amazonka-certificatemanager 1.5.0 → 1.6.0
raw patch · 27 files changed
+1311/−233 lines, 27 filesdep ~amazonka-coredep ~amazonka-testPVP ok
version bump matches the API change (PVP)
Dependency ranges changed: amazonka-core, amazonka-test
API changes (from Hackage documentation)
+ Network.AWS.CertificateManager: Any :: ExtendedKeyUsageName
+ Network.AWS.CertificateManager: CaaError :: FailureReason
+ Network.AWS.CertificateManager: Cname :: RecordType
+ Network.AWS.CertificateManager: CodeSigning :: ExtendedKeyUsageName
+ Network.AWS.CertificateManager: Custom :: ExtendedKeyUsageName
+ Network.AWS.CertificateManager: DNS :: ValidationMethod
+ Network.AWS.CertificateManager: Disabled :: CertificateTransparencyLoggingPreference
+ Network.AWS.CertificateManager: EcSECP384R1 :: KeyAlgorithm
+ Network.AWS.CertificateManager: EcSECP521R1 :: KeyAlgorithm
+ Network.AWS.CertificateManager: Eligible :: RenewalEligibility
+ Network.AWS.CertificateManager: Email :: ValidationMethod
+ Network.AWS.CertificateManager: EmailProtection :: ExtendedKeyUsageName
+ Network.AWS.CertificateManager: Enabled :: CertificateTransparencyLoggingPreference
+ Network.AWS.CertificateManager: IPsecEndSystem :: ExtendedKeyUsageName
+ Network.AWS.CertificateManager: IPsecTunnel :: ExtendedKeyUsageName
+ Network.AWS.CertificateManager: IPsecUser :: ExtendedKeyUsageName
+ Network.AWS.CertificateManager: Ineligible :: RenewalEligibility
+ Network.AWS.CertificateManager: KUNAny :: KeyUsageName
+ Network.AWS.CertificateManager: KUNCertificateSigning :: KeyUsageName
+ Network.AWS.CertificateManager: KUNCrlSigning :: KeyUsageName
+ Network.AWS.CertificateManager: KUNCustom :: KeyUsageName
+ Network.AWS.CertificateManager: KUNDataEncipherment :: KeyUsageName
+ Network.AWS.CertificateManager: KUNDecipherOnly :: KeyUsageName
+ Network.AWS.CertificateManager: KUNDigitalSignature :: KeyUsageName
+ Network.AWS.CertificateManager: KUNEncipherOnly :: KeyUsageName
+ Network.AWS.CertificateManager: KUNKeyAgreement :: KeyUsageName
+ Network.AWS.CertificateManager: KUNKeyEncipherment :: KeyUsageName
+ Network.AWS.CertificateManager: KUNNonRepudiation :: KeyUsageName
+ Network.AWS.CertificateManager: None :: ExtendedKeyUsageName
+ Network.AWS.CertificateManager: OcspSigning :: ExtendedKeyUsageName
+ Network.AWS.CertificateManager: PcaInvalidARN :: FailureReason
+ Network.AWS.CertificateManager: PcaInvalidArgs :: FailureReason
+ Network.AWS.CertificateManager: PcaInvalidState :: FailureReason
+ Network.AWS.CertificateManager: PcaLimitExceeded :: FailureReason
+ Network.AWS.CertificateManager: PcaRequestFailed :: FailureReason
+ Network.AWS.CertificateManager: PcaResourceNotFound :: FailureReason
+ Network.AWS.CertificateManager: Private :: CertificateType
+ Network.AWS.CertificateManager: Rsa4096 :: KeyAlgorithm
+ Network.AWS.CertificateManager: TLSWebClientAuthentication :: ExtendedKeyUsageName
+ Network.AWS.CertificateManager: TLSWebServerAuthentication :: ExtendedKeyUsageName
+ Network.AWS.CertificateManager: TimeStamping :: ExtendedKeyUsageName
+ Network.AWS.CertificateManager: cdCertificateAuthorityARN :: Lens' CertificateDetail (Maybe Text)
+ Network.AWS.CertificateManager: cdExtendedKeyUsages :: Lens' CertificateDetail [ExtendedKeyUsage]
+ Network.AWS.CertificateManager: cdKeyUsages :: Lens' CertificateDetail [KeyUsage]
+ Network.AWS.CertificateManager: cdOptions :: Lens' CertificateDetail (Maybe CertificateOptions)
+ Network.AWS.CertificateManager: cdRenewalEligibility :: Lens' CertificateDetail (Maybe RenewalEligibility)
+ Network.AWS.CertificateManager: certificateOptions :: CertificateOptions
+ Network.AWS.CertificateManager: coCertificateTransparencyLoggingPreference :: Lens' CertificateOptions (Maybe CertificateTransparencyLoggingPreference)
+ Network.AWS.CertificateManager: data CertificateOptions
+ Network.AWS.CertificateManager: data CertificateTransparencyLoggingPreference
+ Network.AWS.CertificateManager: data ExtendedKeyUsage
+ Network.AWS.CertificateManager: data ExtendedKeyUsageName
+ Network.AWS.CertificateManager: data Filters
+ Network.AWS.CertificateManager: data KeyUsage
+ Network.AWS.CertificateManager: data KeyUsageName
+ Network.AWS.CertificateManager: data RecordType
+ Network.AWS.CertificateManager: data RenewalEligibility
+ Network.AWS.CertificateManager: data ResourceRecord
+ Network.AWS.CertificateManager: data ValidationMethod
+ Network.AWS.CertificateManager: dvResourceRecord :: Lens' DomainValidation (Maybe ResourceRecord)
+ Network.AWS.CertificateManager: dvValidationMethod :: Lens' DomainValidation (Maybe ValidationMethod)
+ Network.AWS.CertificateManager: ekuName :: Lens' ExtendedKeyUsage (Maybe ExtendedKeyUsageName)
+ Network.AWS.CertificateManager: ekuOId :: Lens' ExtendedKeyUsage (Maybe Text)
+ Network.AWS.CertificateManager: extendedKeyUsage :: ExtendedKeyUsage
+ Network.AWS.CertificateManager: fExtendedKeyUsage :: Lens' Filters [ExtendedKeyUsageName]
+ Network.AWS.CertificateManager: fKeyTypes :: Lens' Filters [KeyAlgorithm]
+ Network.AWS.CertificateManager: fKeyUsage :: Lens' Filters [KeyUsageName]
+ Network.AWS.CertificateManager: filters :: Filters
+ Network.AWS.CertificateManager: keyUsage :: KeyUsage
+ Network.AWS.CertificateManager: kuName :: Lens' KeyUsage (Maybe KeyUsageName)
+ Network.AWS.CertificateManager: resourceRecord :: Text -> RecordType -> Text -> ResourceRecord
+ Network.AWS.CertificateManager: rrName :: Lens' ResourceRecord Text
+ Network.AWS.CertificateManager: rrType :: Lens' ResourceRecord RecordType
+ Network.AWS.CertificateManager: rrValue :: Lens' ResourceRecord Text
+ Network.AWS.CertificateManager.ExportCertificate: data ExportCertificate
+ Network.AWS.CertificateManager.ExportCertificate: data ExportCertificateResponse
+ Network.AWS.CertificateManager.ExportCertificate: ecCertificateARN :: Lens' ExportCertificate Text
+ Network.AWS.CertificateManager.ExportCertificate: ecPassphrase :: Lens' ExportCertificate ByteString
+ Network.AWS.CertificateManager.ExportCertificate: ecrsCertificate :: Lens' ExportCertificateResponse (Maybe Text)
+ Network.AWS.CertificateManager.ExportCertificate: ecrsCertificateChain :: Lens' ExportCertificateResponse (Maybe Text)
+ Network.AWS.CertificateManager.ExportCertificate: ecrsPrivateKey :: Lens' ExportCertificateResponse (Maybe Text)
+ Network.AWS.CertificateManager.ExportCertificate: ecrsResponseStatus :: Lens' ExportCertificateResponse Int
+ Network.AWS.CertificateManager.ExportCertificate: exportCertificate :: Text -> ByteString -> ExportCertificate
+ Network.AWS.CertificateManager.ExportCertificate: exportCertificateResponse :: Int -> ExportCertificateResponse
+ Network.AWS.CertificateManager.ExportCertificate: instance Control.DeepSeq.NFData Network.AWS.CertificateManager.ExportCertificate.ExportCertificate
+ Network.AWS.CertificateManager.ExportCertificate: instance Control.DeepSeq.NFData Network.AWS.CertificateManager.ExportCertificate.ExportCertificateResponse
+ Network.AWS.CertificateManager.ExportCertificate: instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CertificateManager.ExportCertificate.ExportCertificate
+ Network.AWS.CertificateManager.ExportCertificate: instance Data.Data.Data Network.AWS.CertificateManager.ExportCertificate.ExportCertificate
+ Network.AWS.CertificateManager.ExportCertificate: instance Data.Data.Data Network.AWS.CertificateManager.ExportCertificate.ExportCertificateResponse
+ Network.AWS.CertificateManager.ExportCertificate: instance Data.Hashable.Class.Hashable Network.AWS.CertificateManager.ExportCertificate.ExportCertificate
+ Network.AWS.CertificateManager.ExportCertificate: instance GHC.Classes.Eq Network.AWS.CertificateManager.ExportCertificate.ExportCertificate
+ Network.AWS.CertificateManager.ExportCertificate: instance GHC.Classes.Eq Network.AWS.CertificateManager.ExportCertificate.ExportCertificateResponse
+ Network.AWS.CertificateManager.ExportCertificate: instance GHC.Generics.Generic Network.AWS.CertificateManager.ExportCertificate.ExportCertificate
+ Network.AWS.CertificateManager.ExportCertificate: instance GHC.Generics.Generic Network.AWS.CertificateManager.ExportCertificate.ExportCertificateResponse
+ Network.AWS.CertificateManager.ExportCertificate: instance GHC.Show.Show Network.AWS.CertificateManager.ExportCertificate.ExportCertificate
+ Network.AWS.CertificateManager.ExportCertificate: instance GHC.Show.Show Network.AWS.CertificateManager.ExportCertificate.ExportCertificateResponse
+ Network.AWS.CertificateManager.ExportCertificate: instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CertificateManager.ExportCertificate.ExportCertificate
+ Network.AWS.CertificateManager.ExportCertificate: instance Network.AWS.Data.Path.ToPath Network.AWS.CertificateManager.ExportCertificate.ExportCertificate
+ Network.AWS.CertificateManager.ExportCertificate: instance Network.AWS.Data.Query.ToQuery Network.AWS.CertificateManager.ExportCertificate.ExportCertificate
+ Network.AWS.CertificateManager.ExportCertificate: instance Network.AWS.Types.AWSRequest Network.AWS.CertificateManager.ExportCertificate.ExportCertificate
+ Network.AWS.CertificateManager.ListCertificates: lcIncludes :: Lens' ListCertificates (Maybe Filters)
+ Network.AWS.CertificateManager.RequestCertificate: rcCertificateAuthorityARN :: Lens' RequestCertificate (Maybe Text)
+ Network.AWS.CertificateManager.RequestCertificate: rcOptions :: Lens' RequestCertificate (Maybe CertificateOptions)
+ Network.AWS.CertificateManager.RequestCertificate: rcValidationMethod :: Lens' RequestCertificate (Maybe ValidationMethod)
+ Network.AWS.CertificateManager.Types: Any :: ExtendedKeyUsageName
+ Network.AWS.CertificateManager.Types: CaaError :: FailureReason
+ Network.AWS.CertificateManager.Types: Cname :: RecordType
+ Network.AWS.CertificateManager.Types: CodeSigning :: ExtendedKeyUsageName
+ Network.AWS.CertificateManager.Types: Custom :: ExtendedKeyUsageName
+ Network.AWS.CertificateManager.Types: DNS :: ValidationMethod
+ Network.AWS.CertificateManager.Types: Disabled :: CertificateTransparencyLoggingPreference
+ Network.AWS.CertificateManager.Types: EcSECP384R1 :: KeyAlgorithm
+ Network.AWS.CertificateManager.Types: EcSECP521R1 :: KeyAlgorithm
+ Network.AWS.CertificateManager.Types: Eligible :: RenewalEligibility
+ Network.AWS.CertificateManager.Types: Email :: ValidationMethod
+ Network.AWS.CertificateManager.Types: EmailProtection :: ExtendedKeyUsageName
+ Network.AWS.CertificateManager.Types: Enabled :: CertificateTransparencyLoggingPreference
+ Network.AWS.CertificateManager.Types: IPsecEndSystem :: ExtendedKeyUsageName
+ Network.AWS.CertificateManager.Types: IPsecTunnel :: ExtendedKeyUsageName
+ Network.AWS.CertificateManager.Types: IPsecUser :: ExtendedKeyUsageName
+ Network.AWS.CertificateManager.Types: Ineligible :: RenewalEligibility
+ Network.AWS.CertificateManager.Types: KUNAny :: KeyUsageName
+ Network.AWS.CertificateManager.Types: KUNCertificateSigning :: KeyUsageName
+ Network.AWS.CertificateManager.Types: KUNCrlSigning :: KeyUsageName
+ Network.AWS.CertificateManager.Types: KUNCustom :: KeyUsageName
+ Network.AWS.CertificateManager.Types: KUNDataEncipherment :: KeyUsageName
+ Network.AWS.CertificateManager.Types: KUNDecipherOnly :: KeyUsageName
+ Network.AWS.CertificateManager.Types: KUNDigitalSignature :: KeyUsageName
+ Network.AWS.CertificateManager.Types: KUNEncipherOnly :: KeyUsageName
+ Network.AWS.CertificateManager.Types: KUNKeyAgreement :: KeyUsageName
+ Network.AWS.CertificateManager.Types: KUNKeyEncipherment :: KeyUsageName
+ Network.AWS.CertificateManager.Types: KUNNonRepudiation :: KeyUsageName
+ Network.AWS.CertificateManager.Types: None :: ExtendedKeyUsageName
+ Network.AWS.CertificateManager.Types: OcspSigning :: ExtendedKeyUsageName
+ Network.AWS.CertificateManager.Types: PcaInvalidARN :: FailureReason
+ Network.AWS.CertificateManager.Types: PcaInvalidArgs :: FailureReason
+ Network.AWS.CertificateManager.Types: PcaInvalidState :: FailureReason
+ Network.AWS.CertificateManager.Types: PcaLimitExceeded :: FailureReason
+ Network.AWS.CertificateManager.Types: PcaRequestFailed :: FailureReason
+ Network.AWS.CertificateManager.Types: PcaResourceNotFound :: FailureReason
+ Network.AWS.CertificateManager.Types: Private :: CertificateType
+ Network.AWS.CertificateManager.Types: Rsa4096 :: KeyAlgorithm
+ Network.AWS.CertificateManager.Types: TLSWebClientAuthentication :: ExtendedKeyUsageName
+ Network.AWS.CertificateManager.Types: TLSWebServerAuthentication :: ExtendedKeyUsageName
+ Network.AWS.CertificateManager.Types: TimeStamping :: ExtendedKeyUsageName
+ Network.AWS.CertificateManager.Types: cdCertificateAuthorityARN :: Lens' CertificateDetail (Maybe Text)
+ Network.AWS.CertificateManager.Types: cdExtendedKeyUsages :: Lens' CertificateDetail [ExtendedKeyUsage]
+ Network.AWS.CertificateManager.Types: cdKeyUsages :: Lens' CertificateDetail [KeyUsage]
+ Network.AWS.CertificateManager.Types: cdOptions :: Lens' CertificateDetail (Maybe CertificateOptions)
+ Network.AWS.CertificateManager.Types: cdRenewalEligibility :: Lens' CertificateDetail (Maybe RenewalEligibility)
+ Network.AWS.CertificateManager.Types: certificateOptions :: CertificateOptions
+ Network.AWS.CertificateManager.Types: coCertificateTransparencyLoggingPreference :: Lens' CertificateOptions (Maybe CertificateTransparencyLoggingPreference)
+ Network.AWS.CertificateManager.Types: data CertificateOptions
+ Network.AWS.CertificateManager.Types: data CertificateTransparencyLoggingPreference
+ Network.AWS.CertificateManager.Types: data ExtendedKeyUsage
+ Network.AWS.CertificateManager.Types: data ExtendedKeyUsageName
+ Network.AWS.CertificateManager.Types: data Filters
+ Network.AWS.CertificateManager.Types: data KeyUsage
+ Network.AWS.CertificateManager.Types: data KeyUsageName
+ Network.AWS.CertificateManager.Types: data RecordType
+ Network.AWS.CertificateManager.Types: data RenewalEligibility
+ Network.AWS.CertificateManager.Types: data ResourceRecord
+ Network.AWS.CertificateManager.Types: data ValidationMethod
+ Network.AWS.CertificateManager.Types: dvResourceRecord :: Lens' DomainValidation (Maybe ResourceRecord)
+ Network.AWS.CertificateManager.Types: dvValidationMethod :: Lens' DomainValidation (Maybe ValidationMethod)
+ Network.AWS.CertificateManager.Types: ekuName :: Lens' ExtendedKeyUsage (Maybe ExtendedKeyUsageName)
+ Network.AWS.CertificateManager.Types: ekuOId :: Lens' ExtendedKeyUsage (Maybe Text)
+ Network.AWS.CertificateManager.Types: extendedKeyUsage :: ExtendedKeyUsage
+ Network.AWS.CertificateManager.Types: fExtendedKeyUsage :: Lens' Filters [ExtendedKeyUsageName]
+ Network.AWS.CertificateManager.Types: fKeyTypes :: Lens' Filters [KeyAlgorithm]
+ Network.AWS.CertificateManager.Types: fKeyUsage :: Lens' Filters [KeyUsageName]
+ Network.AWS.CertificateManager.Types: filters :: Filters
+ Network.AWS.CertificateManager.Types: keyUsage :: KeyUsage
+ Network.AWS.CertificateManager.Types: kuName :: Lens' KeyUsage (Maybe KeyUsageName)
+ Network.AWS.CertificateManager.Types: resourceRecord :: Text -> RecordType -> Text -> ResourceRecord
+ Network.AWS.CertificateManager.Types: rrName :: Lens' ResourceRecord Text
+ Network.AWS.CertificateManager.Types: rrType :: Lens' ResourceRecord RecordType
+ Network.AWS.CertificateManager.Types: rrValue :: Lens' ResourceRecord Text
+ Network.AWS.CertificateManager.UpdateCertificateOptions: data UpdateCertificateOptions
+ Network.AWS.CertificateManager.UpdateCertificateOptions: data UpdateCertificateOptionsResponse
+ Network.AWS.CertificateManager.UpdateCertificateOptions: instance Control.DeepSeq.NFData Network.AWS.CertificateManager.UpdateCertificateOptions.UpdateCertificateOptions
+ Network.AWS.CertificateManager.UpdateCertificateOptions: instance Control.DeepSeq.NFData Network.AWS.CertificateManager.UpdateCertificateOptions.UpdateCertificateOptionsResponse
+ Network.AWS.CertificateManager.UpdateCertificateOptions: instance Data.Aeson.Types.ToJSON.ToJSON Network.AWS.CertificateManager.UpdateCertificateOptions.UpdateCertificateOptions
+ Network.AWS.CertificateManager.UpdateCertificateOptions: instance Data.Data.Data Network.AWS.CertificateManager.UpdateCertificateOptions.UpdateCertificateOptions
+ Network.AWS.CertificateManager.UpdateCertificateOptions: instance Data.Data.Data Network.AWS.CertificateManager.UpdateCertificateOptions.UpdateCertificateOptionsResponse
+ Network.AWS.CertificateManager.UpdateCertificateOptions: instance Data.Hashable.Class.Hashable Network.AWS.CertificateManager.UpdateCertificateOptions.UpdateCertificateOptions
+ Network.AWS.CertificateManager.UpdateCertificateOptions: instance GHC.Classes.Eq Network.AWS.CertificateManager.UpdateCertificateOptions.UpdateCertificateOptions
+ Network.AWS.CertificateManager.UpdateCertificateOptions: instance GHC.Classes.Eq Network.AWS.CertificateManager.UpdateCertificateOptions.UpdateCertificateOptionsResponse
+ Network.AWS.CertificateManager.UpdateCertificateOptions: instance GHC.Generics.Generic Network.AWS.CertificateManager.UpdateCertificateOptions.UpdateCertificateOptions
+ Network.AWS.CertificateManager.UpdateCertificateOptions: instance GHC.Generics.Generic Network.AWS.CertificateManager.UpdateCertificateOptions.UpdateCertificateOptionsResponse
+ Network.AWS.CertificateManager.UpdateCertificateOptions: instance GHC.Read.Read Network.AWS.CertificateManager.UpdateCertificateOptions.UpdateCertificateOptions
+ Network.AWS.CertificateManager.UpdateCertificateOptions: instance GHC.Read.Read Network.AWS.CertificateManager.UpdateCertificateOptions.UpdateCertificateOptionsResponse
+ Network.AWS.CertificateManager.UpdateCertificateOptions: instance GHC.Show.Show Network.AWS.CertificateManager.UpdateCertificateOptions.UpdateCertificateOptions
+ Network.AWS.CertificateManager.UpdateCertificateOptions: instance GHC.Show.Show Network.AWS.CertificateManager.UpdateCertificateOptions.UpdateCertificateOptionsResponse
+ Network.AWS.CertificateManager.UpdateCertificateOptions: instance Network.AWS.Data.Headers.ToHeaders Network.AWS.CertificateManager.UpdateCertificateOptions.UpdateCertificateOptions
+ Network.AWS.CertificateManager.UpdateCertificateOptions: instance Network.AWS.Data.Path.ToPath Network.AWS.CertificateManager.UpdateCertificateOptions.UpdateCertificateOptions
+ Network.AWS.CertificateManager.UpdateCertificateOptions: instance Network.AWS.Data.Query.ToQuery Network.AWS.CertificateManager.UpdateCertificateOptions.UpdateCertificateOptions
+ Network.AWS.CertificateManager.UpdateCertificateOptions: instance Network.AWS.Types.AWSRequest Network.AWS.CertificateManager.UpdateCertificateOptions.UpdateCertificateOptions
+ Network.AWS.CertificateManager.UpdateCertificateOptions: ucoCertificateARN :: Lens' UpdateCertificateOptions Text
+ Network.AWS.CertificateManager.UpdateCertificateOptions: ucoOptions :: Lens' UpdateCertificateOptions CertificateOptions
+ Network.AWS.CertificateManager.UpdateCertificateOptions: updateCertificateOptions :: Text -> CertificateOptions -> UpdateCertificateOptions
+ Network.AWS.CertificateManager.UpdateCertificateOptions: updateCertificateOptionsResponse :: UpdateCertificateOptionsResponse
Files
- README.md +1/−1
