source #
Create a value of ExtendedKeyUsage with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:name:ExtendedKeyUsage', extendedKeyUsage_name - The name of an Extended Key Usage value.
$sel:oid:ExtendedKeyUsage', extendedKeyUsage_oid - An object identifier (OID) for the extension value. OIDs are strings of
numbers separated by periods. The following OIDs are defined in RFC 3280
and RFC 5280.
1.3.6.1.5.5.7.3.1 (TLS_WEB_SERVER_AUTHENTICATION)
1.3.6.1.5.5.7.3.2 (TLS_WEB_CLIENT_AUTHENTICATION)
1.3.6.1.5.5.7.3.3 (CODE_SIGNING)
1.3.6.1.5.5.7.3.4 (EMAIL_PROTECTION)
1.3.6.1.5.5.7.3.8 (TIME_STAMPING)
1.3.6.1.5.5.7.3.9 (OCSP_SIGNING)
1.3.6.1.5.5.7.3.5 (IPSEC_END_SYSTEM)
1.3.6.1.5.5.7.3.6 (IPSEC_TUNNEL)
1.3.6.1.5.5.7.3.7 (IPSEC_USER)
extendedKeyUsage_name :: Lens' ExtendedKeyUsage (Maybe ExtendedKeyUsageName) Source #
The name of an Extended Key Usage value.
extendedKeyUsage_oid :: Lens' ExtendedKeyUsage (Maybe Text) Source #
An object identifier (OID) for the extension value. OIDs are strings of numbers separated by periods. The following OIDs are defined in RFC 3280 and RFC 5280.
1.3.6.1.5.5.7.3.1 (TLS_WEB_SERVER_AUTHENTICATION)
1.3.6.1.5.5.7.3.2 (TLS_WEB_CLIENT_AUTHENTICATION)
1.3.6.1.5.5.7.3.3 (CODE_SIGNING)
1.3.6.1.5.5.7.3.4 (EMAIL_PROTECTION)
1.3.6.1.5.5.7.3.8 (TIME_STAMPING)
1.3.6.1.5.5.7.3.9 (OCSP_SIGNING)
1.3.6.1.5.5.7.3.5 (IPSEC_END_SYSTEM)
1.3.6.1.5.5.7.3.6 (IPSEC_TUNNEL)
1.3.6.1.5.5.7.3.7 (IPSEC_USER)
Filters
This structure can be used in the ListCertificates action to filter the output of the certificate list.
See: newFilters smart constructor.
Constructors
| Filters' | |
Fields
| |
Instances
| ToJSON Filters Source # | |
Defined in Amazonka.CertificateManager.Types.Filters | |
| Generic Filters Source # | |
| Read Filters Source # | |
| Show Filters Source # | |
| NFData Filters Source # | |
Defined in Amazonka.CertificateManager.Types.Filters | |
| Eq Filters Source # | |
| Hashable Filters Source # | |
Defined in Amazonka.CertificateManager.Types.Filters | |
| type Rep Filters Source # | |
Defined in Amazonka.CertificateManager.Types.Filters type Rep Filters = D1 ('MetaData "Filters" "Amazonka.CertificateManager.Types.Filters" "amazonka-certificatemanager-2.0-CRaDh4gXGsJGb4mnkgvuBR" 'False) (C1 ('MetaCons "Filters'" 'PrefixI 'True) (S1 ('MetaSel ('Just "extendedKeyUsage") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe [ExtendedKeyUsageName])) :*: (S1 ('MetaSel ('Just "keyTypes") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe [KeyAlgorithm])) :*: S1 ('MetaSel ('Just "keyUsage") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe [KeyUsageName]))))) | |
newFilters :: Filters Source #
Create a value of Filters with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:extendedKeyUsage:Filters', filters_extendedKeyUsage - Specify one or more ExtendedKeyUsage extension values.
$sel:keyTypes:Filters', filters_keyTypes - Specify one or more algorithms that can be used to generate key pairs.
Default filtering returns only RSA_1024 and RSA_2048 certificates
that have at least one domain. To return other certificate types,
provide the desired type signatures in a comma-separated list. For
example, "keyTypes": ["RSA_2048","RSA_4096"] returns both
RSA_2048 and RSA_4096 certificates.
$sel:keyUsage:Filters', filters_keyUsage - Specify one or more KeyUsage extension values.
filters_extendedKeyUsage :: Lens' Filters (Maybe [ExtendedKeyUsageName]) Source #
Specify one or more ExtendedKeyUsage extension values.
filters_keyTypes :: Lens' Filters (Maybe [KeyAlgorithm]) Source #
Specify one or more algorithms that can be used to generate key pairs.
Default filtering returns only RSA_1024 and RSA_2048 certificates
that have at least one domain. To return other certificate types,
provide the desired type signatures in a comma-separated list. For
example, "keyTypes": ["RSA_2048","RSA_4096"] returns both
RSA_2048 and RSA_4096 certificates.
filters_keyUsage :: Lens' Filters (Maybe [KeyUsageName]) Source #
Specify one or more KeyUsage extension values.
KeyUsage
The Key Usage X.509 v3 extension defines the purpose of the public key contained in the certificate.
See: newKeyUsage smart constructor.