- amazonka-certificatemanager.cabal +7/−5
- fixture/ExportCertificate.yaml +10/−0
- fixture/ExportCertificateResponse.proto +0/−0
- fixture/UpdateCertificateOptions.yaml +10/−0
- fixture/UpdateCertificateOptionsResponse.proto +0/−0
- gen/Network/AWS/CertificateManager.hs +64/−1
- gen/Network/AWS/CertificateManager/AddTagsToCertificate.hs +8/−8
- gen/Network/AWS/CertificateManager/DeleteCertificate.hs +5/−5
- gen/Network/AWS/CertificateManager/DescribeCertificate.hs +8/−8
- gen/Network/AWS/CertificateManager/ExportCertificate.hs +171/−0
- gen/Network/AWS/CertificateManager/GetCertificate.hs +12/−12
- gen/Network/AWS/CertificateManager/ImportCertificate.hs +41/−25
- gen/Network/AWS/CertificateManager/ListCertificates.hs +30/−20
- gen/Network/AWS/CertificateManager/ListTagsForCertificate.hs +8/−8
- gen/Network/AWS/CertificateManager/RemoveTagsFromCertificate.hs +6/−6
- gen/Network/AWS/CertificateManager/RequestCertificate.hs +52/−23
- gen/Network/AWS/CertificateManager/ResendValidationEmail.hs +11/−11
- gen/Network/AWS/CertificateManager/Types.hs +76/−19
- gen/Network/AWS/CertificateManager/Types/Product.hs +358/−72
- gen/Network/AWS/CertificateManager/Types/Sum.hs +268/−4
- gen/Network/AWS/CertificateManager/UpdateCertificateOptions.hs +124/−0
- gen/Network/AWS/CertificateManager/Waiters.hs +1/−1
- test/Main.hs +1/−1
- test/Test/AWS/CertificateManager.hs +1/−1
- test/Test/AWS/CertificateManager/Internal.hs +1/−1
- test/Test/AWS/Gen/CertificateManager.hs +37/−1
README.md view
@@ -8,7 +8,7 @@ ## Version -`1.5.0`+`1.6.0` ## Description
amazonka-certificatemanager.cabal view
@@ -1,5 +1,5 @@ name: amazonka-certificatemanager-version: 1.5.0+version: 1.6.0 synopsis: Amazon Certificate Manager SDK. homepage: https://github.com/brendanhay/amazonka bug-reports: https://github.com/brendanhay/amazonka/issues@@ -7,7 +7,7 @@ license-file: LICENSE author: Brendan Hay maintainer: Brendan Hay <brendan.g.hay+amazonka@gmail.com>-copyright: Copyright (c) 2013-2017 Brendan Hay+copyright: Copyright (c) 2013-2018 Brendan Hay category: Network, AWS, Cloud, Distributed Computing build-type: Simple cabal-version: >= 1.10@@ -48,6 +48,7 @@ , Network.AWS.CertificateManager.AddTagsToCertificate , Network.AWS.CertificateManager.DeleteCertificate , Network.AWS.CertificateManager.DescribeCertificate+ , Network.AWS.CertificateManager.ExportCertificate , Network.AWS.CertificateManager.GetCertificate , Network.AWS.CertificateManager.ImportCertificate , Network.AWS.CertificateManager.ListCertificates@@ -56,6 +57,7 @@ , Network.AWS.CertificateManager.RequestCertificate , Network.AWS.CertificateManager.ResendValidationEmail , Network.AWS.CertificateManager.Types+ , Network.AWS.CertificateManager.UpdateCertificateOptions , Network.AWS.CertificateManager.Waiters other-modules:@@ -63,7 +65,7 @@ , Network.AWS.CertificateManager.Types.Sum build-depends:- amazonka-core == 1.5.0.*+ amazonka-core == 1.6.0.* , base >= 4.7 && < 5 test-suite amazonka-certificatemanager-test@@ -83,8 +85,8 @@ , Test.AWS.CertificateManager.Internal build-depends:- amazonka-core == 1.5.0.*- , amazonka-test == 1.5.0.*+ amazonka-core == 1.6.0.*+ , amazonka-test == 1.6.0.* , amazonka-certificatemanager , base , bytestring
+ fixture/ExportCertificate.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/acm/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: acm.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/ExportCertificateResponse.proto view
+ fixture/UpdateCertificateOptions.yaml view
@@ -0,0 +1,10 @@+---+method: POST+headers:+ Authorization: AWS4-HMAC-SHA256 Credential=access/20091028/us-east-1/acm/aws4_request, SignedHeaders=content-type;host;x-amz-content-sha256;x-amz-date, Signature=?+ Host: acm.us-east-1.amazonaws.com+ Content-Type: application/x-www-form-urlencoded; charset=utf-8+ X-Amz-Content-SHA256: abcdef+ X-Amz-Date: 20091028T223200Z+body:+ ''
+ fixture/UpdateCertificateOptionsResponse.proto view
gen/Network/AWS/CertificateManager.hs view
@@ -5,7 +5,7 @@ -- | -- Module : Network.AWS.CertificateManager--- Copyright : (c) 2013-2017 Brendan Hay+-- Copyright : (c) 2013-2018 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay <brendan.g.hay+amazonka@gmail.com> -- Stability : auto-generated@@ -61,6 +61,9 @@ -- ** ResendValidationEmail , module Network.AWS.CertificateManager.ResendValidationEmail + -- ** UpdateCertificateOptions+ , module Network.AWS.CertificateManager.UpdateCertificateOptions+ -- ** ListTagsForCertificate , module Network.AWS.CertificateManager.ListTagsForCertificate @@ -88,29 +91,50 @@ -- ** DescribeCertificate , module Network.AWS.CertificateManager.DescribeCertificate + -- ** ExportCertificate+ , module Network.AWS.CertificateManager.ExportCertificate+ -- * Types -- ** CertificateStatus , CertificateStatus (..) + -- ** CertificateTransparencyLoggingPreference+ , CertificateTransparencyLoggingPreference (..)+ -- ** CertificateType , CertificateType (..) -- ** DomainStatus , DomainStatus (..) + -- ** ExtendedKeyUsageName+ , ExtendedKeyUsageName (..)+ -- ** FailureReason , FailureReason (..) -- ** KeyAlgorithm , KeyAlgorithm (..) + -- ** KeyUsageName+ , KeyUsageName (..)++ -- ** RecordType+ , RecordType (..)++ -- ** RenewalEligibility+ , RenewalEligibility (..)+ -- ** RenewalStatus , RenewalStatus (..) -- ** RevocationReason , RevocationReason (..) + -- ** ValidationMethod+ , ValidationMethod (..)+ -- ** CertificateDetail , CertificateDetail , certificateDetail@@ -122,7 +146,10 @@ , cdCreatedAt , cdCertificateARN , cdSerial+ , cdRenewalEligibility+ , cdExtendedKeyUsages , cdImportedAt+ , cdKeyUsages , cdRevokedAt , cdNotBefore , cdRevocationReason@@ -130,12 +157,19 @@ , cdRenewalSummary , cdKeyAlgorithm , cdType+ , cdOptions , cdIssuedAt , cdSignatureAlgorithm , cdDomainValidationOptions , cdIssuer , cdNotAfter+ , cdCertificateAuthorityARN + -- ** CertificateOptions+ , CertificateOptions+ , certificateOptions+ , coCertificateTransparencyLoggingPreference+ -- ** CertificateSummary , CertificateSummary , certificateSummary@@ -146,6 +180,8 @@ , DomainValidation , domainValidation , dvValidationEmails+ , dvValidationMethod+ , dvResourceRecord , dvValidationStatus , dvValidationDomain , dvDomainName@@ -156,12 +192,37 @@ , dvoDomainName , dvoValidationDomain + -- ** ExtendedKeyUsage+ , ExtendedKeyUsage+ , extendedKeyUsage+ , ekuOId+ , ekuName++ -- ** Filters+ , Filters+ , filters+ , fKeyTypes+ , fKeyUsage+ , fExtendedKeyUsage++ -- ** KeyUsage+ , KeyUsage+ , keyUsage+ , kuName+ -- ** RenewalSummary , RenewalSummary , renewalSummary , rsRenewalStatus , rsDomainValidationOptions + -- ** ResourceRecord+ , ResourceRecord+ , resourceRecord+ , rrName+ , rrType+ , rrValue+ -- ** Tag , Tag , tag@@ -172,6 +233,7 @@ import Network.AWS.CertificateManager.AddTagsToCertificate import Network.AWS.CertificateManager.DeleteCertificate import Network.AWS.CertificateManager.DescribeCertificate+import Network.AWS.CertificateManager.ExportCertificate import Network.AWS.CertificateManager.GetCertificate import Network.AWS.CertificateManager.ImportCertificate import Network.AWS.CertificateManager.ListCertificates@@ -180,6 +242,7 @@ import Network.AWS.CertificateManager.RequestCertificate import Network.AWS.CertificateManager.ResendValidationEmail import Network.AWS.CertificateManager.Types+import Network.AWS.CertificateManager.UpdateCertificateOptions import Network.AWS.CertificateManager.Waiters {- $errors
gen/Network/AWS/CertificateManager/AddTagsToCertificate.hs view
@@ -12,16 +12,16 @@ -- | -- Module : Network.AWS.CertificateManager.AddTagsToCertificate--- Copyright : (c) 2013-2017 Brendan Hay+-- Copyright : (c) 2013-2018 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay <brendan.g.hay+amazonka@gmail.com> -- Stability : auto-generated -- Portability : non-portable (GHC extensions) ----- Adds one or more tags to an ACM Certificate. Tags are labels that you can use to identify and organize your AWS resources. Each tag consists of a @key@ and an optional @value@ . You specify the certificate on input by its Amazon Resource Name (ARN). You specify the tag by using a key-value pair.+-- Adds one or more tags to an ACM certificate. Tags are labels that you can use to identify and organize your AWS resources. Each tag consists of a @key@ and an optional @value@ . You specify the certificate on input by its Amazon Resource Name (ARN). You specify the tag by using a key-value pair. -- ----- You can apply a tag to just one certificate if you want to identify a specific characteristic of that certificate, or you can apply the same tag to multiple certificates if you want to filter for a common relationship among those certificates. Similarly, you can apply the same tag to multiple resources if you want to specify a relationship among those resources. For example, you can add the same tag to an ACM Certificate and an Elastic Load Balancing load balancer to indicate that they are both used by the same website. For more information, see <http://docs.aws.amazon.com/acm/latest/userguide/tags.html Tagging ACM Certificates> .+-- You can apply a tag to just one certificate if you want to identify a specific characteristic of that certificate, or you can apply the same tag to multiple certificates if you want to filter for a common relationship among those certificates. Similarly, you can apply the same tag to multiple resources if you want to specify a relationship among those resources. For example, you can add the same tag to an ACM certificate and an Elastic Load Balancing load balancer to indicate that they are both used by the same website. For more information, see <http://docs.aws.amazon.com/acm/latest/userguide/tags.html Tagging ACM certificates> . -- -- To remove one or more tags, use the 'RemoveTagsFromCertificate' action. To view all of the tags that have been applied to the certificate, use the 'ListTagsForCertificate' action. --@@ -57,7 +57,7 @@ -- -- Use one of the following lenses to modify other fields as desired: ----- * 'attcCertificateARN' - String that contains the ARN of the ACM Certificate to which the tag is to be applied. This must be of the form: @arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012@ For more information about ARNs, see <http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html Amazon Resource Names (ARNs) and AWS Service Namespaces> .+-- * 'attcCertificateARN' - String that contains the ARN of the ACM certificate to which the tag is to be applied. This must be of the form: @arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012@ For more information about ARNs, see <http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html Amazon Resource Names (ARNs) and AWS Service Namespaces> . -- -- * 'attcTags' - The key-value pair that defines the tag. The tag value is optional. addTagsToCertificate@@ -66,16 +66,16 @@ -> AddTagsToCertificate addTagsToCertificate pCertificateARN_ pTags_ = AddTagsToCertificate'- {_attcCertificateARN = pCertificateARN_, _attcTags = _List1 # pTags_}+ {_attcCertificateARN = pCertificateARN_, _attcTags = _List1 # pTags_} --- | String that contains the ARN of the ACM Certificate to which the tag is to be applied. This must be of the form: @arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012@ For more information about ARNs, see <http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html Amazon Resource Names (ARNs) and AWS Service Namespaces> .+-- | String that contains the ARN of the ACM certificate to which the tag is to be applied. This must be of the form: @arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012@ For more information about ARNs, see <http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html Amazon Resource Names (ARNs) and AWS Service Namespaces> . attcCertificateARN :: Lens' AddTagsToCertificate Text-attcCertificateARN = lens _attcCertificateARN (\ s a -> s{_attcCertificateARN = a});+attcCertificateARN = lens _attcCertificateARN (\ s a -> s{_attcCertificateARN = a}) -- | The key-value pair that defines the tag. The tag value is optional. attcTags :: Lens' AddTagsToCertificate (NonEmpty Tag)-attcTags = lens _attcTags (\ s a -> s{_attcTags = a}) . _List1;+attcTags = lens _attcTags (\ s a -> s{_attcTags = a}) . _List1 instance AWSRequest AddTagsToCertificate where type Rs AddTagsToCertificate =
gen/Network/AWS/CertificateManager/DeleteCertificate.hs view
@@ -12,13 +12,13 @@ -- | -- Module : Network.AWS.CertificateManager.DeleteCertificate--- Copyright : (c) 2013-2017 Brendan Hay+-- Copyright : (c) 2013-2018 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay <brendan.g.hay+amazonka@gmail.com> -- Stability : auto-generated -- Portability : non-portable (GHC extensions) ----- Deletes an ACM Certificate and its associated private key. If this action succeeds, the certificate no longer appears in the list of ACM Certificates that can be displayed by calling the 'ListCertificates' action or be retrieved by calling the 'GetCertificate' action. The certificate will not be available for use by other AWS services.+-- Deletes a certificate and its associated private key. If this action succeeds, the certificate no longer appears in the list that can be displayed by calling the 'ListCertificates' action or be retrieved by calling the 'GetCertificate' action. The certificate will not be available for use by AWS services integrated with ACM. -- -- module Network.AWS.CertificateManager.DeleteCertificate@@ -51,7 +51,7 @@ -- -- Use one of the following lenses to modify other fields as desired: ----- * 'dcCertificateARN' - String that contains the ARN of the ACM Certificate to be deleted. This must be of the form: @arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012@ For more information about ARNs, see <http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html Amazon Resource Names (ARNs) and AWS Service Namespaces> .+-- * 'dcCertificateARN' - String that contains the ARN of the ACM certificate to be deleted. This must be of the form: @arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012@ For more information about ARNs, see <http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html Amazon Resource Names (ARNs) and AWS Service Namespaces> . deleteCertificate :: Text -- ^ 'dcCertificateARN' -> DeleteCertificate@@ -59,9 +59,9 @@ DeleteCertificate' {_dcCertificateARN = pCertificateARN_} --- | String that contains the ARN of the ACM Certificate to be deleted. This must be of the form: @arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012@ For more information about ARNs, see <http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html Amazon Resource Names (ARNs) and AWS Service Namespaces> .+-- | String that contains the ARN of the ACM certificate to be deleted. This must be of the form: @arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012@ For more information about ARNs, see <http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html Amazon Resource Names (ARNs) and AWS Service Namespaces> . dcCertificateARN :: Lens' DeleteCertificate Text-dcCertificateARN = lens _dcCertificateARN (\ s a -> s{_dcCertificateARN = a});+dcCertificateARN = lens _dcCertificateARN (\ s a -> s{_dcCertificateARN = a}) instance AWSRequest DeleteCertificate where type Rs DeleteCertificate = DeleteCertificateResponse
gen/Network/AWS/CertificateManager/DescribeCertificate.hs view
@@ -12,13 +12,13 @@ -- | -- Module : Network.AWS.CertificateManager.DescribeCertificate--- Copyright : (c) 2013-2017 Brendan Hay+-- Copyright : (c) 2013-2018 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay <brendan.g.hay+amazonka@gmail.com> -- Stability : auto-generated -- Portability : non-portable (GHC extensions) ----- Returns detailed metadata about the specified ACM Certificate.+-- Returns detailed metadata about the specified ACM certificate. -- -- module Network.AWS.CertificateManager.DescribeCertificate@@ -54,7 +54,7 @@ -- -- Use one of the following lenses to modify other fields as desired: ----- * 'dCertificateARN' - The Amazon Resource Name (ARN) of the ACM Certificate. The ARN must have the following form: @arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012@ For more information about ARNs, see <http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html Amazon Resource Names (ARNs) and AWS Service Namespaces> .+-- * 'dCertificateARN' - The Amazon Resource Name (ARN) of the ACM certificate. The ARN must have the following form: @arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012@ For more information about ARNs, see <http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html Amazon Resource Names (ARNs) and AWS Service Namespaces> . describeCertificate :: Text -- ^ 'dCertificateARN' -> DescribeCertificate@@ -62,9 +62,9 @@ DescribeCertificate' {_dCertificateARN = pCertificateARN_} --- | The Amazon Resource Name (ARN) of the ACM Certificate. The ARN must have the following form: @arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012@ For more information about ARNs, see <http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html Amazon Resource Names (ARNs) and AWS Service Namespaces> .+-- | The Amazon Resource Name (ARN) of the ACM certificate. The ARN must have the following form: @arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012@ For more information about ARNs, see <http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html Amazon Resource Names (ARNs) and AWS Service Namespaces> . dCertificateARN :: Lens' DescribeCertificate Text-dCertificateARN = lens _dCertificateARN (\ s a -> s{_dCertificateARN = a});+dCertificateARN = lens _dCertificateARN (\ s a -> s{_dCertificateARN = a}) instance AWSRequest DescribeCertificate where type Rs DescribeCertificate =@@ -121,15 +121,15 @@ -> DescribeCertificateResponse describeCertificateResponse pResponseStatus_ = DescribeCertificateResponse'- {_dcrsCertificate = Nothing, _dcrsResponseStatus = pResponseStatus_}+ {_dcrsCertificate = Nothing, _dcrsResponseStatus = pResponseStatus_} -- | Metadata about an ACM certificate. dcrsCertificate :: Lens' DescribeCertificateResponse (Maybe CertificateDetail)-dcrsCertificate = lens _dcrsCertificate (\ s a -> s{_dcrsCertificate = a});+dcrsCertificate = lens _dcrsCertificate (\ s a -> s{_dcrsCertificate = a}) -- | -- | The response status code. dcrsResponseStatus :: Lens' DescribeCertificateResponse Int-dcrsResponseStatus = lens _dcrsResponseStatus (\ s a -> s{_dcrsResponseStatus = a});+dcrsResponseStatus = lens _dcrsResponseStatus (\ s a -> s{_dcrsResponseStatus = a}) instance NFData DescribeCertificateResponse where
+ gen/Network/AWS/CertificateManager/ExportCertificate.hs view
@@ -0,0 +1,171 @@+{-# LANGUAGE DeriveDataTypeable #-}+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE TypeFamilies #-}++{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Network.AWS.CertificateManager.ExportCertificate+-- Copyright : (c) 2013-2018 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Exports a private certificate issued by a private certificate authority (CA) for use anywhere. You can export the certificate, the certificate chain, and the encrypted private key associated with the public key embedded in the certificate. You must store the private key securely. The private key is a 2048 bit RSA key. You must provide a passphrase for the private key when exporting it. You can use the following OpenSSL command to decrypt it later. Provide the passphrase when prompted.+--+--+-- @openssl rsa -in encrypted_key.pem -out decrypted_key.pem@+--+module Network.AWS.CertificateManager.ExportCertificate+ (+ -- * Creating a Request+ exportCertificate+ , ExportCertificate+ -- * Request Lenses+ , ecCertificateARN+ , ecPassphrase++ -- * Destructuring the Response+ , exportCertificateResponse+ , ExportCertificateResponse+ -- * Response Lenses+ , ecrsPrivateKey+ , ecrsCertificate+ , ecrsCertificateChain+ , ecrsResponseStatus+ ) where++import Network.AWS.CertificateManager.Types+import Network.AWS.CertificateManager.Types.Product+import Network.AWS.Lens+import Network.AWS.Prelude+import Network.AWS.Request+import Network.AWS.Response++-- | /See:/ 'exportCertificate' smart constructor.+data ExportCertificate = ExportCertificate'+ { _ecCertificateARN :: !Text+ , _ecPassphrase :: !(Sensitive Base64)+ } deriving (Eq, Show, Data, Typeable, Generic)+++-- | Creates a value of 'ExportCertificate' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'ecCertificateARN' - An Amazon Resource Name (ARN) of the issued certificate. This must be of the form: @arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012@+--+-- * 'ecPassphrase' - Passphrase to associate with the encrypted exported private key. If you want to later decrypt the private key, you must have the passphrase. You can use the following OpenSSL command to decrypt a private key: @openssl rsa -in encrypted_key.pem -out decrypted_key.pem@ -- /Note:/ This 'Lens' automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This 'Lens' accepts and returns only raw unencoded data.+exportCertificate+ :: Text -- ^ 'ecCertificateARN'+ -> ByteString -- ^ 'ecPassphrase'+ -> ExportCertificate+exportCertificate pCertificateARN_ pPassphrase_ =+ ExportCertificate'+ { _ecCertificateARN = pCertificateARN_+ , _ecPassphrase = _Sensitive . _Base64 # pPassphrase_+ }+++-- | An Amazon Resource Name (ARN) of the issued certificate. This must be of the form: @arn:aws:acm:region:account:certificate/12345678-1234-1234-1234-123456789012@+ecCertificateARN :: Lens' ExportCertificate Text+ecCertificateARN = lens _ecCertificateARN (\ s a -> s{_ecCertificateARN = a})++-- | Passphrase to associate with the encrypted exported private key. If you want to later decrypt the private key, you must have the passphrase. You can use the following OpenSSL command to decrypt a private key: @openssl rsa -in encrypted_key.pem -out decrypted_key.pem@ -- /Note:/ This 'Lens' automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This 'Lens' accepts and returns only raw unencoded data.+ecPassphrase :: Lens' ExportCertificate ByteString+ecPassphrase = lens _ecPassphrase (\ s a -> s{_ecPassphrase = a}) . _Sensitive . _Base64++instance AWSRequest ExportCertificate where+ type Rs ExportCertificate = ExportCertificateResponse+ request = postJSON certificateManager+ response+ = receiveJSON+ (\ s h x ->+ ExportCertificateResponse' <$>+ (x .?> "PrivateKey") <*> (x .?> "Certificate") <*>+ (x .?> "CertificateChain")+ <*> (pure (fromEnum s)))++instance Hashable ExportCertificate where++instance NFData ExportCertificate where++instance ToHeaders ExportCertificate where+ toHeaders+ = const+ (mconcat+ ["X-Amz-Target" =#+ ("CertificateManager.ExportCertificate" ::+ ByteString),+ "Content-Type" =#+ ("application/x-amz-json-1.1" :: ByteString)])++instance ToJSON ExportCertificate where+ toJSON ExportCertificate'{..}+ = object+ (catMaybes+ [Just ("CertificateArn" .= _ecCertificateARN),+ Just ("Passphrase" .= _ecPassphrase)])++instance ToPath ExportCertificate where+ toPath = const "/"++instance ToQuery ExportCertificate where+ toQuery = const mempty++-- | /See:/ 'exportCertificateResponse' smart constructor.+data ExportCertificateResponse = ExportCertificateResponse'+ { _ecrsPrivateKey :: !(Maybe (Sensitive Text))+ , _ecrsCertificate :: !(Maybe Text)+ , _ecrsCertificateChain :: !(Maybe Text)+ , _ecrsResponseStatus :: !Int+ } deriving (Eq, Show, Data, Typeable, Generic)+++-- | Creates a value of 'ExportCertificateResponse' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'ecrsPrivateKey' - The PEM-encoded private key associated with the public key in the certificate.+--+-- * 'ecrsCertificate' - The base64 PEM-encoded certificate.+--+-- * 'ecrsCertificateChain' - The base64 PEM-encoded certificate chain. This does not include the certificate that you are exporting.+--+-- * 'ecrsResponseStatus' - -- | The response status code.+exportCertificateResponse+ :: Int -- ^ 'ecrsResponseStatus'+ -> ExportCertificateResponse+exportCertificateResponse pResponseStatus_ =+ ExportCertificateResponse'+ { _ecrsPrivateKey = Nothing+ , _ecrsCertificate = Nothing+ , _ecrsCertificateChain = Nothing+ , _ecrsResponseStatus = pResponseStatus_+ }+++-- | The PEM-encoded private key associated with the public key in the certificate.+ecrsPrivateKey :: Lens' ExportCertificateResponse (Maybe Text)+ecrsPrivateKey = lens _ecrsPrivateKey (\ s a -> s{_ecrsPrivateKey = a}) . mapping _Sensitive++-- | The base64 PEM-encoded certificate.+ecrsCertificate :: Lens' ExportCertificateResponse (Maybe Text)+ecrsCertificate = lens _ecrsCertificate (\ s a -> s{_ecrsCertificate = a})++-- | The base64 PEM-encoded certificate chain. This does not include the certificate that you are exporting.+ecrsCertificateChain :: Lens' ExportCertificateResponse (Maybe Text)+ecrsCertificateChain = lens _ecrsCertificateChain (\ s a -> s{_ecrsCertificateChain = a})++-- | -- | The response status code.+ecrsResponseStatus :: Lens' ExportCertificateResponse Int+ecrsResponseStatus = lens _ecrsResponseStatus (\ s a -> s{_ecrsResponseStatus = a})++instance NFData ExportCertificateResponse where
gen/Network/AWS/CertificateManager/GetCertificate.hs view
@@ -12,13 +12,13 @@ -- | -- Module : Network.AWS.CertificateManager.GetCertificate--- Copyright : (c) 2013-2017 Brendan Hay+-- Copyright : (c) 2013-2018 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay <brendan.g.hay+amazonka@gmail.com> -- Stability : auto-generated -- Portability : non-portable (GHC extensions) ----- Retrieves an ACM Certificate and certificate chain for the certificate specified by an ARN. The chain is an ordered list of certificates that contains the ACM Certificate, intermediate certificates of subordinate CAs, and the root certificate in that order. The certificate and certificate chain are base64 encoded. If you want to decode the certificate chain to see the individual certificate fields, you can use OpenSSL.+-- Retrieves a certificate specified by an ARN and its certificate chain . The chain is an ordered list of certificates that contains the end entity certificate, intermediate certificates of subordinate CAs, and the root certificate in that order. The certificate and certificate chain are base64 encoded. If you want to decode the certificate to see the individual fields, you can use OpenSSL. -- -- module Network.AWS.CertificateManager.GetCertificate@@ -65,7 +65,7 @@ -- | String that contains a certificate ARN in the following format: @arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012@ For more information about ARNs, see <http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html Amazon Resource Names (ARNs) and AWS Service Namespaces> . gcCertificateARN :: Lens' GetCertificate Text-gcCertificateARN = lens _gcCertificateARN (\ s a -> s{_gcCertificateARN = a});+gcCertificateARN = lens _gcCertificateARN (\ s a -> s{_gcCertificateARN = a}) instance AWSRequest GetCertificate where type Rs GetCertificate = GetCertificateResponse@@ -114,7 +114,7 @@ -- -- Use one of the following lenses to modify other fields as desired: ----- * 'gcrsCertificate' - String that contains the ACM Certificate represented by the ARN specified at input.+-- * 'gcrsCertificate' - String that contains the ACM certificate represented by the ARN specified at input. -- -- * 'gcrsCertificateChain' - The certificate chain that contains the root certificate issued by the certificate authority (CA). --@@ -124,22 +124,22 @@ -> GetCertificateResponse getCertificateResponse pResponseStatus_ = GetCertificateResponse'- { _gcrsCertificate = Nothing- , _gcrsCertificateChain = Nothing- , _gcrsResponseStatus = pResponseStatus_- }+ { _gcrsCertificate = Nothing+ , _gcrsCertificateChain = Nothing+ , _gcrsResponseStatus = pResponseStatus_+ } --- | String that contains the ACM Certificate represented by the ARN specified at input.+-- | String that contains the ACM certificate represented by the ARN specified at input. gcrsCertificate :: Lens' GetCertificateResponse (Maybe Text)-gcrsCertificate = lens _gcrsCertificate (\ s a -> s{_gcrsCertificate = a});+gcrsCertificate = lens _gcrsCertificate (\ s a -> s{_gcrsCertificate = a}) -- | The certificate chain that contains the root certificate issued by the certificate authority (CA). gcrsCertificateChain :: Lens' GetCertificateResponse (Maybe Text)-gcrsCertificateChain = lens _gcrsCertificateChain (\ s a -> s{_gcrsCertificateChain = a});+gcrsCertificateChain = lens _gcrsCertificateChain (\ s a -> s{_gcrsCertificateChain = a}) -- | -- | The response status code. gcrsResponseStatus :: Lens' GetCertificateResponse Int-gcrsResponseStatus = lens _gcrsResponseStatus (\ s a -> s{_gcrsResponseStatus = a});+gcrsResponseStatus = lens _gcrsResponseStatus (\ s a -> s{_gcrsResponseStatus = a}) instance NFData GetCertificateResponse where
gen/Network/AWS/CertificateManager/ImportCertificate.hs view
@@ -12,25 +12,41 @@ -- | -- Module : Network.AWS.CertificateManager.ImportCertificate--- Copyright : (c) 2013-2017 Brendan Hay+-- Copyright : (c) 2013-2018 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay <brendan.g.hay+amazonka@gmail.com> -- Stability : auto-generated -- Portability : non-portable (GHC extensions) ----- Imports an SSL/TLS certificate into AWS Certificate Manager (ACM) to use with <http://docs.aws.amazon.com/acm/latest/userguide/acm-services.html ACM's integrated AWS services> .+-- Imports a certificate into AWS Certificate Manager (ACM) to use with services that are integrated with ACM. Note that <http://docs.aws.amazon.com/acm/latest/userguide/acm-services.html integrated services> allow only certificate types and keys they support to be associated with their resources. Further, their support differs depending on whether the certificate is imported into IAM or into ACM. For more information, see the documentation for each service. For more information about importing certificates into ACM, see <http://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html Importing Certificates> in the /AWS Certificate Manager User Guide/ . -- ----- For more information about importing certificates into ACM, including the differences between certificates that you import and those that ACM provides, see <http://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html Importing Certificates> in the /AWS Certificate Manager User Guide/ .+-- Note the following guidelines when importing third party certificates: ----- To import a certificate, you must provide the certificate and the matching private key. When the certificate is not self-signed, you must also provide a certificate chain. You can omit the certificate chain when importing a self-signed certificate.+-- * You must enter the private key that matches the certificate you are importing. ----- The certificate, private key, and certificate chain must be PEM-encoded. For more information about converting these items to PEM format, see <http://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html#import-certificate-troubleshooting Importing Certificates Troubleshooting> in the /AWS Certificate Manager User Guide/ .+-- * The private key must be unencrypted. You cannot import a private key that is protected by a password or a passphrase. ----- To import a new certificate, omit the @CertificateArn@ field. Include this field only when you want to replace a previously imported certificate.+-- * If the certificate you are importing is not self-signed, you must enter its certificate chain. ----- When you import a certificate by using the CLI or one of the SDKs, you must specify the certificate, chain, and private key parameters as file names preceded by @file://@ . For example, you can specify a certificate saved in the @C:\temp@ folder as @C:\temp\certificate_to_import.pem@ . If you are making an HTTP or HTTPS Query request, include these parameters as BLOBs.+-- * If a certificate chain is included, the issuer must be the subject of one of the certificates in the chain. --+-- * The certificate, private key, and certificate chain must be PEM-encoded.+--+-- * The current time must be between the @Not Before@ and @Not After@ certificate fields.+--+-- * The @Issuer@ field must not be empty.+--+-- * The OCSP authority URL, if present, must not exceed 1000 characters.+--+-- * To import a new certificate, omit the @CertificateArn@ argument. Include this argument only when you want to replace a previously imported certificate.+--+-- * When you import a certificate by using the CLI, you must specify the certificate, the certificate chain, and the private key by their file names preceded by @file://@ . For example, you can specify a certificate saved in the @C:\temp@ folder as @file://C:\temp\certificate_to_import.pem@ . If you are making an HTTP or HTTPS Query request, include these arguments as BLOBs.+--+-- * When you import a certificate by using an SDK, you must specify the certificate, the certificate chain, and the private key files in the manner required by the programming language you're using.+--+--+-- -- This operation returns the <http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html Amazon Resource Name (ARN)> of the imported certificate. -- module Network.AWS.CertificateManager.ImportCertificate@@ -74,39 +90,39 @@ -- -- * 'icCertificateARN' - The <http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html Amazon Resource Name (ARN)> of an imported certificate to replace. To import a new certificate, omit this field. ----- * 'icCertificateChain' - The certificate chain. It must be PEM-encoded.-- /Note:/ This 'Lens' automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This 'Lens' accepts and returns only raw unencoded data.+-- * 'icCertificateChain' - The PEM encoded certificate chain.-- /Note:/ This 'Lens' automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This 'Lens' accepts and returns only raw unencoded data. ----- * 'icCertificate' - The certificate to import. It must meet the following requirements: * Must be PEM-encoded. * Must contain a 1024-bit or 2048-bit RSA public key. * Must be valid at the time of import. You cannot import a certificate before its validity period begins (the certificate's @NotBefore@ date) or after it expires (the certificate's @NotAfter@ date).-- /Note:/ This 'Lens' automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This 'Lens' accepts and returns only raw unencoded data.+-- * 'icCertificate' - The certificate to import.-- /Note:/ This 'Lens' automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This 'Lens' accepts and returns only raw unencoded data. ----- * 'icPrivateKey' - The private key that matches the public key in the certificate. It must meet the following requirements: * Must be PEM-encoded. * Must be unencrypted. You cannot import a private key that is protected by a password or passphrase.-- /Note:/ This 'Lens' automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This 'Lens' accepts and returns only raw unencoded data.+-- * 'icPrivateKey' - The private key that matches the public key in the certificate.-- /Note:/ This 'Lens' automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This 'Lens' accepts and returns only raw unencoded data. importCertificate :: ByteString -- ^ 'icCertificate' -> ByteString -- ^ 'icPrivateKey' -> ImportCertificate importCertificate pCertificate_ pPrivateKey_ = ImportCertificate'- { _icCertificateARN = Nothing- , _icCertificateChain = Nothing- , _icCertificate = _Base64 # pCertificate_- , _icPrivateKey = _Sensitive . _Base64 # pPrivateKey_- }+ { _icCertificateARN = Nothing+ , _icCertificateChain = Nothing+ , _icCertificate = _Base64 # pCertificate_+ , _icPrivateKey = _Sensitive . _Base64 # pPrivateKey_+ } -- | The <http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html Amazon Resource Name (ARN)> of an imported certificate to replace. To import a new certificate, omit this field. icCertificateARN :: Lens' ImportCertificate (Maybe Text)-icCertificateARN = lens _icCertificateARN (\ s a -> s{_icCertificateARN = a});+icCertificateARN = lens _icCertificateARN (\ s a -> s{_icCertificateARN = a}) --- | The certificate chain. It must be PEM-encoded.-- /Note:/ This 'Lens' automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This 'Lens' accepts and returns only raw unencoded data.+-- | The PEM encoded certificate chain.-- /Note:/ This 'Lens' automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This 'Lens' accepts and returns only raw unencoded data. icCertificateChain :: Lens' ImportCertificate (Maybe ByteString)-icCertificateChain = lens _icCertificateChain (\ s a -> s{_icCertificateChain = a}) . mapping _Base64;+icCertificateChain = lens _icCertificateChain (\ s a -> s{_icCertificateChain = a}) . mapping _Base64 --- | The certificate to import. It must meet the following requirements: * Must be PEM-encoded. * Must contain a 1024-bit or 2048-bit RSA public key. * Must be valid at the time of import. You cannot import a certificate before its validity period begins (the certificate's @NotBefore@ date) or after it expires (the certificate's @NotAfter@ date).-- /Note:/ This 'Lens' automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This 'Lens' accepts and returns only raw unencoded data.+-- | The certificate to import.-- /Note:/ This 'Lens' automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This 'Lens' accepts and returns only raw unencoded data. icCertificate :: Lens' ImportCertificate ByteString-icCertificate = lens _icCertificate (\ s a -> s{_icCertificate = a}) . _Base64;+icCertificate = lens _icCertificate (\ s a -> s{_icCertificate = a}) . _Base64 --- | The private key that matches the public key in the certificate. It must meet the following requirements: * Must be PEM-encoded. * Must be unencrypted. You cannot import a private key that is protected by a password or passphrase.-- /Note:/ This 'Lens' automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This 'Lens' accepts and returns only raw unencoded data.+-- | The private key that matches the public key in the certificate.-- /Note:/ This 'Lens' automatically encodes and decodes Base64 data. The underlying isomorphism will encode to Base64 representation during serialisation, and decode from Base64 representation during deserialisation. This 'Lens' accepts and returns only raw unencoded data. icPrivateKey :: Lens' ImportCertificate ByteString-icPrivateKey = lens _icPrivateKey (\ s a -> s{_icPrivateKey = a}) . _Sensitive . _Base64;+icPrivateKey = lens _icPrivateKey (\ s a -> s{_icPrivateKey = a}) . _Sensitive . _Base64 instance AWSRequest ImportCertificate where type Rs ImportCertificate = ImportCertificateResponse@@ -165,15 +181,15 @@ -> ImportCertificateResponse importCertificateResponse pResponseStatus_ = ImportCertificateResponse'- {_icrsCertificateARN = Nothing, _icrsResponseStatus = pResponseStatus_}+ {_icrsCertificateARN = Nothing, _icrsResponseStatus = pResponseStatus_} -- | The <http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html Amazon Resource Name (ARN)> of the imported certificate. icrsCertificateARN :: Lens' ImportCertificateResponse (Maybe Text)-icrsCertificateARN = lens _icrsCertificateARN (\ s a -> s{_icrsCertificateARN = a});+icrsCertificateARN = lens _icrsCertificateARN (\ s a -> s{_icrsCertificateARN = a}) -- | -- | The response status code. icrsResponseStatus :: Lens' ImportCertificateResponse Int-icrsResponseStatus = lens _icrsResponseStatus (\ s a -> s{_icrsResponseStatus = a});+icrsResponseStatus = lens _icrsResponseStatus (\ s a -> s{_icrsResponseStatus = a}) instance NFData ImportCertificateResponse where