Constructors
| KeyUsage' | |
Fields
| |
Instances
| FromJSON KeyUsage Source # | |
| Generic KeyUsage Source # | |
| Read KeyUsage Source # | |
| Show KeyUsage Source # | |
| NFData KeyUsage Source # | |
Defined in Amazonka.CertificateManager.Types.KeyUsage | |
| Eq KeyUsage Source # | |
| Hashable KeyUsage Source # | |
Defined in Amazonka.CertificateManager.Types.KeyUsage | |
| type Rep KeyUsage Source # | |
Defined in Amazonka.CertificateManager.Types.KeyUsage type Rep KeyUsage = D1 ('MetaData "KeyUsage" "Amazonka.CertificateManager.Types.KeyUsage" "amazonka-certificatemanager-2.0-CRaDh4gXGsJGb4mnkgvuBR" 'False) (C1 ('MetaCons "KeyUsage'" 'PrefixI 'True) (S1 ('MetaSel ('Just "name") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe KeyUsageName)))) | |
newKeyUsage :: KeyUsage Source #
Create a value of KeyUsage with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:name:KeyUsage', keyUsage_name - A string value that contains a Key Usage extension name.
keyUsage_name :: Lens' KeyUsage (Maybe KeyUsageName) Source #
A string value that contains a Key Usage extension name.
RenewalSummary
data RenewalSummary Source #
Contains information about the status of ACM's
managed renewal
for the certificate. This structure exists only when the certificate
type is AMAZON_ISSUED.
See: newRenewalSummary smart constructor.
Constructors
| RenewalSummary' | |
Fields
| |
Instances
Arguments
| :: RenewalStatus | |
| -> NonEmpty DomainValidation | |
| -> UTCTime | |
| -> RenewalSummary |
Create a value of RenewalSummary with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:renewalStatusReason:RenewalSummary', renewalSummary_renewalStatusReason - The reason that a renewal request was unsuccessful.
$sel:renewalStatus:RenewalSummary', renewalSummary_renewalStatus - The status of ACM's
managed renewal
of the certificate.
$sel:domainValidationOptions:RenewalSummary', renewalSummary_domainValidationOptions - Contains information about the validation of each domain name in the
certificate, as it pertains to ACM's
managed renewal.
This is different from the initial validation that occurs as a result of
the RequestCertificate request. This field exists only when the
certificate type is AMAZON_ISSUED.
$sel:updatedAt:RenewalSummary', renewalSummary_updatedAt - The time at which the renewal summary was last updated.
renewalSummary_renewalStatusReason :: Lens' RenewalSummary (Maybe FailureReason) Source #
The reason that a renewal request was unsuccessful.
renewalSummary_renewalStatus :: Lens' RenewalSummary RenewalStatus Source #
The status of ACM's managed renewal of the certificate.
renewalSummary_domainValidationOptions :: Lens' RenewalSummary (NonEmpty DomainValidation) Source #
Contains information about the validation of each domain name in the
certificate, as it pertains to ACM's
managed renewal.
This is different from the initial validation that occurs as a result of
the RequestCertificate request. This field exists only when the
certificate type is AMAZON_ISSUED.
renewalSummary_updatedAt :: Lens' RenewalSummary UTCTime Source #
The time at which the renewal summary was last updated.
ResourceRecord
data ResourceRecord Source #
Contains a DNS record value that you can use to validate ownership or control of a domain. This is used by the DescribeCertificate action.
See: newResourceRecord smart constructor.
Constructors
| ResourceRecord' | |
Instances
Arguments
| :: Text | |
| -> RecordType | |
| -> Text | |
| -> ResourceRecord |
Create a value of ResourceRecord with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:name:ResourceRecord', resourceRecord_name - The name of the DNS record to create in your domain. This is supplied by
ACM.
$sel:type':ResourceRecord', resourceRecord_type - The type of DNS record. Currently this can be CNAME.
$sel:value:ResourceRecord', resourceRecord_value - The value of the CNAME record to add to your DNS database. This is
supplied by ACM.
resourceRecord_name :: Lens' ResourceRecord Text Source #
The name of the DNS record to create in your domain. This is supplied by ACM.
resourceRecord_type :: Lens' ResourceRecord RecordType Source #
The type of DNS record. Currently this can be CNAME.
resourceRecord_value :: Lens' ResourceRecord Text Source #
The value of the CNAME record to add to your DNS database. This is supplied by ACM.
Tag
A key-value pair that identifies or specifies metadata about an ACM resource.
See: newTag smart constructor.
Instances
| FromJSON Tag Source # | |
| ToJSON Tag Source # | |
Defined in Amazonka.CertificateManager.Types.Tag | |
| Generic Tag Source # | |
| Read Tag Source # | |
| Show Tag Source # | |
| NFData Tag Source # | |
Defined in Amazonka.CertificateManager.Types.Tag | |
| Eq Tag Source # | |
| Hashable Tag Source # | |
Defined in Amazonka.CertificateManager.Types.Tag | |
| type Rep Tag Source # | |
Defined in Amazonka.CertificateManager.Types.Tag type Rep Tag = D1 ('MetaData "Tag" "Amazonka.CertificateManager.Types.Tag" "amazonka-certificatemanager-2.0-CRaDh4gXGsJGb4mnkgvuBR" 'False) (C1 ('MetaCons "Tag'" 'PrefixI 'True) (S1 ('MetaSel ('Just "value") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)) :*: S1 ('MetaSel ('Just "key") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text))) | |
Create a value of Tag with all optional fields omitted.
Use generic-lens or optics to modify other optional fields.
The following record fields are available, with the corresponding lenses provided for backwards compatibility:
$sel:value:Tag', tag_value - The value of the tag.
$sel:key:Tag', tag_key - The key of the tag.