gen/Network/AWS/CertificateManager/ListCertificates.hs view
@@ -12,13 +12,13 @@ -- | -- Module : Network.AWS.CertificateManager.ListCertificates--- Copyright : (c) 2013-2017 Brendan Hay+-- Copyright : (c) 2013-2018 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay <brendan.g.hay+amazonka@gmail.com> -- Stability : auto-generated -- Portability : non-portable (GHC extensions) ----- Retrieves a list of ACM Certificates and the domain name for each. You can optionally filter the list to return only the certificates that match the specified status.+-- Retrieves a list of certificate ARNs and domain names. You can request that only certificates that match a specific status be listed. You can also filter by specific attributes of the certificate. -- -- --@@ -31,6 +31,7 @@ -- * Request Lenses , lcCertificateStatuses , lcNextToken+ , lcIncludes , lcMaxItems -- * Destructuring the Response@@ -54,6 +55,7 @@ data ListCertificates = ListCertificates' { _lcCertificateStatuses :: !(Maybe [CertificateStatus]) , _lcNextToken :: !(Maybe Text)+ , _lcIncludes :: !(Maybe Filters) , _lcMaxItems :: !(Maybe Nat) } deriving (Eq, Read, Show, Data, Typeable, Generic) @@ -62,32 +64,39 @@ -- -- Use one of the following lenses to modify other fields as desired: ----- * 'lcCertificateStatuses' - The status or statuses on which to filter the list of ACM Certificates.+-- * 'lcCertificateStatuses' - Filter the certificate list by status value. -- -- * 'lcNextToken' - Use this parameter only when paginating results and only in a subsequent request after you receive a response with truncated results. Set it to the value of @NextToken@ from the response you just received. --+-- * 'lcIncludes' - Filter the certificate list. For more information, see the 'Filters' structure.+-- -- * 'lcMaxItems' - Use this parameter when paginating results to specify the maximum number of items to return in the response. If additional items exist beyond the number you specify, the @NextToken@ element is sent in the response. Use this @NextToken@ value in a subsequent request to retrieve additional items. listCertificates :: ListCertificates listCertificates = ListCertificates'- { _lcCertificateStatuses = Nothing- , _lcNextToken = Nothing- , _lcMaxItems = Nothing- }+ { _lcCertificateStatuses = Nothing+ , _lcNextToken = Nothing+ , _lcIncludes = Nothing+ , _lcMaxItems = Nothing+ } --- | The status or statuses on which to filter the list of ACM Certificates.+-- | Filter the certificate list by status value. lcCertificateStatuses :: Lens' ListCertificates [CertificateStatus]-lcCertificateStatuses = lens _lcCertificateStatuses (\ s a -> s{_lcCertificateStatuses = a}) . _Default . _Coerce;+lcCertificateStatuses = lens _lcCertificateStatuses (\ s a -> s{_lcCertificateStatuses = a}) . _Default . _Coerce -- | Use this parameter only when paginating results and only in a subsequent request after you receive a response with truncated results. Set it to the value of @NextToken@ from the response you just received. lcNextToken :: Lens' ListCertificates (Maybe Text)-lcNextToken = lens _lcNextToken (\ s a -> s{_lcNextToken = a});+lcNextToken = lens _lcNextToken (\ s a -> s{_lcNextToken = a}) +-- | Filter the certificate list. For more information, see the 'Filters' structure.+lcIncludes :: Lens' ListCertificates (Maybe Filters)+lcIncludes = lens _lcIncludes (\ s a -> s{_lcIncludes = a})+ -- | Use this parameter when paginating results to specify the maximum number of items to return in the response. If additional items exist beyond the number you specify, the @NextToken@ element is sent in the response. Use this @NextToken@ value in a subsequent request to retrieve additional items. lcMaxItems :: Lens' ListCertificates (Maybe Natural)-lcMaxItems = lens _lcMaxItems (\ s a -> s{_lcMaxItems = a}) . mapping _Nat;+lcMaxItems = lens _lcMaxItems (\ s a -> s{_lcMaxItems = a}) . mapping _Nat instance AWSPager ListCertificates where page rq rs@@ -128,6 +137,7 @@ [("CertificateStatuses" .=) <$> _lcCertificateStatuses, ("NextToken" .=) <$> _lcNextToken,+ ("Includes" .=) <$> _lcIncludes, ("MaxItems" .=) <$> _lcMaxItems]) instance ToPath ListCertificates where@@ -148,7 +158,7 @@ -- -- Use one of the following lenses to modify other fields as desired: ----- * 'lcrsCertificateSummaryList' - A list of ACM Certificates.+-- * 'lcrsCertificateSummaryList' - A list of ACM certificates. -- -- * 'lcrsNextToken' - When the list is truncated, this value is present and contains the value to use for the @NextToken@ parameter in a subsequent pagination request. --@@ -158,22 +168,22 @@ -> ListCertificatesResponse listCertificatesResponse pResponseStatus_ = ListCertificatesResponse'- { _lcrsCertificateSummaryList = Nothing- , _lcrsNextToken = Nothing- , _lcrsResponseStatus = pResponseStatus_- }+ { _lcrsCertificateSummaryList = Nothing+ , _lcrsNextToken = Nothing+ , _lcrsResponseStatus = pResponseStatus_+ } --- | A list of ACM Certificates.+-- | A list of ACM certificates. lcrsCertificateSummaryList :: Lens' ListCertificatesResponse [CertificateSummary]-lcrsCertificateSummaryList = lens _lcrsCertificateSummaryList (\ s a -> s{_lcrsCertificateSummaryList = a}) . _Default . _Coerce;+lcrsCertificateSummaryList = lens _lcrsCertificateSummaryList (\ s a -> s{_lcrsCertificateSummaryList = a}) . _Default . _Coerce -- | When the list is truncated, this value is present and contains the value to use for the @NextToken@ parameter in a subsequent pagination request. lcrsNextToken :: Lens' ListCertificatesResponse (Maybe Text)-lcrsNextToken = lens _lcrsNextToken (\ s a -> s{_lcrsNextToken = a});+lcrsNextToken = lens _lcrsNextToken (\ s a -> s{_lcrsNextToken = a}) -- | -- | The response status code. lcrsResponseStatus :: Lens' ListCertificatesResponse Int-lcrsResponseStatus = lens _lcrsResponseStatus (\ s a -> s{_lcrsResponseStatus = a});+lcrsResponseStatus = lens _lcrsResponseStatus (\ s a -> s{_lcrsResponseStatus = a}) instance NFData ListCertificatesResponse where
gen/Network/AWS/CertificateManager/ListTagsForCertificate.hs view
@@ -12,13 +12,13 @@ -- | -- Module : Network.AWS.CertificateManager.ListTagsForCertificate--- Copyright : (c) 2013-2017 Brendan Hay+-- Copyright : (c) 2013-2018 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay <brendan.g.hay+amazonka@gmail.com> -- Stability : auto-generated -- Portability : non-portable (GHC extensions) ----- Lists the tags that have been applied to the ACM Certificate. Use the certificate's Amazon Resource Name (ARN) to specify the certificate. To add a tag to an ACM Certificate, use the 'AddTagsToCertificate' action. To delete a tag, use the 'RemoveTagsFromCertificate' action.+-- Lists the tags that have been applied to the ACM certificate. Use the certificate's Amazon Resource Name (ARN) to specify the certificate. To add a tag to an ACM certificate, use the 'AddTagsToCertificate' action. To delete a tag, use the 'RemoveTagsFromCertificate' action. -- -- module Network.AWS.CertificateManager.ListTagsForCertificate@@ -54,7 +54,7 @@ -- -- Use one of the following lenses to modify other fields as desired: ----- * 'ltfcCertificateARN' - String that contains the ARN of the ACM Certificate for which you want to list the tags. This has the following form: @arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012@ For more information about ARNs, see <http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html Amazon Resource Names (ARNs) and AWS Service Namespaces> .+-- * 'ltfcCertificateARN' - String that contains the ARN of the ACM certificate for which you want to list the tags. This must have the following form: @arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012@ For more information about ARNs, see <http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html Amazon Resource Names (ARNs) and AWS Service Namespaces> . listTagsForCertificate :: Text -- ^ 'ltfcCertificateARN' -> ListTagsForCertificate@@ -62,9 +62,9 @@ ListTagsForCertificate' {_ltfcCertificateARN = pCertificateARN_} --- | String that contains the ARN of the ACM Certificate for which you want to list the tags. This has the following form: @arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012@ For more information about ARNs, see <http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html Amazon Resource Names (ARNs) and AWS Service Namespaces> .+-- | String that contains the ARN of the ACM certificate for which you want to list the tags. This must have the following form: @arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012@ For more information about ARNs, see <http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html Amazon Resource Names (ARNs) and AWS Service Namespaces> . ltfcCertificateARN :: Lens' ListTagsForCertificate Text-ltfcCertificateARN = lens _ltfcCertificateARN (\ s a -> s{_ltfcCertificateARN = a});+ltfcCertificateARN = lens _ltfcCertificateARN (\ s a -> s{_ltfcCertificateARN = a}) instance AWSRequest ListTagsForCertificate where type Rs ListTagsForCertificate =@@ -121,15 +121,15 @@ -> ListTagsForCertificateResponse listTagsForCertificateResponse pResponseStatus_ = ListTagsForCertificateResponse'- {_ltfcrsTags = Nothing, _ltfcrsResponseStatus = pResponseStatus_}+ {_ltfcrsTags = Nothing, _ltfcrsResponseStatus = pResponseStatus_} -- | The key-value pairs that define the applied tags. ltfcrsTags :: Lens' ListTagsForCertificateResponse (Maybe (NonEmpty Tag))-ltfcrsTags = lens _ltfcrsTags (\ s a -> s{_ltfcrsTags = a}) . mapping _List1;+ltfcrsTags = lens _ltfcrsTags (\ s a -> s{_ltfcrsTags = a}) . mapping _List1 -- | -- | The response status code. ltfcrsResponseStatus :: Lens' ListTagsForCertificateResponse Int-ltfcrsResponseStatus = lens _ltfcrsResponseStatus (\ s a -> s{_ltfcrsResponseStatus = a});+ltfcrsResponseStatus = lens _ltfcrsResponseStatus (\ s a -> s{_ltfcrsResponseStatus = a}) instance NFData ListTagsForCertificateResponse where
gen/Network/AWS/CertificateManager/RemoveTagsFromCertificate.hs view
@@ -12,16 +12,16 @@ -- | -- Module : Network.AWS.CertificateManager.RemoveTagsFromCertificate--- Copyright : (c) 2013-2017 Brendan Hay+-- Copyright : (c) 2013-2018 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay <brendan.g.hay+amazonka@gmail.com> -- Stability : auto-generated -- Portability : non-portable (GHC extensions) ----- Remove one or more tags from an ACM Certificate. A tag consists of a key-value pair. If you do not specify the value portion of the tag when calling this function, the tag will be removed regardless of value. If you specify a value, the tag is removed only if it is associated with the specified value.+-- Remove one or more tags from an ACM certificate. A tag consists of a key-value pair. If you do not specify the value portion of the tag when calling this function, the tag will be removed regardless of value. If you specify a value, the tag is removed only if it is associated with the specified value. -- ----- To add tags to a certificate, use the 'AddTagsToCertificate' action. To view all of the tags that have been applied to a specific ACM Certificate, use the 'ListTagsForCertificate' action.+-- To add tags to a certificate, use the 'AddTagsToCertificate' action. To view all of the tags that have been applied to a specific ACM certificate, use the 'ListTagsForCertificate' action. -- module Network.AWS.CertificateManager.RemoveTagsFromCertificate (@@ -64,16 +64,16 @@ -> RemoveTagsFromCertificate removeTagsFromCertificate pCertificateARN_ pTags_ = RemoveTagsFromCertificate'- {_rtfcCertificateARN = pCertificateARN_, _rtfcTags = _List1 # pTags_}+ {_rtfcCertificateARN = pCertificateARN_, _rtfcTags = _List1 # pTags_} -- | String that contains the ARN of the ACM Certificate with one or more tags that you want to remove. This must be of the form: @arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012@ For more information about ARNs, see <http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html Amazon Resource Names (ARNs) and AWS Service Namespaces> . rtfcCertificateARN :: Lens' RemoveTagsFromCertificate Text-rtfcCertificateARN = lens _rtfcCertificateARN (\ s a -> s{_rtfcCertificateARN = a});+rtfcCertificateARN = lens _rtfcCertificateARN (\ s a -> s{_rtfcCertificateARN = a}) -- | The key-value pair that defines the tag to remove. rtfcTags :: Lens' RemoveTagsFromCertificate (NonEmpty Tag)-rtfcTags = lens _rtfcTags (\ s a -> s{_rtfcTags = a}) . _List1;+rtfcTags = lens _rtfcTags (\ s a -> s{_rtfcTags = a}) . _List1 instance AWSRequest RemoveTagsFromCertificate where type Rs RemoveTagsFromCertificate =
gen/Network/AWS/CertificateManager/RequestCertificate.hs view
@@ -12,18 +12,16 @@ -- | -- Module : Network.AWS.CertificateManager.RequestCertificate--- Copyright : (c) 2013-2017 Brendan Hay+-- Copyright : (c) 2013-2018 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay <brendan.g.hay+amazonka@gmail.com> -- Stability : auto-generated -- Portability : non-portable (GHC extensions) ----- Requests an ACM Certificate for use with other AWS services. To request an ACM Certificate, you must specify the fully qualified domain name (FQDN) for your site in the @DomainName@ parameter. You can also specify additional FQDNs in the @SubjectAlternativeNames@ parameter if users can reach your site by using other names.+-- Requests an ACM certificate for use with other AWS services. To request an ACM certificate, you must specify a fully qualified domain name (FQDN) in the @DomainName@ parameter. You can also specify additional FQDNs in the @SubjectAlternativeNames@ parameter. -- ----- For each domain name you specify, email is sent to the domain owner to request approval to issue the certificate. Email is sent to three registered contact addresses in the WHOIS database and to five common system administration addresses formed from the @DomainName@ you enter or the optional @ValidationDomain@ parameter. For more information, see <http://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate.html Validate Domain Ownership> .------ After receiving approval from the domain owner, the ACM Certificate is issued. For more information, see the <http://docs.aws.amazon.com/acm/latest/userguide/ AWS Certificate Manager User Guide> .+-- If you are requesting a private certificate, domain validation is not required. If you are requesting a public certificate, each domain name that you specify must be validated to verify that you own or control the domain. You can use <http://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html DNS validation> or <http://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html email validation> . We recommend that you use DNS validation. ACM issues public certificates after receiving approval from the domain owner. -- module Network.AWS.CertificateManager.RequestCertificate (@@ -32,8 +30,11 @@ , RequestCertificate -- * Request Lenses , rcIdempotencyToken+ , rcValidationMethod , rcSubjectAlternativeNames+ , rcOptions , rcDomainValidationOptions+ , rcCertificateAuthorityARN , rcDomainName -- * Destructuring the Response@@ -54,8 +55,11 @@ -- | /See:/ 'requestCertificate' smart constructor. data RequestCertificate = RequestCertificate' { _rcIdempotencyToken :: !(Maybe Text)+ , _rcValidationMethod :: !(Maybe ValidationMethod) , _rcSubjectAlternativeNames :: !(Maybe (List1 Text))+ , _rcOptions :: !(Maybe CertificateOptions) , _rcDomainValidationOptions :: !(Maybe (List1 DomainValidationOption))+ , _rcCertificateAuthorityARN :: !(Maybe Text) , _rcDomainName :: !Text } deriving (Eq, Read, Show, Data, Typeable, Generic) @@ -66,38 +70,59 @@ -- -- * 'rcIdempotencyToken' - Customer chosen string that can be used to distinguish between calls to @RequestCertificate@ . Idempotency tokens time out after one hour. Therefore, if you call @RequestCertificate@ multiple times with the same idempotency token within one hour, ACM recognizes that you are requesting only one certificate and will issue only one. If you change the idempotency token for each call, ACM recognizes that you are requesting multiple certificates. ----- * 'rcSubjectAlternativeNames' - Additional FQDNs to be included in the Subject Alternative Name extension of the ACM Certificate. For example, add the name www.example.net to a certificate for which the @DomainName@ field is www.example.com if users can reach your site by using either name. The maximum number of domain names that you can add to an ACM Certificate is 100. However, the initial limit is 10 domain names. If you need more than 10 names, you must request a limit increase. For more information, see <http://docs.aws.amazon.com/acm/latest/userguide/acm-limits.html Limits> .+-- * 'rcValidationMethod' - The method you want to use if you are requesting a public certificate to validate that you own or control domain. You can <http://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html validate with DNS> or <http://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html validate with email> . We recommend that you use DNS validation. ----- * 'rcDomainValidationOptions' - The domain name that you want ACM to use to send you emails to validate your ownership of the domain.+-- * 'rcSubjectAlternativeNames' - Additional FQDNs to be included in the Subject Alternative Name extension of the ACM certificate. For example, add the name www.example.net to a certificate for which the @DomainName@ field is www.example.com if users can reach your site by using either name. The maximum number of domain names that you can add to an ACM certificate is 100. However, the initial limit is 10 domain names. If you need more than 10 names, you must request a limit increase. For more information, see <http://docs.aws.amazon.com/acm/latest/userguide/acm-limits.html Limits> . The maximum length of a SAN DNS name is 253 octets. The name is made up of multiple labels separated by periods. No label can be longer than 63 octets. Consider the following examples: * @(63 octets).(63 octets).(63 octets).(61 octets)@ is legal because the total length is 253 octets (63+1+63+1+63+1+61) and no label exceeds 63 octets. * @(64 octets).(63 octets).(63 octets).(61 octets)@ is not legal because the total length exceeds 253 octets (64+1+63+1+63+1+61) and the first label exceeds 63 octets. * @(63 octets).(63 octets).(63 octets).(62 octets)@ is not legal because the total length of the DNS name (63+1+63+1+63+1+62) exceeds 253 octets. ----- * 'rcDomainName' - Fully qualified domain name (FQDN), such as www.example.com, of the site that you want to secure with an ACM Certificate. Use an asterisk (*) to create a wildcard certificate that protects several sites in the same domain. For example, *.example.com protects www.example.com, site.example.com, and images.example.com. The maximum length of a DNS name is 253 octets. The name is made up of multiple labels separated by periods. No label can be longer than 63 octets. Consider the following examples: @(63 octets).(63 octets).(63 octets).(61 octets)@ is legal because the total length is 253 octets (63+1+63+1+63+1+61) and no label exceeds 63 octets. @(64 octets).(63 octets).(63 octets).(61 octets)@ is not legal because the total length exceeds 253 octets (64+1+63+1+63+1+61) and the first label exceeds 63 octets. @(63 octets).(63 octets).(63 octets).(62 octets)@ is not legal because the total length of the DNS name (63+1+63+1+63+1+62) exceeds 253 octets.+-- * 'rcOptions' - Currently, you can use this parameter to specify whether to add the certificate to a certificate transparency log. Certificate transparency makes it possible to detect SSL/TLS certificates that have been mistakenly or maliciously issued. Certificates that have not been logged typically produce an error message in a browser. For more information, see <http://docs.aws.amazon.com/acm/latest/userguide/acm-bestpractices.html#best-practices-transparency Opting Out of Certificate Transparency Logging> .+--+-- * 'rcDomainValidationOptions' - The domain name that you want ACM to use to send you emails so that you can validate domain ownership.+--+-- * 'rcCertificateAuthorityARN' - The Amazon Resource Name (ARN) of the private certificate authority (CA) that will be used to issue the certificate. If you do not provide an ARN and you are trying to request a private certificate, ACM will attempt to issue a public certificate. For more information about private CAs, see the <http://docs.aws.amazon.com/acm-pca/latest/userguide/PcaWelcome.html AWS Certificate Manager Private Certificate Authority (PCA)> user guide. The ARN must have the following form: @arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012@+--+-- * 'rcDomainName' - Fully qualified domain name (FQDN), such as www.example.com, that you want to secure with an ACM certificate. Use an asterisk (*) to create a wildcard certificate that protects several sites in the same domain. For example, *.example.com protects www.example.com, site.example.com, and images.example.com. The first domain name you enter cannot exceed 63 octets, including periods. Each subsequent Subject Alternative Name (SAN), however, can be up to 253 octets in length. requestCertificate :: Text -- ^ 'rcDomainName' -> RequestCertificate requestCertificate pDomainName_ = RequestCertificate'- { _rcIdempotencyToken = Nothing- , _rcSubjectAlternativeNames = Nothing- , _rcDomainValidationOptions = Nothing- , _rcDomainName = pDomainName_- }+ { _rcIdempotencyToken = Nothing+ , _rcValidationMethod = Nothing+ , _rcSubjectAlternativeNames = Nothing+ , _rcOptions = Nothing+ , _rcDomainValidationOptions = Nothing+ , _rcCertificateAuthorityARN = Nothing+ , _rcDomainName = pDomainName_+ } -- | Customer chosen string that can be used to distinguish between calls to @RequestCertificate@ . Idempotency tokens time out after one hour. Therefore, if you call @RequestCertificate@ multiple times with the same idempotency token within one hour, ACM recognizes that you are requesting only one certificate and will issue only one. If you change the idempotency token for each call, ACM recognizes that you are requesting multiple certificates. rcIdempotencyToken :: Lens' RequestCertificate (Maybe Text)-rcIdempotencyToken = lens _rcIdempotencyToken (\ s a -> s{_rcIdempotencyToken = a});+rcIdempotencyToken = lens _rcIdempotencyToken (\ s a -> s{_rcIdempotencyToken = a}) --- | Additional FQDNs to be included in the Subject Alternative Name extension of the ACM Certificate. For example, add the name www.example.net to a certificate for which the @DomainName@ field is www.example.com if users can reach your site by using either name. The maximum number of domain names that you can add to an ACM Certificate is 100. However, the initial limit is 10 domain names. If you need more than 10 names, you must request a limit increase. For more information, see <http://docs.aws.amazon.com/acm/latest/userguide/acm-limits.html Limits> .+-- | The method you want to use if you are requesting a public certificate to validate that you own or control domain. You can <http://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html validate with DNS> or <http://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-email.html validate with email> . We recommend that you use DNS validation.+rcValidationMethod :: Lens' RequestCertificate (Maybe ValidationMethod)+rcValidationMethod = lens _rcValidationMethod (\ s a -> s{_rcValidationMethod = a})++-- | Additional FQDNs to be included in the Subject Alternative Name extension of the ACM certificate. For example, add the name www.example.net to a certificate for which the @DomainName@ field is www.example.com if users can reach your site by using either name. The maximum number of domain names that you can add to an ACM certificate is 100. However, the initial limit is 10 domain names. If you need more than 10 names, you must request a limit increase. For more information, see <http://docs.aws.amazon.com/acm/latest/userguide/acm-limits.html Limits> . The maximum length of a SAN DNS name is 253 octets. The name is made up of multiple labels separated by periods. No label can be longer than 63 octets. Consider the following examples: * @(63 octets).(63 octets).(63 octets).(61 octets)@ is legal because the total length is 253 octets (63+1+63+1+63+1+61) and no label exceeds 63 octets. * @(64 octets).(63 octets).(63 octets).(61 octets)@ is not legal because the total length exceeds 253 octets (64+1+63+1+63+1+61) and the first label exceeds 63 octets. * @(63 octets).(63 octets).(63 octets).(62 octets)@ is not legal because the total length of the DNS name (63+1+63+1+63+1+62) exceeds 253 octets. rcSubjectAlternativeNames :: Lens' RequestCertificate (Maybe (NonEmpty Text))-rcSubjectAlternativeNames = lens _rcSubjectAlternativeNames (\ s a -> s{_rcSubjectAlternativeNames = a}) . mapping _List1;+rcSubjectAlternativeNames = lens _rcSubjectAlternativeNames (\ s a -> s{_rcSubjectAlternativeNames = a}) . mapping _List1 --- | The domain name that you want ACM to use to send you emails to validate your ownership of the domain.+-- | Currently, you can use this parameter to specify whether to add the certificate to a certificate transparency log. Certificate transparency makes it possible to detect SSL/TLS certificates that have been mistakenly or maliciously issued. Certificates that have not been logged typically produce an error message in a browser. For more information, see <http://docs.aws.amazon.com/acm/latest/userguide/acm-bestpractices.html#best-practices-transparency Opting Out of Certificate Transparency Logging> .+rcOptions :: Lens' RequestCertificate (Maybe CertificateOptions)+rcOptions = lens _rcOptions (\ s a -> s{_rcOptions = a})++-- | The domain name that you want ACM to use to send you emails so that you can validate domain ownership. rcDomainValidationOptions :: Lens' RequestCertificate (Maybe (NonEmpty DomainValidationOption))-rcDomainValidationOptions = lens _rcDomainValidationOptions (\ s a -> s{_rcDomainValidationOptions = a}) . mapping _List1;+rcDomainValidationOptions = lens _rcDomainValidationOptions (\ s a -> s{_rcDomainValidationOptions = a}) . mapping _List1 --- | Fully qualified domain name (FQDN), such as www.example.com, of the site that you want to secure with an ACM Certificate. Use an asterisk (*) to create a wildcard certificate that protects several sites in the same domain. For example, *.example.com protects www.example.com, site.example.com, and images.example.com. The maximum length of a DNS name is 253 octets. The name is made up of multiple labels separated by periods. No label can be longer than 63 octets. Consider the following examples: @(63 octets).(63 octets).(63 octets).(61 octets)@ is legal because the total length is 253 octets (63+1+63+1+63+1+61) and no label exceeds 63 octets. @(64 octets).(63 octets).(63 octets).(61 octets)@ is not legal because the total length exceeds 253 octets (64+1+63+1+63+1+61) and the first label exceeds 63 octets. @(63 octets).(63 octets).(63 octets).(62 octets)@ is not legal because the total length of the DNS name (63+1+63+1+63+1+62) exceeds 253 octets.+-- | The Amazon Resource Name (ARN) of the private certificate authority (CA) that will be used to issue the certificate. If you do not provide an ARN and you are trying to request a private certificate, ACM will attempt to issue a public certificate. For more information about private CAs, see the <http://docs.aws.amazon.com/acm-pca/latest/userguide/PcaWelcome.html AWS Certificate Manager Private Certificate Authority (PCA)> user guide. The ARN must have the following form: @arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012@+rcCertificateAuthorityARN :: Lens' RequestCertificate (Maybe Text)+rcCertificateAuthorityARN = lens _rcCertificateAuthorityARN (\ s a -> s{_rcCertificateAuthorityARN = a})++-- | Fully qualified domain name (FQDN), such as www.example.com, that you want to secure with an ACM certificate. Use an asterisk (*) to create a wildcard certificate that protects several sites in the same domain. For example, *.example.com protects www.example.com, site.example.com, and images.example.com. The first domain name you enter cannot exceed 63 octets, including periods. Each subsequent Subject Alternative Name (SAN), however, can be up to 253 octets in length. rcDomainName :: Lens' RequestCertificate Text-rcDomainName = lens _rcDomainName (\ s a -> s{_rcDomainName = a});+rcDomainName = lens _rcDomainName (\ s a -> s{_rcDomainName = a}) instance AWSRequest RequestCertificate where type Rs RequestCertificate =@@ -128,10 +153,14 @@ = object (catMaybes [("IdempotencyToken" .=) <$> _rcIdempotencyToken,+ ("ValidationMethod" .=) <$> _rcValidationMethod, ("SubjectAlternativeNames" .=) <$> _rcSubjectAlternativeNames,+ ("Options" .=) <$> _rcOptions, ("DomainValidationOptions" .=) <$> _rcDomainValidationOptions,+ ("CertificateAuthorityArn" .=) <$>+ _rcCertificateAuthorityARN, Just ("DomainName" .= _rcDomainName)]) instance ToPath RequestCertificate where@@ -159,15 +188,15 @@ -> RequestCertificateResponse requestCertificateResponse pResponseStatus_ = RequestCertificateResponse'- {_rcrsCertificateARN = Nothing, _rcrsResponseStatus = pResponseStatus_}+ {_rcrsCertificateARN = Nothing, _rcrsResponseStatus = pResponseStatus_} -- | String that contains the ARN of the issued certificate. This must be of the form: @arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012@ rcrsCertificateARN :: Lens' RequestCertificateResponse (Maybe Text)-rcrsCertificateARN = lens _rcrsCertificateARN (\ s a -> s{_rcrsCertificateARN = a});+rcrsCertificateARN = lens _rcrsCertificateARN (\ s a -> s{_rcrsCertificateARN = a}) -- | -- | The response status code. rcrsResponseStatus :: Lens' RequestCertificateResponse Int-rcrsResponseStatus = lens _rcrsResponseStatus (\ s a -> s{_rcrsResponseStatus = a});+rcrsResponseStatus = lens _rcrsResponseStatus (\ s a -> s{_rcrsResponseStatus = a}) instance NFData RequestCertificateResponse where
gen/Network/AWS/CertificateManager/ResendValidationEmail.hs view
@@ -12,13 +12,13 @@ -- | -- Module : Network.AWS.CertificateManager.ResendValidationEmail--- Copyright : (c) 2013-2017 Brendan Hay+-- Copyright : (c) 2013-2018 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay <brendan.g.hay+amazonka@gmail.com> -- Stability : auto-generated -- Portability : non-portable (GHC extensions) ----- Resends the email that requests domain ownership validation. The domain owner or an authorized representative must approve the ACM Certificate before it can be issued. The certificate can be approved by clicking a link in the mail to navigate to the Amazon certificate approval website and then clicking __I Approve__ . However, the validation email can be blocked by spam filters. Therefore, if you do not receive the original mail, you can request that the mail be resent within 72 hours of requesting the ACM Certificate. If more than 72 hours have elapsed since your original request or since your last attempt to resend validation mail, you must request a new certificate. For more information about setting up your contact email addresses, see <http://docs.aws.amazon.com/acm/latest/userguide/setup-email.html Configure Email for your Domain> .+-- Resends the email that requests domain ownership validation. The domain owner or an authorized representative must approve the ACM certificate before it can be issued. The certificate can be approved by clicking a link in the mail to navigate to the Amazon certificate approval website and then clicking __I Approve__ . However, the validation email can be blocked by spam filters. Therefore, if you do not receive the original mail, you can request that the mail be resent within 72 hours of requesting the ACM certificate. If more than 72 hours have elapsed since your original request or since your last attempt to resend validation mail, you must request a new certificate. For more information about setting up your contact email addresses, see <http://docs.aws.amazon.com/acm/latest/userguide/setup-email.html Configure Email for your Domain> . -- -- module Network.AWS.CertificateManager.ResendValidationEmail@@ -55,7 +55,7 @@ -- -- Use one of the following lenses to modify other fields as desired: ----- * 'rveCertificateARN' - String that contains the ARN of the requested certificate. The certificate ARN is generated and returned by the 'RequestCertificate' action as soon as the request is made. By default, using this parameter causes email to be sent to all top-level domains you specified in the certificate request. The ARN must be of the form: @arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012@+-- * 'rveCertificateARN' - String that contains the ARN of the requested certificate. The certificate ARN is generated and returned by the 'RequestCertificate' action as soon as the request is made. By default, using this parameter causes email to be sent to all top-level domains you specified in the certificate request. The ARN must be of the form: @arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012@ -- -- * 'rveDomain' - The fully qualified domain name (FQDN) of the certificate that needs to be validated. --@@ -67,23 +67,23 @@ -> ResendValidationEmail resendValidationEmail pCertificateARN_ pDomain_ pValidationDomain_ = ResendValidationEmail'- { _rveCertificateARN = pCertificateARN_- , _rveDomain = pDomain_- , _rveValidationDomain = pValidationDomain_- }+ { _rveCertificateARN = pCertificateARN_+ , _rveDomain = pDomain_+ , _rveValidationDomain = pValidationDomain_+ } --- | String that contains the ARN of the requested certificate. The certificate ARN is generated and returned by the 'RequestCertificate' action as soon as the request is made. By default, using this parameter causes email to be sent to all top-level domains you specified in the certificate request. The ARN must be of the form: @arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012@+-- | String that contains the ARN of the requested certificate. The certificate ARN is generated and returned by the 'RequestCertificate' action as soon as the request is made. By default, using this parameter causes email to be sent to all top-level domains you specified in the certificate request. The ARN must be of the form: @arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012@ rveCertificateARN :: Lens' ResendValidationEmail Text-rveCertificateARN = lens _rveCertificateARN (\ s a -> s{_rveCertificateARN = a});+rveCertificateARN = lens _rveCertificateARN (\ s a -> s{_rveCertificateARN = a}) -- | The fully qualified domain name (FQDN) of the certificate that needs to be validated. rveDomain :: Lens' ResendValidationEmail Text-rveDomain = lens _rveDomain (\ s a -> s{_rveDomain = a});+rveDomain = lens _rveDomain (\ s a -> s{_rveDomain = a}) -- | The base validation domain that will act as the suffix of the email addresses that are used to send the emails. This must be the same as the @Domain@ value or a superdomain of the @Domain@ value. For example, if you requested a certificate for @site.subdomain.example.com@ and specify a __ValidationDomain__ of @subdomain.example.com@ , ACM sends email to the domain registrant, technical contact, and administrative contact in WHOIS and the following five addresses: * admin@subdomain.example.com * administrator@subdomain.example.com * hostmaster@subdomain.example.com * postmaster@subdomain.example.com * webmaster@subdomain.example.com rveValidationDomain :: Lens' ResendValidationEmail Text-rveValidationDomain = lens _rveValidationDomain (\ s a -> s{_rveValidationDomain = a});+rveValidationDomain = lens _rveValidationDomain (\ s a -> s{_rveValidationDomain = a}) instance AWSRequest ResendValidationEmail where type Rs ResendValidationEmail =
gen/Network/AWS/CertificateManager/Types.hs view
@@ -4,7 +4,7 @@ -- | -- Module : Network.AWS.CertificateManager.Types--- Copyright : (c) 2013-2017 Brendan Hay+-- Copyright : (c) 2013-2018 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay <brendan.g.hay+amazonka@gmail.com> -- Stability : auto-generated@@ -29,24 +29,42 @@ -- * CertificateStatus , CertificateStatus (..) + -- * CertificateTransparencyLoggingPreference+ , CertificateTransparencyLoggingPreference (..)+ -- * CertificateType , CertificateType (..) -- * DomainStatus , DomainStatus (..) + -- * ExtendedKeyUsageName+ , ExtendedKeyUsageName (..)+ -- * FailureReason , FailureReason (..) -- * KeyAlgorithm , KeyAlgorithm (..) + -- * KeyUsageName+ , KeyUsageName (..)++ -- * RecordType+ , RecordType (..)++ -- * RenewalEligibility+ , RenewalEligibility (..)+ -- * RenewalStatus , RenewalStatus (..) -- * RevocationReason , RevocationReason (..) + -- * ValidationMethod+ , ValidationMethod (..)+ -- * CertificateDetail , CertificateDetail , certificateDetail@@ -58,7 +76,10 @@ , cdCreatedAt , cdCertificateARN , cdSerial+ , cdRenewalEligibility+ , cdExtendedKeyUsages , cdImportedAt+ , cdKeyUsages , cdRevokedAt , cdNotBefore , cdRevocationReason@@ -66,12 +87,19 @@ , cdRenewalSummary , cdKeyAlgorithm , cdType+ , cdOptions , cdIssuedAt , cdSignatureAlgorithm , cdDomainValidationOptions , cdIssuer , cdNotAfter+ , cdCertificateAuthorityARN + -- * CertificateOptions+ , CertificateOptions+ , certificateOptions+ , coCertificateTransparencyLoggingPreference+ -- * CertificateSummary , CertificateSummary , certificateSummary@@ -82,6 +110,8 @@ , DomainValidation , domainValidation , dvValidationEmails+ , dvValidationMethod+ , dvResourceRecord , dvValidationStatus , dvValidationDomain , dvDomainName@@ -92,12 +122,37 @@ , dvoDomainName , dvoValidationDomain + -- * ExtendedKeyUsage+ , ExtendedKeyUsage+ , extendedKeyUsage+ , ekuOId+ , ekuName++ -- * Filters+ , Filters+ , filters+ , fKeyTypes+ , fKeyUsage+ , fExtendedKeyUsage++ -- * KeyUsage+ , KeyUsage+ , keyUsage+ , kuName+ -- * RenewalSummary , RenewalSummary , renewalSummary , rsRenewalStatus , rsDomainValidationOptions + -- * ResourceRecord+ , ResourceRecord+ , resourceRecord+ , rrName+ , rrType+ , rrValue+ -- * Tag , Tag , tag@@ -115,24 +170,24 @@ certificateManager :: Service certificateManager = Service- { _svcAbbrev = "CertificateManager"- , _svcSigner = v4- , _svcPrefix = "acm"- , _svcVersion = "2015-12-08"- , _svcEndpoint = defaultEndpoint certificateManager- , _svcTimeout = Just 70- , _svcCheck = statusSuccess- , _svcError = parseJSONError "CertificateManager"- , _svcRetry = retry- }+ { _svcAbbrev = "CertificateManager"+ , _svcSigner = v4+ , _svcPrefix = "acm"+ , _svcVersion = "2015-12-08"+ , _svcEndpoint = defaultEndpoint certificateManager+ , _svcTimeout = Just 70+ , _svcCheck = statusSuccess+ , _svcError = parseJSONError "CertificateManager"+ , _svcRetry = retry+ } where retry = Exponential- { _retryBase = 5.0e-2- , _retryGrowth = 2- , _retryAttempts = 5- , _retryCheck = check- }+ { _retryBase = 5.0e-2+ , _retryGrowth = 2+ , _retryAttempts = 5+ , _retryCheck = check+ } check e | has (hasCode "ThrottledException" . hasStatus 400) e = Just "throttled_exception"@@ -141,6 +196,8 @@ Just "throttling_exception" | has (hasCode "Throttling" . hasStatus 400) e = Just "throttling" | has (hasStatus 504) e = Just "gateway_timeout"+ | has (hasCode "RequestThrottledException" . hasStatus 400) e =+ Just "request_throttled_exception" | has (hasStatus 502) e = Just "bad_gateway" | has (hasStatus 503) e = Just "service_unavailable" | has (hasStatus 500) e = Just "general_server_error"@@ -190,7 +247,7 @@ _MatchServiceError certificateManager "InvalidArnException" --- | The specified certificate cannot be found in the caller's account, or the caller's account cannot be found.+-- | The specified certificate cannot be found in the caller's account or the caller's account cannot be found. -- -- _ResourceNotFoundException :: AsError a => Getting (First ServiceError) a ServiceError@@ -198,7 +255,7 @@ _MatchServiceError certificateManager "ResourceNotFoundException" --- | Processing has reached an invalid state. For example, this exception can occur if the specified domain is not using email validation, or the current certificate status does not permit the requested operation. See the exception message returned by ACM to determine which state is not valid.+-- | Processing has reached an invalid state. -- -- _InvalidStateException :: AsError a => Getting (First ServiceError) a ServiceError@@ -206,7 +263,7 @@ _MatchServiceError certificateManager "InvalidStateException" --- | An ACM limit has been exceeded. For example, you may have input more domains than are allowed or you've requested too many certificates for your account. See the exception message returned by ACM to determine which limit you have violated. For more information about ACM limits, see the <http://docs.aws.amazon.com/acm/latest/userguide/acm-limits.html Limits> topic.+-- | An ACM limit has been exceeded. -- -- _LimitExceededException :: AsError a => Getting (First ServiceError) a ServiceError
gen/Network/AWS/CertificateManager/Types/Product.hs view
@@ -9,7 +9,7 @@ -- | -- Module : Network.AWS.CertificateManager.Types.Product--- Copyright : (c) 2013-2017 Brendan Hay+-- Copyright : (c) 2013-2018 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay <brendan.g.hay+amazonka@gmail.com> -- Stability : auto-generated@@ -35,7 +35,10 @@ , _cdCreatedAt :: !(Maybe POSIX) , _cdCertificateARN :: !(Maybe Text) , _cdSerial :: !(Maybe Text)+ , _cdRenewalEligibility :: !(Maybe RenewalEligibility)+ , _cdExtendedKeyUsages :: !(Maybe [ExtendedKeyUsage]) , _cdImportedAt :: !(Maybe POSIX)+ , _cdKeyUsages :: !(Maybe [KeyUsage]) , _cdRevokedAt :: !(Maybe POSIX) , _cdNotBefore :: !(Maybe POSIX) , _cdRevocationReason :: !(Maybe RevocationReason)@@ -43,11 +46,13 @@ , _cdRenewalSummary :: !(Maybe RenewalSummary) , _cdKeyAlgorithm :: !(Maybe KeyAlgorithm) , _cdType :: !(Maybe CertificateType)+ , _cdOptions :: !(Maybe CertificateOptions) , _cdIssuedAt :: !(Maybe POSIX) , _cdSignatureAlgorithm :: !(Maybe Text) , _cdDomainValidationOptions :: !(Maybe (List1 DomainValidation)) , _cdIssuer :: !(Maybe Text) , _cdNotAfter :: !(Maybe POSIX)+ , _cdCertificateAuthorityARN :: !(Maybe Text) } deriving (Eq, Read, Show, Data, Typeable, Generic) @@ -71,8 +76,14 @@ -- -- * 'cdSerial' - The serial number of the certificate. --+-- * 'cdRenewalEligibility' - Specifies whether the certificate is eligible for renewal.+--+-- * 'cdExtendedKeyUsages' - Contains a list of Extended Key Usage X.509 v3 extension objects. Each object specifies a purpose for which the certificate public key can be used and consists of a name and an object identifier (OID).+-- -- * 'cdImportedAt' - The date and time at which the certificate was imported. This value exists only when the certificate type is @IMPORTED@ . --+-- * 'cdKeyUsages' - A list of Key Usage X.509 v3 extension objects. Each object is a string value that identifies the purpose of the public key contained in the certificate. Possible extension values include DIGITAL_SIGNATURE, KEY_ENCHIPHERMENT, NON_REPUDIATION, and more.+-- -- * 'cdRevokedAt' - The time at which the certificate was revoked. This value exists only when the certificate status is @REVOKED@ . -- -- * 'cdNotBefore' - The time before which the certificate is not valid.@@ -83,10 +94,12 @@ -- -- * 'cdRenewalSummary' - Contains information about the status of ACM's <http://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html managed renewal> for the certificate. This field exists only when the certificate type is @AMAZON_ISSUED@ . ----- * 'cdKeyAlgorithm' - The algorithm that was used to generate the key pair (the public and private key).+-- * 'cdKeyAlgorithm' - The algorithm that was used to generate the public-private key pair. -- -- * 'cdType' - The source of the certificate. For certificates provided by ACM, this value is @AMAZON_ISSUED@ . For certificates that you imported with 'ImportCertificate' , this value is @IMPORTED@ . ACM does not provide <http://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html managed renewal> for imported certificates. For more information about the differences between certificates that you import and those that ACM provides, see <http://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html Importing Certificates> in the /AWS Certificate Manager User Guide/ . --+-- * 'cdOptions' - Value that specifies whether to add the certificate to a transparency log. Certificate transparency makes it possible to detect SSL certificates that have been mistakenly or maliciously issued. A browser might respond to certificate that has not been logged by showing an error message. The logs are cryptographically secure.+-- -- * 'cdIssuedAt' - The time at which the certificate was issued. This value exists only when the certificate type is @AMAZON_ISSUED@ . -- -- * 'cdSignatureAlgorithm' - The algorithm that was used to sign the certificate.@@ -96,118 +109,145 @@ -- * 'cdIssuer' - The name of the certificate authority that issued and signed the certificate. -- -- * 'cdNotAfter' - The time after which the certificate is not valid.+--+-- * 'cdCertificateAuthorityARN' - The Amazon Resource Name (ARN) of the ACM PCA private certificate authority (CA) that issued the certificate. This has the following format: @arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012@ certificateDetail :: CertificateDetail certificateDetail = CertificateDetail'- { _cdSubject = Nothing- , _cdStatus = Nothing- , _cdFailureReason = Nothing- , _cdSubjectAlternativeNames = Nothing- , _cdInUseBy = Nothing- , _cdCreatedAt = Nothing- , _cdCertificateARN = Nothing- , _cdSerial = Nothing- , _cdImportedAt = Nothing- , _cdRevokedAt = Nothing- , _cdNotBefore = Nothing- , _cdRevocationReason = Nothing- , _cdDomainName = Nothing- , _cdRenewalSummary = Nothing- , _cdKeyAlgorithm = Nothing- , _cdType = Nothing- , _cdIssuedAt = Nothing- , _cdSignatureAlgorithm = Nothing- , _cdDomainValidationOptions = Nothing- , _cdIssuer = Nothing- , _cdNotAfter = Nothing- }+ { _cdSubject = Nothing+ , _cdStatus = Nothing+ , _cdFailureReason = Nothing+ , _cdSubjectAlternativeNames = Nothing+ , _cdInUseBy = Nothing+ , _cdCreatedAt = Nothing+ , _cdCertificateARN = Nothing+ , _cdSerial = Nothing+ , _cdRenewalEligibility = Nothing+ , _cdExtendedKeyUsages = Nothing+ , _cdImportedAt = Nothing+ , _cdKeyUsages = Nothing+ , _cdRevokedAt = Nothing+ , _cdNotBefore = Nothing+ , _cdRevocationReason = Nothing+ , _cdDomainName = Nothing+ , _cdRenewalSummary = Nothing+ , _cdKeyAlgorithm = Nothing+ , _cdType = Nothing+ , _cdOptions = Nothing+ , _cdIssuedAt = Nothing+ , _cdSignatureAlgorithm = Nothing+ , _cdDomainValidationOptions = Nothing+ , _cdIssuer = Nothing+ , _cdNotAfter = Nothing+ , _cdCertificateAuthorityARN = Nothing+ } -- | The name of the entity that is associated with the public key contained in the certificate. cdSubject :: Lens' CertificateDetail (Maybe Text)-cdSubject = lens _cdSubject (\ s a -> s{_cdSubject = a});+cdSubject = lens _cdSubject (\ s a -> s{_cdSubject = a}) -- | The status of the certificate. cdStatus :: Lens' CertificateDetail (Maybe CertificateStatus)-cdStatus = lens _cdStatus (\ s a -> s{_cdStatus = a});+cdStatus = lens _cdStatus (\ s a -> s{_cdStatus = a}) -- | The reason the certificate request failed. This value exists only when the certificate status is @FAILED@ . For more information, see <http://docs.aws.amazon.com/acm/latest/userguide/troubleshooting.html#troubleshooting-failed Certificate Request Failed> in the /AWS Certificate Manager User Guide/ . cdFailureReason :: Lens' CertificateDetail (Maybe FailureReason)-cdFailureReason = lens _cdFailureReason (\ s a -> s{_cdFailureReason = a});+cdFailureReason = lens _cdFailureReason (\ s a -> s{_cdFailureReason = a}) -- | One or more domain names (subject alternative names) included in the certificate. This list contains the domain names that are bound to the public key that is contained in the certificate. The subject alternative names include the canonical domain name (CN) of the certificate and additional domain names that can be used to connect to the website. cdSubjectAlternativeNames :: Lens' CertificateDetail (Maybe (NonEmpty Text))-cdSubjectAlternativeNames = lens _cdSubjectAlternativeNames (\ s a -> s{_cdSubjectAlternativeNames = a}) . mapping _List1;+cdSubjectAlternativeNames = lens _cdSubjectAlternativeNames (\ s a -> s{_cdSubjectAlternativeNames = a}) . mapping _List1 -- | A list of ARNs for the AWS resources that are using the certificate. A certificate can be used by multiple AWS resources. cdInUseBy :: Lens' CertificateDetail [Text]-cdInUseBy = lens _cdInUseBy (\ s a -> s{_cdInUseBy = a}) . _Default . _Coerce;+cdInUseBy = lens _cdInUseBy (\ s a -> s{_cdInUseBy = a}) . _Default . _Coerce -- | The time at which the certificate was requested. This value exists only when the certificate type is @AMAZON_ISSUED@ . cdCreatedAt :: Lens' CertificateDetail (Maybe UTCTime)-cdCreatedAt = lens _cdCreatedAt (\ s a -> s{_cdCreatedAt = a}) . mapping _Time;+cdCreatedAt = lens _cdCreatedAt (\ s a -> s{_cdCreatedAt = a}) . mapping _Time -- | The Amazon Resource Name (ARN) of the certificate. For more information about ARNs, see <http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html Amazon Resource Names (ARNs) and AWS Service Namespaces> in the /AWS General Reference/ . cdCertificateARN :: Lens' CertificateDetail (Maybe Text)-cdCertificateARN = lens _cdCertificateARN (\ s a -> s{_cdCertificateARN = a});+cdCertificateARN = lens _cdCertificateARN (\ s a -> s{_cdCertificateARN = a}) -- | The serial number of the certificate. cdSerial :: Lens' CertificateDetail (Maybe Text)-cdSerial = lens _cdSerial (\ s a -> s{_cdSerial = a});+cdSerial = lens _cdSerial (\ s a -> s{_cdSerial = a}) +-- | Specifies whether the certificate is eligible for renewal.+cdRenewalEligibility :: Lens' CertificateDetail (Maybe RenewalEligibility)+cdRenewalEligibility = lens _cdRenewalEligibility (\ s a -> s{_cdRenewalEligibility = a})++-- | Contains a list of Extended Key Usage X.509 v3 extension objects. Each object specifies a purpose for which the certificate public key can be used and consists of a name and an object identifier (OID).+cdExtendedKeyUsages :: Lens' CertificateDetail [ExtendedKeyUsage]+cdExtendedKeyUsages = lens _cdExtendedKeyUsages (\ s a -> s{_cdExtendedKeyUsages = a}) . _Default . _Coerce+ -- | The date and time at which the certificate was imported. This value exists only when the certificate type is @IMPORTED@ . cdImportedAt :: Lens' CertificateDetail (Maybe UTCTime)-cdImportedAt = lens _cdImportedAt (\ s a -> s{_cdImportedAt = a}) . mapping _Time;+cdImportedAt = lens _cdImportedAt (\ s a -> s{_cdImportedAt = a}) . mapping _Time +-- | A list of Key Usage X.509 v3 extension objects. Each object is a string value that identifies the purpose of the public key contained in the certificate. Possible extension values include DIGITAL_SIGNATURE, KEY_ENCHIPHERMENT, NON_REPUDIATION, and more.+cdKeyUsages :: Lens' CertificateDetail [KeyUsage]+cdKeyUsages = lens _cdKeyUsages (\ s a -> s{_cdKeyUsages = a}) . _Default . _Coerce+ -- | The time at which the certificate was revoked. This value exists only when the certificate status is @REVOKED@ . cdRevokedAt :: Lens' CertificateDetail (Maybe UTCTime)-cdRevokedAt = lens _cdRevokedAt (\ s a -> s{_cdRevokedAt = a}) . mapping _Time;+cdRevokedAt = lens _cdRevokedAt (\ s a -> s{_cdRevokedAt = a}) . mapping _Time -- | The time before which the certificate is not valid. cdNotBefore :: Lens' CertificateDetail (Maybe UTCTime)-cdNotBefore = lens _cdNotBefore (\ s a -> s{_cdNotBefore = a}) . mapping _Time;+cdNotBefore = lens _cdNotBefore (\ s a -> s{_cdNotBefore = a}) . mapping _Time -- | The reason the certificate was revoked. This value exists only when the certificate status is @REVOKED@ . cdRevocationReason :: Lens' CertificateDetail (Maybe RevocationReason)-cdRevocationReason = lens _cdRevocationReason (\ s a -> s{_cdRevocationReason = a});+cdRevocationReason = lens _cdRevocationReason (\ s a -> s{_cdRevocationReason = a}) -- | The fully qualified domain name for the certificate, such as www.example.com or example.com. cdDomainName :: Lens' CertificateDetail (Maybe Text)-cdDomainName = lens _cdDomainName (\ s a -> s{_cdDomainName = a});+cdDomainName = lens _cdDomainName (\ s a -> s{_cdDomainName = a}) -- | Contains information about the status of ACM's <http://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html managed renewal> for the certificate. This field exists only when the certificate type is @AMAZON_ISSUED@ . cdRenewalSummary :: Lens' CertificateDetail (Maybe RenewalSummary)-cdRenewalSummary = lens _cdRenewalSummary (\ s a -> s{_cdRenewalSummary = a});+cdRenewalSummary = lens _cdRenewalSummary (\ s a -> s{_cdRenewalSummary = a}) --- | The algorithm that was used to generate the key pair (the public and private key).+-- | The algorithm that was used to generate the public-private key pair. cdKeyAlgorithm :: Lens' CertificateDetail (Maybe KeyAlgorithm)-cdKeyAlgorithm = lens _cdKeyAlgorithm (\ s a -> s{_cdKeyAlgorithm = a});+cdKeyAlgorithm = lens _cdKeyAlgorithm (\ s a -> s{_cdKeyAlgorithm = a}) -- | The source of the certificate. For certificates provided by ACM, this value is @AMAZON_ISSUED@ . For certificates that you imported with 'ImportCertificate' , this value is @IMPORTED@ . ACM does not provide <http://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html managed renewal> for imported certificates. For more information about the differences between certificates that you import and those that ACM provides, see <http://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html Importing Certificates> in the /AWS Certificate Manager User Guide/ . cdType :: Lens' CertificateDetail (Maybe CertificateType)-cdType = lens _cdType (\ s a -> s{_cdType = a});+cdType = lens _cdType (\ s a -> s{_cdType = a}) +-- | Value that specifies whether to add the certificate to a transparency log. Certificate transparency makes it possible to detect SSL certificates that have been mistakenly or maliciously issued. A browser might respond to certificate that has not been logged by showing an error message. The logs are cryptographically secure.+cdOptions :: Lens' CertificateDetail (Maybe CertificateOptions)+cdOptions = lens _cdOptions (\ s a -> s{_cdOptions = a})+ -- | The time at which the certificate was issued. This value exists only when the certificate type is @AMAZON_ISSUED@ . cdIssuedAt :: Lens' CertificateDetail (Maybe UTCTime)-cdIssuedAt = lens _cdIssuedAt (\ s a -> s{_cdIssuedAt = a}) . mapping _Time;+cdIssuedAt = lens _cdIssuedAt (\ s a -> s{_cdIssuedAt = a}) . mapping _Time -- | The algorithm that was used to sign the certificate. cdSignatureAlgorithm :: Lens' CertificateDetail (Maybe Text)-cdSignatureAlgorithm = lens _cdSignatureAlgorithm (\ s a -> s{_cdSignatureAlgorithm = a});+cdSignatureAlgorithm = lens _cdSignatureAlgorithm (\ s a -> s{_cdSignatureAlgorithm = a}) -- | Contains information about the initial validation of each domain name that occurs as a result of the 'RequestCertificate' request. This field exists only when the certificate type is @AMAZON_ISSUED@ . cdDomainValidationOptions :: Lens' CertificateDetail (Maybe (NonEmpty DomainValidation))-cdDomainValidationOptions = lens _cdDomainValidationOptions (\ s a -> s{_cdDomainValidationOptions = a}) . mapping _List1;+cdDomainValidationOptions = lens _cdDomainValidationOptions (\ s a -> s{_cdDomainValidationOptions = a}) . mapping _List1 -- | The name of the certificate authority that issued and signed the certificate. cdIssuer :: Lens' CertificateDetail (Maybe Text)-cdIssuer = lens _cdIssuer (\ s a -> s{_cdIssuer = a});+cdIssuer = lens _cdIssuer (\ s a -> s{_cdIssuer = a}) -- | The time after which the certificate is not valid. cdNotAfter :: Lens' CertificateDetail (Maybe UTCTime)-cdNotAfter = lens _cdNotAfter (\ s a -> s{_cdNotAfter = a}) . mapping _Time;+cdNotAfter = lens _cdNotAfter (\ s a -> s{_cdNotAfter = a}) . mapping _Time +-- | The Amazon Resource Name (ARN) of the ACM PCA private certificate authority (CA) that issued the certificate. This has the following format: @arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012@+cdCertificateAuthorityARN :: Lens' CertificateDetail (Maybe Text)+cdCertificateAuthorityARN = lens _cdCertificateAuthorityARN (\ s a -> s{_cdCertificateAuthorityARN = a})+ instance FromJSON CertificateDetail where parseJSON = withObject "CertificateDetail"@@ -220,7 +260,10 @@ <*> (x .:? "CreatedAt") <*> (x .:? "CertificateArn") <*> (x .:? "Serial")+ <*> (x .:? "RenewalEligibility")+ <*> (x .:? "ExtendedKeyUsages" .!= mempty) <*> (x .:? "ImportedAt")+ <*> (x .:? "KeyUsages" .!= mempty) <*> (x .:? "RevokedAt") <*> (x .:? "NotBefore") <*> (x .:? "RevocationReason")@@ -228,16 +271,61 @@ <*> (x .:? "RenewalSummary") <*> (x .:? "KeyAlgorithm") <*> (x .:? "Type")+ <*> (x .:? "Options") <*> (x .:? "IssuedAt") <*> (x .:? "SignatureAlgorithm") <*> (x .:? "DomainValidationOptions") <*> (x .:? "Issuer")- <*> (x .:? "NotAfter"))+ <*> (x .:? "NotAfter")+ <*> (x .:? "CertificateAuthorityArn")) instance Hashable CertificateDetail where instance NFData CertificateDetail where +-- | Structure that contains options for your certificate. Currently, you can use this only to specify whether to opt in to or out of certificate transparency logging. Some browsers require that public certificates issued for your domain be recorded in a log. Certificates that are not logged typically generate a browser error. Transparency makes it possible for you to detect SSL/TLS certificates that have been mistakenly or maliciously issued for your domain. For general information, see <http://docs.aws.amazon.com/acm/latest/userguide/acm-concepts.html#concept-transparency Certificate Transparency Logging> .+--+--+--+-- /See:/ 'certificateOptions' smart constructor.+newtype CertificateOptions = CertificateOptions'+ { _coCertificateTransparencyLoggingPreference :: Maybe CertificateTransparencyLoggingPreference+ } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'CertificateOptions' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'coCertificateTransparencyLoggingPreference' - You can opt out of certificate transparency logging by specifying the @DISABLED@ option. Opt in by specifying @ENABLED@ .+certificateOptions+ :: CertificateOptions+certificateOptions =+ CertificateOptions' {_coCertificateTransparencyLoggingPreference = Nothing}+++-- | You can opt out of certificate transparency logging by specifying the @DISABLED@ option. Opt in by specifying @ENABLED@ .+coCertificateTransparencyLoggingPreference :: Lens' CertificateOptions (Maybe CertificateTransparencyLoggingPreference)+coCertificateTransparencyLoggingPreference = lens _coCertificateTransparencyLoggingPreference (\ s a -> s{_coCertificateTransparencyLoggingPreference = a})++instance FromJSON CertificateOptions where+ parseJSON+ = withObject "CertificateOptions"+ (\ x ->+ CertificateOptions' <$>+ (x .:? "CertificateTransparencyLoggingPreference"))++instance Hashable CertificateOptions where++instance NFData CertificateOptions where++instance ToJSON CertificateOptions where+ toJSON CertificateOptions'{..}+ = object+ (catMaybes+ [("CertificateTransparencyLoggingPreference" .=) <$>+ _coCertificateTransparencyLoggingPreference])+ -- | This structure is returned in the response object of 'ListCertificates' action. -- --@@ -264,11 +352,11 @@ -- | Amazon Resource Name (ARN) of the certificate. This is of the form: @arn:aws:acm:region:123456789012:certificate/12345678-1234-1234-1234-123456789012@ For more information about ARNs, see <http://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html Amazon Resource Names (ARNs) and AWS Service Namespaces> . csCertificateARN :: Lens' CertificateSummary (Maybe Text)-csCertificateARN = lens _csCertificateARN (\ s a -> s{_csCertificateARN = a});+csCertificateARN = lens _csCertificateARN (\ s a -> s{_csCertificateARN = a}) -- | Fully qualified domain name (FQDN), such as www.example.com or example.com, for the certificate. csDomainName :: Lens' CertificateSummary (Maybe Text)-csDomainName = lens _csDomainName (\ s a -> s{_csDomainName = a});+csDomainName = lens _csDomainName (\ s a -> s{_csDomainName = a}) instance FromJSON CertificateSummary where parseJSON@@ -288,6 +376,8 @@ -- /See:/ 'domainValidation' smart constructor. data DomainValidation = DomainValidation' { _dvValidationEmails :: !(Maybe [Text])+ , _dvValidationMethod :: !(Maybe ValidationMethod)+ , _dvResourceRecord :: !(Maybe ResourceRecord) , _dvValidationStatus :: !(Maybe DomainStatus) , _dvValidationDomain :: !(Maybe Text) , _dvDomainName :: !Text@@ -300,8 +390,12 @@ -- -- * 'dvValidationEmails' - A list of email addresses that ACM used to send domain validation emails. ----- * 'dvValidationStatus' - The validation status of the domain name.+-- * 'dvValidationMethod' - Specifies the domain validation method. --+-- * 'dvResourceRecord' - Contains the CNAME record that you add to your DNS database for domain validation. For more information, see <http://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html Use DNS to Validate Domain Ownership> .+--+-- * 'dvValidationStatus' - The validation status of the domain name. This can be one of the following values: * @PENDING_VALIDATION@ * SUCCESS * FAILED+-- -- * 'dvValidationDomain' - The domain name that ACM used to send domain validation emails. -- -- * 'dvDomainName' - A fully qualified domain name (FQDN) in the certificate. For example, @www.example.com@ or @example.com@ .@@ -310,28 +404,38 @@ -> DomainValidation domainValidation pDomainName_ = DomainValidation'- { _dvValidationEmails = Nothing- , _dvValidationStatus = Nothing- , _dvValidationDomain = Nothing- , _dvDomainName = pDomainName_- }+ { _dvValidationEmails = Nothing+ , _dvValidationMethod = Nothing+ , _dvResourceRecord = Nothing+ , _dvValidationStatus = Nothing+ , _dvValidationDomain = Nothing+ , _dvDomainName = pDomainName_+ } -- | A list of email addresses that ACM used to send domain validation emails. dvValidationEmails :: Lens' DomainValidation [Text]-dvValidationEmails = lens _dvValidationEmails (\ s a -> s{_dvValidationEmails = a}) . _Default . _Coerce;+dvValidationEmails = lens _dvValidationEmails (\ s a -> s{_dvValidationEmails = a}) . _Default . _Coerce --- | The validation status of the domain name.+-- | Specifies the domain validation method.+dvValidationMethod :: Lens' DomainValidation (Maybe ValidationMethod)+dvValidationMethod = lens _dvValidationMethod (\ s a -> s{_dvValidationMethod = a})++-- | Contains the CNAME record that you add to your DNS database for domain validation. For more information, see <http://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html Use DNS to Validate Domain Ownership> .+dvResourceRecord :: Lens' DomainValidation (Maybe ResourceRecord)+dvResourceRecord = lens _dvResourceRecord (\ s a -> s{_dvResourceRecord = a})++-- | The validation status of the domain name. This can be one of the following values: * @PENDING_VALIDATION@ * SUCCESS * FAILED dvValidationStatus :: Lens' DomainValidation (Maybe DomainStatus)-dvValidationStatus = lens _dvValidationStatus (\ s a -> s{_dvValidationStatus = a});+dvValidationStatus = lens _dvValidationStatus (\ s a -> s{_dvValidationStatus = a}) -- | The domain name that ACM used to send domain validation emails. dvValidationDomain :: Lens' DomainValidation (Maybe Text)-dvValidationDomain = lens _dvValidationDomain (\ s a -> s{_dvValidationDomain = a});+dvValidationDomain = lens _dvValidationDomain (\ s a -> s{_dvValidationDomain = a}) -- | A fully qualified domain name (FQDN) in the certificate. For example, @www.example.com@ or @example.com@ . dvDomainName :: Lens' DomainValidation Text-dvDomainName = lens _dvDomainName (\ s a -> s{_dvDomainName = a});+dvDomainName = lens _dvDomainName (\ s a -> s{_dvDomainName = a}) instance FromJSON DomainValidation where parseJSON@@ -339,7 +443,9 @@ (\ x -> DomainValidation' <$> (x .:? "ValidationEmails" .!= mempty) <*>- (x .:? "ValidationStatus")+ (x .:? "ValidationMethod")+ <*> (x .:? "ResourceRecord")+ <*> (x .:? "ValidationStatus") <*> (x .:? "ValidationDomain") <*> (x .: "DomainName")) @@ -347,7 +453,7 @@ instance NFData DomainValidation where --- | Contains information about the domain names that you want ACM to use to send you emails to validate your ownership of the domain.+-- | Contains information about the domain names that you want ACM to use to send you emails that enable you to validate domain ownership. -- -- --@@ -371,16 +477,16 @@ -> DomainValidationOption domainValidationOption pDomainName_ pValidationDomain_ = DomainValidationOption'- {_dvoDomainName = pDomainName_, _dvoValidationDomain = pValidationDomain_}+ {_dvoDomainName = pDomainName_, _dvoValidationDomain = pValidationDomain_} -- | A fully qualified domain name (FQDN) in the certificate request. dvoDomainName :: Lens' DomainValidationOption Text-dvoDomainName = lens _dvoDomainName (\ s a -> s{_dvoDomainName = a});+dvoDomainName = lens _dvoDomainName (\ s a -> s{_dvoDomainName = a}) -- | The domain name that you want ACM to use to send you validation emails. This domain name is the suffix of the email addresses that you want ACM to use. This must be the same as the @DomainName@ value or a superdomain of the @DomainName@ value. For example, if you request a certificate for @testing.example.com@ , you can specify @example.com@ for this value. In that case, ACM sends domain validation emails to the following five addresses: * admin@example.com * administrator@example.com * hostmaster@example.com * postmaster@example.com * webmaster@example.com dvoValidationDomain :: Lens' DomainValidationOption Text-dvoValidationDomain = lens _dvoValidationDomain (\ s a -> s{_dvoValidationDomain = a});+dvoValidationDomain = lens _dvoValidationDomain (\ s a -> s{_dvoValidationDomain = a}) instance Hashable DomainValidationOption where @@ -393,6 +499,133 @@ [Just ("DomainName" .= _dvoDomainName), Just ("ValidationDomain" .= _dvoValidationDomain)]) +-- | The Extended Key Usage X.509 v3 extension defines one or more purposes for which the public key can be used. This is in addition to or in place of the basic purposes specified by the Key Usage extension.+--+--+--+-- /See:/ 'extendedKeyUsage' smart constructor.+data ExtendedKeyUsage = ExtendedKeyUsage'+ { _ekuOId :: !(Maybe Text)+ , _ekuName :: !(Maybe ExtendedKeyUsageName)+ } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'ExtendedKeyUsage' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'ekuOId' - An object identifier (OID) for the extension value. OIDs are strings of numbers separated by periods. The following OIDs are defined in RFC 3280 and RFC 5280. * @1.3.6.1.5.5.7.3.1 (TLS_WEB_SERVER_AUTHENTICATION)@ * @1.3.6.1.5.5.7.3.2 (TLS_WEB_CLIENT_AUTHENTICATION)@ * @1.3.6.1.5.5.7.3.3 (CODE_SIGNING)@ * @1.3.6.1.5.5.7.3.4 (EMAIL_PROTECTION)@ * @1.3.6.1.5.5.7.3.8 (TIME_STAMPING)@ * @1.3.6.1.5.5.7.3.9 (OCSP_SIGNING)@ * @1.3.6.1.5.5.7.3.5 (IPSEC_END_SYSTEM)@ * @1.3.6.1.5.5.7.3.6 (IPSEC_TUNNEL)@ * @1.3.6.1.5.5.7.3.7 (IPSEC_USER)@+--+-- * 'ekuName' - The name of an Extended Key Usage value.+extendedKeyUsage+ :: ExtendedKeyUsage+extendedKeyUsage = ExtendedKeyUsage' {_ekuOId = Nothing, _ekuName = Nothing}+++-- | An object identifier (OID) for the extension value. OIDs are strings of numbers separated by periods. The following OIDs are defined in RFC 3280 and RFC 5280. * @1.3.6.1.5.5.7.3.1 (TLS_WEB_SERVER_AUTHENTICATION)@ * @1.3.6.1.5.5.7.3.2 (TLS_WEB_CLIENT_AUTHENTICATION)@ * @1.3.6.1.5.5.7.3.3 (CODE_SIGNING)@ * @1.3.6.1.5.5.7.3.4 (EMAIL_PROTECTION)@ * @1.3.6.1.5.5.7.3.8 (TIME_STAMPING)@ * @1.3.6.1.5.5.7.3.9 (OCSP_SIGNING)@ * @1.3.6.1.5.5.7.3.5 (IPSEC_END_SYSTEM)@ * @1.3.6.1.5.5.7.3.6 (IPSEC_TUNNEL)@ * @1.3.6.1.5.5.7.3.7 (IPSEC_USER)@+ekuOId :: Lens' ExtendedKeyUsage (Maybe Text)+ekuOId = lens _ekuOId (\ s a -> s{_ekuOId = a})++-- | The name of an Extended Key Usage value.+ekuName :: Lens' ExtendedKeyUsage (Maybe ExtendedKeyUsageName)+ekuName = lens _ekuName (\ s a -> s{_ekuName = a})++instance FromJSON ExtendedKeyUsage where+ parseJSON+ = withObject "ExtendedKeyUsage"+ (\ x ->+ ExtendedKeyUsage' <$>+ (x .:? "OID") <*> (x .:? "Name"))++instance Hashable ExtendedKeyUsage where++instance NFData ExtendedKeyUsage where++-- | This structure can be used in the 'ListCertificates' action to filter the output of the certificate list.+--+--+--+-- /See:/ 'filters' smart constructor.+data Filters = Filters'+ { _fKeyTypes :: !(Maybe [KeyAlgorithm])+ , _fKeyUsage :: !(Maybe [KeyUsageName])+ , _fExtendedKeyUsage :: !(Maybe [ExtendedKeyUsageName])+ } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'Filters' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'fKeyTypes' - Specify one or more algorithms that can be used to generate key pairs.+--+-- * 'fKeyUsage' - Specify one or more 'KeyUsage' extension values.+--+-- * 'fExtendedKeyUsage' - Specify one or more 'ExtendedKeyUsage' extension values.+filters+ :: Filters+filters =+ Filters'+ {_fKeyTypes = Nothing, _fKeyUsage = Nothing, _fExtendedKeyUsage = Nothing}+++-- | Specify one or more algorithms that can be used to generate key pairs.+fKeyTypes :: Lens' Filters [KeyAlgorithm]+fKeyTypes = lens _fKeyTypes (\ s a -> s{_fKeyTypes = a}) . _Default . _Coerce++-- | Specify one or more 'KeyUsage' extension values.+fKeyUsage :: Lens' Filters [KeyUsageName]+fKeyUsage = lens _fKeyUsage (\ s a -> s{_fKeyUsage = a}) . _Default . _Coerce++-- | Specify one or more 'ExtendedKeyUsage' extension values.+fExtendedKeyUsage :: Lens' Filters [ExtendedKeyUsageName]+fExtendedKeyUsage = lens _fExtendedKeyUsage (\ s a -> s{_fExtendedKeyUsage = a}) . _Default . _Coerce++instance Hashable Filters where++instance NFData Filters where++instance ToJSON Filters where+ toJSON Filters'{..}+ = object+ (catMaybes+ [("keyTypes" .=) <$> _fKeyTypes,+ ("keyUsage" .=) <$> _fKeyUsage,+ ("extendedKeyUsage" .=) <$> _fExtendedKeyUsage])++-- | The Key Usage X.509 v3 extension defines the purpose of the public key contained in the certificate.+--+--+--+-- /See:/ 'keyUsage' smart constructor.+newtype KeyUsage = KeyUsage'+ { _kuName :: Maybe KeyUsageName+ } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'KeyUsage' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'kuName' - A string value that contains a Key Usage extension name.+keyUsage+ :: KeyUsage+keyUsage = KeyUsage' {_kuName = Nothing}+++-- | A string value that contains a Key Usage extension name.+kuName :: Lens' KeyUsage (Maybe KeyUsageName)+kuName = lens _kuName (\ s a -> s{_kuName = a})++instance FromJSON KeyUsage where+ parseJSON+ = withObject "KeyUsage"+ (\ x -> KeyUsage' <$> (x .:? "Name"))++instance Hashable KeyUsage where++instance NFData KeyUsage where+ -- | Contains information about the status of ACM's <http://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html managed renewal> for the certificate. This structure exists only when the certificate type is @AMAZON_ISSUED@ . -- --@@ -417,18 +650,18 @@ -> RenewalSummary renewalSummary pRenewalStatus_ pDomainValidationOptions_ = RenewalSummary'- { _rsRenewalStatus = pRenewalStatus_- , _rsDomainValidationOptions = _List1 # pDomainValidationOptions_- }+ { _rsRenewalStatus = pRenewalStatus_+ , _rsDomainValidationOptions = _List1 # pDomainValidationOptions_+ } -- | The status of ACM's <http://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html managed renewal> of the certificate. rsRenewalStatus :: Lens' RenewalSummary RenewalStatus-rsRenewalStatus = lens _rsRenewalStatus (\ s a -> s{_rsRenewalStatus = a});+rsRenewalStatus = lens _rsRenewalStatus (\ s a -> s{_rsRenewalStatus = a}) -- | Contains information about the validation of each domain name in the certificate, as it pertains to ACM's <http://docs.aws.amazon.com/acm/latest/userguide/acm-renewal.html managed renewal> . This is different from the initial validation that occurs as a result of the 'RequestCertificate' request. This field exists only when the certificate type is @AMAZON_ISSUED@ . rsDomainValidationOptions :: Lens' RenewalSummary (NonEmpty DomainValidation)-rsDomainValidationOptions = lens _rsDomainValidationOptions (\ s a -> s{_rsDomainValidationOptions = a}) . _List1;+rsDomainValidationOptions = lens _rsDomainValidationOptions (\ s a -> s{_rsDomainValidationOptions = a}) . _List1 instance FromJSON RenewalSummary where parseJSON@@ -442,6 +675,59 @@ instance NFData RenewalSummary where +-- | Contains a DNS record value that you can use to can use to validate ownership or control of a domain. This is used by the 'DescribeCertificate' action.+--+--+--+-- /See:/ 'resourceRecord' smart constructor.+data ResourceRecord = ResourceRecord'+ { _rrName :: !Text+ , _rrType :: !RecordType+ , _rrValue :: !Text+ } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'ResourceRecord' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'rrName' - The name of the DNS record to create in your domain. This is supplied by ACM.+--+-- * 'rrType' - The type of DNS record. Currently this can be @CNAME@ .+--+-- * 'rrValue' - The value of the CNAME record to add to your DNS database. This is supplied by ACM.+resourceRecord+ :: Text -- ^ 'rrName'+ -> RecordType -- ^ 'rrType'+ -> Text -- ^ 'rrValue'+ -> ResourceRecord+resourceRecord pName_ pType_ pValue_ =+ ResourceRecord' {_rrName = pName_, _rrType = pType_, _rrValue = pValue_}+++-- | The name of the DNS record to create in your domain. This is supplied by ACM.+rrName :: Lens' ResourceRecord Text+rrName = lens _rrName (\ s a -> s{_rrName = a})++-- | The type of DNS record. Currently this can be @CNAME@ .+rrType :: Lens' ResourceRecord RecordType+rrType = lens _rrType (\ s a -> s{_rrType = a})++-- | The value of the CNAME record to add to your DNS database. This is supplied by ACM.+rrValue :: Lens' ResourceRecord Text+rrValue = lens _rrValue (\ s a -> s{_rrValue = a})++instance FromJSON ResourceRecord where+ parseJSON+ = withObject "ResourceRecord"+ (\ x ->+ ResourceRecord' <$>+ (x .: "Name") <*> (x .: "Type") <*> (x .: "Value"))++instance Hashable ResourceRecord where++instance NFData ResourceRecord where+ -- | A key-value pair that identifies or specifies metadata about an ACM resource. -- --@@ -468,11 +754,11 @@ -- | The value of the tag. tagValue :: Lens' Tag (Maybe Text)-tagValue = lens _tagValue (\ s a -> s{_tagValue = a});+tagValue = lens _tagValue (\ s a -> s{_tagValue = a}) -- | The key of the tag. tagKey :: Lens' Tag Text-tagKey = lens _tagKey (\ s a -> s{_tagKey = a});+tagKey = lens _tagKey (\ s a -> s{_tagKey = a}) instance FromJSON Tag where parseJSON
gen/Network/AWS/CertificateManager/Types/Sum.hs view
@@ -9,7 +9,7 @@ -- | -- Module : Network.AWS.CertificateManager.Types.Sum--- Copyright : (c) 2013-2017 Brendan Hay+-- Copyright : (c) 2013-2018 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay <brendan.g.hay+amazonka@gmail.com> -- Stability : auto-generated@@ -64,9 +64,40 @@ instance FromJSON CertificateStatus where parseJSON = parseJSONText "CertificateStatus" +data CertificateTransparencyLoggingPreference+ = Disabled+ | Enabled+ deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)+++instance FromText CertificateTransparencyLoggingPreference where+ parser = takeLowerText >>= \case+ "disabled" -> pure Disabled+ "enabled" -> pure Enabled+ e -> fromTextError $ "Failure parsing CertificateTransparencyLoggingPreference from value: '" <> e+ <> "'. Accepted values: disabled, enabled"++instance ToText CertificateTransparencyLoggingPreference where+ toText = \case+ Disabled -> "DISABLED"+ Enabled -> "ENABLED"++instance Hashable CertificateTransparencyLoggingPreference+instance NFData CertificateTransparencyLoggingPreference+instance ToByteString CertificateTransparencyLoggingPreference+instance ToQuery CertificateTransparencyLoggingPreference+instance ToHeader CertificateTransparencyLoggingPreference++instance ToJSON CertificateTransparencyLoggingPreference where+ toJSON = toJSONText++instance FromJSON CertificateTransparencyLoggingPreference where+ parseJSON = parseJSONText "CertificateTransparencyLoggingPreference"+ data CertificateType = AmazonIssued | Imported+ | Private deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic) @@ -74,13 +105,15 @@ parser = takeLowerText >>= \case "amazon_issued" -> pure AmazonIssued "imported" -> pure Imported+ "private" -> pure Private e -> fromTextError $ "Failure parsing CertificateType from value: '" <> e- <> "'. Accepted values: amazon_issued, imported"+ <> "'. Accepted values: amazon_issued, imported, private" instance ToText CertificateType where toText = \case AmazonIssued -> "AMAZON_ISSUED" Imported -> "IMPORTED"+ Private -> "PRIVATE" instance Hashable CertificateType instance NFData CertificateType@@ -121,32 +154,113 @@ instance FromJSON DomainStatus where parseJSON = parseJSONText "DomainStatus" +data ExtendedKeyUsageName+ = Any+ | CodeSigning+ | Custom+ | EmailProtection+ | IPsecEndSystem+ | IPsecTunnel+ | IPsecUser+ | None+ | OcspSigning+ | TLSWebClientAuthentication+ | TLSWebServerAuthentication+ | TimeStamping+ deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)+++instance FromText ExtendedKeyUsageName where+ parser = takeLowerText >>= \case+ "any" -> pure Any+ "code_signing" -> pure CodeSigning+ "custom" -> pure Custom+ "email_protection" -> pure EmailProtection+ "ipsec_end_system" -> pure IPsecEndSystem+ "ipsec_tunnel" -> pure IPsecTunnel+ "ipsec_user" -> pure IPsecUser+ "none" -> pure None+ "ocsp_signing" -> pure OcspSigning+ "tls_web_client_authentication" -> pure TLSWebClientAuthentication+ "tls_web_server_authentication" -> pure TLSWebServerAuthentication+ "time_stamping" -> pure TimeStamping+ e -> fromTextError $ "Failure parsing ExtendedKeyUsageName from value: '" <> e+ <> "'. Accepted values: any, code_signing, custom, email_protection, ipsec_end_system, ipsec_tunnel, ipsec_user, none, ocsp_signing, tls_web_client_authentication, tls_web_server_authentication, time_stamping"++instance ToText ExtendedKeyUsageName where+ toText = \case+ Any -> "ANY"+ CodeSigning -> "CODE_SIGNING"+ Custom -> "CUSTOM"+ EmailProtection -> "EMAIL_PROTECTION"+ IPsecEndSystem -> "IPSEC_END_SYSTEM"+ IPsecTunnel -> "IPSEC_TUNNEL"+ IPsecUser -> "IPSEC_USER"+ None -> "NONE"+ OcspSigning -> "OCSP_SIGNING"+ TLSWebClientAuthentication -> "TLS_WEB_CLIENT_AUTHENTICATION"+ TLSWebServerAuthentication -> "TLS_WEB_SERVER_AUTHENTICATION"+ TimeStamping -> "TIME_STAMPING"++instance Hashable ExtendedKeyUsageName+instance NFData ExtendedKeyUsageName+instance ToByteString ExtendedKeyUsageName+instance ToQuery ExtendedKeyUsageName+instance ToHeader ExtendedKeyUsageName++instance ToJSON ExtendedKeyUsageName where+ toJSON = toJSONText++instance FromJSON ExtendedKeyUsageName where+ parseJSON = parseJSONText "ExtendedKeyUsageName"+ data FailureReason = AdditionalVerificationRequired+ | CaaError | DomainNotAllowed | InvalidPublicDomain | NoAvailableContacts | Other+ | PcaInvalidARN+ | PcaInvalidArgs+ | PcaInvalidState+ | PcaLimitExceeded+ | PcaRequestFailed+ | PcaResourceNotFound deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic) instance FromText FailureReason where parser = takeLowerText >>= \case "additional_verification_required" -> pure AdditionalVerificationRequired+ "caa_error" -> pure CaaError "domain_not_allowed" -> pure DomainNotAllowed "invalid_public_domain" -> pure InvalidPublicDomain "no_available_contacts" -> pure NoAvailableContacts "other" -> pure Other+ "pca_invalid_arn" -> pure PcaInvalidARN+ "pca_invalid_args" -> pure PcaInvalidArgs+ "pca_invalid_state" -> pure PcaInvalidState+ "pca_limit_exceeded" -> pure PcaLimitExceeded+ "pca_request_failed" -> pure PcaRequestFailed+ "pca_resource_not_found" -> pure PcaResourceNotFound e -> fromTextError $ "Failure parsing FailureReason from value: '" <> e- <> "'. Accepted values: additional_verification_required, domain_not_allowed, invalid_public_domain, no_available_contacts, other"+ <> "'. Accepted values: additional_verification_required, caa_error, domain_not_allowed, invalid_public_domain, no_available_contacts, other, pca_invalid_arn, pca_invalid_args, pca_invalid_state, pca_limit_exceeded, pca_request_failed, pca_resource_not_found" instance ToText FailureReason where toText = \case AdditionalVerificationRequired -> "ADDITIONAL_VERIFICATION_REQUIRED"+ CaaError -> "CAA_ERROR" DomainNotAllowed -> "DOMAIN_NOT_ALLOWED" InvalidPublicDomain -> "INVALID_PUBLIC_DOMAIN" NoAvailableContacts -> "NO_AVAILABLE_CONTACTS" Other -> "OTHER"+ PcaInvalidARN -> "PCA_INVALID_ARN"+ PcaInvalidArgs -> "PCA_INVALID_ARGS"+ PcaInvalidState -> "PCA_INVALID_STATE"+ PcaLimitExceeded -> "PCA_LIMIT_EXCEEDED"+ PcaRequestFailed -> "PCA_REQUEST_FAILED"+ PcaResourceNotFound -> "PCA_RESOURCE_NOT_FOUND" instance Hashable FailureReason instance NFData FailureReason@@ -159,24 +273,33 @@ data KeyAlgorithm = EcPRIME256V1+ | EcSECP384R1+ | EcSECP521R1 | Rsa1024 | Rsa2048+ | Rsa4096 deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic) instance FromText KeyAlgorithm where parser = takeLowerText >>= \case "ec_prime256v1" -> pure EcPRIME256V1+ "ec_secp384r1" -> pure EcSECP384R1+ "ec_secp521r1" -> pure EcSECP521R1 "rsa_1024" -> pure Rsa1024 "rsa_2048" -> pure Rsa2048+ "rsa_4096" -> pure Rsa4096 e -> fromTextError $ "Failure parsing KeyAlgorithm from value: '" <> e- <> "'. Accepted values: ec_prime256v1, rsa_1024, rsa_2048"+ <> "'. Accepted values: ec_prime256v1, ec_secp384r1, ec_secp521r1, rsa_1024, rsa_2048, rsa_4096" instance ToText KeyAlgorithm where toText = \case EcPRIME256V1 -> "EC_prime256v1"+ EcSECP384R1 -> "EC_secp384r1"+ EcSECP521R1 -> "EC_secp521r1" Rsa1024 -> "RSA_1024" Rsa2048 -> "RSA_2048"+ Rsa4096 -> "RSA_4096" instance Hashable KeyAlgorithm instance NFData KeyAlgorithm@@ -184,9 +307,120 @@ instance ToQuery KeyAlgorithm instance ToHeader KeyAlgorithm +instance ToJSON KeyAlgorithm where+ toJSON = toJSONText+ instance FromJSON KeyAlgorithm where parseJSON = parseJSONText "KeyAlgorithm" +data KeyUsageName+ = KUNAny+ | KUNCertificateSigning+ | KUNCrlSigning+ | KUNCustom+ | KUNDataEncipherment+ | KUNDecipherOnly+ | KUNDigitalSignature+ | KUNEncipherOnly+ | KUNKeyAgreement+ | KUNKeyEncipherment+ | KUNNonRepudiation+ deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)+++instance FromText KeyUsageName where+ parser = takeLowerText >>= \case+ "any" -> pure KUNAny+ "certificate_signing" -> pure KUNCertificateSigning+ "crl_signing" -> pure KUNCrlSigning+ "custom" -> pure KUNCustom+ "data_encipherment" -> pure KUNDataEncipherment+ "decipher_only" -> pure KUNDecipherOnly+ "digital_signature" -> pure KUNDigitalSignature+ "encipher_only" -> pure KUNEncipherOnly+ "key_agreement" -> pure KUNKeyAgreement+ "key_encipherment" -> pure KUNKeyEncipherment+ "non_repudiation" -> pure KUNNonRepudiation+ e -> fromTextError $ "Failure parsing KeyUsageName from value: '" <> e+ <> "'. Accepted values: any, certificate_signing, crl_signing, custom, data_encipherment, decipher_only, digital_signature, encipher_only, key_agreement, key_encipherment, non_repudiation"++instance ToText KeyUsageName where+ toText = \case+ KUNAny -> "ANY"+ KUNCertificateSigning -> "CERTIFICATE_SIGNING"+ KUNCrlSigning -> "CRL_SIGNING"+ KUNCustom -> "CUSTOM"+ KUNDataEncipherment -> "DATA_ENCIPHERMENT"+ KUNDecipherOnly -> "DECIPHER_ONLY"+ KUNDigitalSignature -> "DIGITAL_SIGNATURE"+ KUNEncipherOnly -> "ENCIPHER_ONLY"+ KUNKeyAgreement -> "KEY_AGREEMENT"+ KUNKeyEncipherment -> "KEY_ENCIPHERMENT"+ KUNNonRepudiation -> "NON_REPUDIATION"++instance Hashable KeyUsageName+instance NFData KeyUsageName+instance ToByteString KeyUsageName+instance ToQuery KeyUsageName+instance ToHeader KeyUsageName++instance ToJSON KeyUsageName where+ toJSON = toJSONText++instance FromJSON KeyUsageName where+ parseJSON = parseJSONText "KeyUsageName"++data RecordType =+ Cname+ deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)+++instance FromText RecordType where+ parser = takeLowerText >>= \case+ "cname" -> pure Cname+ e -> fromTextError $ "Failure parsing RecordType from value: '" <> e+ <> "'. Accepted values: cname"++instance ToText RecordType where+ toText = \case+ Cname -> "CNAME"++instance Hashable RecordType+instance NFData RecordType+instance ToByteString RecordType+instance ToQuery RecordType+instance ToHeader RecordType++instance FromJSON RecordType where+ parseJSON = parseJSONText "RecordType"++data RenewalEligibility+ = Eligible+ | Ineligible+ deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)+++instance FromText RenewalEligibility where+ parser = takeLowerText >>= \case+ "eligible" -> pure Eligible+ "ineligible" -> pure Ineligible+ e -> fromTextError $ "Failure parsing RenewalEligibility from value: '" <> e+ <> "'. Accepted values: eligible, ineligible"++instance ToText RenewalEligibility where+ toText = \case+ Eligible -> "ELIGIBLE"+ Ineligible -> "INELIGIBLE"++instance Hashable RenewalEligibility+instance NFData RenewalEligibility+instance ToByteString RenewalEligibility+instance ToQuery RenewalEligibility+instance ToHeader RenewalEligibility++instance FromJSON RenewalEligibility where+ parseJSON = parseJSONText "RenewalEligibility"+ data RenewalStatus = RSFailed | RSPendingAutoRenewal@@ -270,3 +504,33 @@ instance FromJSON RevocationReason where parseJSON = parseJSONText "RevocationReason"++data ValidationMethod+ = DNS+ | Email+ deriving (Eq, Ord, Read, Show, Enum, Bounded, Data, Typeable, Generic)+++instance FromText ValidationMethod where+ parser = takeLowerText >>= \case+ "dns" -> pure DNS+ "email" -> pure Email+ e -> fromTextError $ "Failure parsing ValidationMethod from value: '" <> e+ <> "'. Accepted values: dns, email"++instance ToText ValidationMethod where+ toText = \case+ DNS -> "DNS"+ Email -> "EMAIL"++instance Hashable ValidationMethod+instance NFData ValidationMethod+instance ToByteString ValidationMethod+instance ToQuery ValidationMethod+instance ToHeader ValidationMethod++instance ToJSON ValidationMethod where+ toJSON = toJSONText++instance FromJSON ValidationMethod where+ parseJSON = parseJSONText "ValidationMethod"
+ gen/Network/AWS/CertificateManager/UpdateCertificateOptions.hs view
@@ -0,0 +1,124 @@+{-# LANGUAGE DeriveDataTypeable #-}+{-# LANGUAGE DeriveGeneric #-}+{-# LANGUAGE OverloadedStrings #-}+{-# LANGUAGE RecordWildCards #-}+{-# LANGUAGE TypeFamilies #-}++{-# OPTIONS_GHC -fno-warn-unused-imports #-}+{-# OPTIONS_GHC -fno-warn-unused-binds #-}+{-# OPTIONS_GHC -fno-warn-unused-matches #-}++-- Derived from AWS service descriptions, licensed under Apache 2.0.++-- |+-- Module : Network.AWS.CertificateManager.UpdateCertificateOptions+-- Copyright : (c) 2013-2018 Brendan Hay+-- License : Mozilla Public License, v. 2.0.+-- Maintainer : Brendan Hay <brendan.g.hay+amazonka@gmail.com>+-- Stability : auto-generated+-- Portability : non-portable (GHC extensions)+--+-- Updates a certificate. Currently, you can use this function to specify whether to opt in to or out of recording your certificate in a certificate transparency log. For more information, see <http://docs.aws.amazon.com/acm/latest/userguide/acm-bestpractices.html#best-practices-transparency Opting Out of Certificate Transparency Logging> .+--+--+module Network.AWS.CertificateManager.UpdateCertificateOptions+ (+ -- * Creating a Request+ updateCertificateOptions+ , UpdateCertificateOptions+ -- * Request Lenses+ , ucoCertificateARN+ , ucoOptions++ -- * Destructuring the Response+ , updateCertificateOptionsResponse+ , UpdateCertificateOptionsResponse+ ) where++import Network.AWS.CertificateManager.Types+import Network.AWS.CertificateManager.Types.Product+import Network.AWS.Lens+import Network.AWS.Prelude+import Network.AWS.Request+import Network.AWS.Response++-- | /See:/ 'updateCertificateOptions' smart constructor.+data UpdateCertificateOptions = UpdateCertificateOptions'+ { _ucoCertificateARN :: !Text+ , _ucoOptions :: !CertificateOptions+ } deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'UpdateCertificateOptions' with the minimum fields required to make a request.+--+-- Use one of the following lenses to modify other fields as desired:+--+-- * 'ucoCertificateARN' - ARN of the requested certificate to update. This must be of the form: @arn:aws:acm:us-east-1:/account/ :certificate//12345678-1234-1234-1234-123456789012/ @+--+-- * 'ucoOptions' - Use to update the options for your certificate. Currently, you can specify whether to add your certificate to a transparency log. Certificate transparency makes it possible to detect SSL/TLS certificates that have been mistakenly or maliciously issued. Certificates that have not been logged typically produce an error message in a browser.+updateCertificateOptions+ :: Text -- ^ 'ucoCertificateARN'+ -> CertificateOptions -- ^ 'ucoOptions'+ -> UpdateCertificateOptions+updateCertificateOptions pCertificateARN_ pOptions_ =+ UpdateCertificateOptions'+ {_ucoCertificateARN = pCertificateARN_, _ucoOptions = pOptions_}+++-- | ARN of the requested certificate to update. This must be of the form: @arn:aws:acm:us-east-1:/account/ :certificate//12345678-1234-1234-1234-123456789012/ @+ucoCertificateARN :: Lens' UpdateCertificateOptions Text+ucoCertificateARN = lens _ucoCertificateARN (\ s a -> s{_ucoCertificateARN = a})++-- | Use to update the options for your certificate. Currently, you can specify whether to add your certificate to a transparency log. Certificate transparency makes it possible to detect SSL/TLS certificates that have been mistakenly or maliciously issued. Certificates that have not been logged typically produce an error message in a browser.+ucoOptions :: Lens' UpdateCertificateOptions CertificateOptions+ucoOptions = lens _ucoOptions (\ s a -> s{_ucoOptions = a})++instance AWSRequest UpdateCertificateOptions where+ type Rs UpdateCertificateOptions =+ UpdateCertificateOptionsResponse+ request = postJSON certificateManager+ response+ = receiveNull UpdateCertificateOptionsResponse'++instance Hashable UpdateCertificateOptions where++instance NFData UpdateCertificateOptions where++instance ToHeaders UpdateCertificateOptions where+ toHeaders+ = const+ (mconcat+ ["X-Amz-Target" =#+ ("CertificateManager.UpdateCertificateOptions" ::+ ByteString),+ "Content-Type" =#+ ("application/x-amz-json-1.1" :: ByteString)])++instance ToJSON UpdateCertificateOptions where+ toJSON UpdateCertificateOptions'{..}+ = object+ (catMaybes+ [Just ("CertificateArn" .= _ucoCertificateARN),+ Just ("Options" .= _ucoOptions)])++instance ToPath UpdateCertificateOptions where+ toPath = const "/"++instance ToQuery UpdateCertificateOptions where+ toQuery = const mempty++-- | /See:/ 'updateCertificateOptionsResponse' smart constructor.+data UpdateCertificateOptionsResponse =+ UpdateCertificateOptionsResponse'+ deriving (Eq, Read, Show, Data, Typeable, Generic)+++-- | Creates a value of 'UpdateCertificateOptionsResponse' with the minimum fields required to make a request.+--+updateCertificateOptionsResponse+ :: UpdateCertificateOptionsResponse+updateCertificateOptionsResponse = UpdateCertificateOptionsResponse'+++instance NFData UpdateCertificateOptionsResponse+ where
gen/Network/AWS/CertificateManager/Waiters.hs view
@@ -7,7 +7,7 @@ -- | -- Module : Network.AWS.CertificateManager.Waiters--- Copyright : (c) 2013-2017 Brendan Hay+-- Copyright : (c) 2013-2018 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay <brendan.g.hay+amazonka@gmail.com> -- Stability : auto-generated
test/Main.hs view
@@ -2,7 +2,7 @@ -- | -- Module : Main--- Copyright : (c) 2013-2017 Brendan Hay+-- Copyright : (c) 2013-2018 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay <brendan.g.hay+amazonka@gmail.com> -- Stability : auto-generated
test/Test/AWS/CertificateManager.hs view
@@ -3,7 +3,7 @@ -- | -- Module : Test.AWS.CertificateManager--- Copyright : (c) 2013-2016 Brendan Hay+-- Copyright : (c) 2013-2018 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay <brendan.g.hay@gmail.com> -- Stability : experimental
test/Test/AWS/CertificateManager/Internal.hs view
@@ -3,7 +3,7 @@ -- | -- Module : Test.AWS.CertificateManager.Internal--- Copyright : (c) 2013-2016 Brendan Hay+-- Copyright : (c) 2013-2018 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay <brendan.g.hay@gmail.com> -- Stability : experimental
test/Test/AWS/Gen/CertificateManager.hs view
@@ -5,7 +5,7 @@ -- | -- Module : Test.AWS.Gen.CertificateManager--- Copyright : (c) 2013-2017 Brendan Hay+-- Copyright : (c) 2013-2018 Brendan Hay -- License : Mozilla Public License, v. 2.0. -- Maintainer : Brendan Hay <brendan.g.hay+amazonka@gmail.com> -- Stability : auto-generated@@ -31,6 +31,9 @@ -- [ requestResendValidationEmail $ -- resendValidationEmail --+-- , requestUpdateCertificateOptions $+-- updateCertificateOptions+-- -- , requestListTagsForCertificate $ -- listTagsForCertificate --@@ -58,12 +61,18 @@ -- , requestDescribeCertificate $ -- describeCertificate --+-- , requestExportCertificate $+-- exportCertificate+-- -- ] -- , testGroup "response" -- [ responseResendValidationEmail $ -- resendValidationEmailResponse --+-- , responseUpdateCertificateOptions $+-- updateCertificateOptionsResponse+-- -- , responseListTagsForCertificate $ -- listTagsForCertificateResponse --@@ -91,6 +100,9 @@ -- , responseDescribeCertificate $ -- describeCertificateResponse --+-- , responseExportCertificate $+-- exportCertificateResponse+-- -- ] -- ] @@ -101,6 +113,11 @@ "ResendValidationEmail" "fixture/ResendValidationEmail.yaml" +requestUpdateCertificateOptions :: UpdateCertificateOptions -> TestTree+requestUpdateCertificateOptions = req+ "UpdateCertificateOptions"+ "fixture/UpdateCertificateOptions.yaml"+ requestListTagsForCertificate :: ListTagsForCertificate -> TestTree requestListTagsForCertificate = req "ListTagsForCertificate"@@ -146,6 +163,11 @@ "DescribeCertificate" "fixture/DescribeCertificate.yaml" +requestExportCertificate :: ExportCertificate -> TestTree+requestExportCertificate = req+ "ExportCertificate"+ "fixture/ExportCertificate.yaml"+ -- Responses responseResendValidationEmail :: ResendValidationEmailResponse -> TestTree@@ -155,6 +177,13 @@ certificateManager (Proxy :: Proxy ResendValidationEmail) +responseUpdateCertificateOptions :: UpdateCertificateOptionsResponse -> TestTree+responseUpdateCertificateOptions = res+ "UpdateCertificateOptionsResponse"+ "fixture/UpdateCertificateOptionsResponse.proto"+ certificateManager+ (Proxy :: Proxy UpdateCertificateOptions)+ responseListTagsForCertificate :: ListTagsForCertificateResponse -> TestTree responseListTagsForCertificate = res "ListTagsForCertificateResponse"@@ -217,3 +246,10 @@ "fixture/DescribeCertificateResponse.proto" certificateManager (Proxy :: Proxy DescribeCertificate)++responseExportCertificate :: ExportCertificateResponse -> TestTree+responseExportCertificate = res+ "ExportCertificateResponse"+ "fixture/ExportCertificateResponse.proto"+ certificateManager+ (Proxy :: Proxy ExportCertificate)