diff --git a/clients/client-accessanalyzer/src/AccessAnalyzer.ts b/clients/client-accessanalyzer/src/AccessAnalyzer.ts index 1b060e94c6f6..3c653d6e747b 100644 --- a/clients/client-accessanalyzer/src/AccessAnalyzer.ts +++ b/clients/client-accessanalyzer/src/AccessAnalyzer.ts @@ -1,7 +1,8 @@ // smithy-typescript generated code +import { createAggregatedClient } from "@aws-sdk/smithy-client"; import { HttpHandlerOptions as __HttpHandlerOptions } from "@aws-sdk/types"; -import { AccessAnalyzerClient } from "./AccessAnalyzerClient"; +import { AccessAnalyzerClient, AccessAnalyzerClientConfig } from "./AccessAnalyzerClient"; import { ApplyArchiveRuleCommand, ApplyArchiveRuleCommandInput, @@ -131,932 +132,475 @@ import { ValidatePolicyCommandOutput, } from "./commands/ValidatePolicyCommand"; -/** - * @public - *
Identity and Access Management Access Analyzer helps identify potential resource-access risks by enabling you to - * identify any policies that grant access to an external principal. It does this by using - * logic-based reasoning to analyze resource-based policies in your Amazon Web Services environment. An - * external principal can be another Amazon Web Services account, a root user, an IAM user or role, a - * federated user, an Amazon Web Services service, or an anonymous user. You can also use IAM Access Analyzer to - * preview and validate public and cross-account access to your resources before deploying - * permissions changes. This guide describes the Identity and Access Management Access Analyzer operations that you can - * call programmatically. For general information about IAM Access Analyzer, see Identity and Access Management Access Analyzer in the IAM User Guide.
- *To start using IAM Access Analyzer, you first need to create an analyzer.
- */ -export class AccessAnalyzer extends AccessAnalyzerClient { +const commands = { + ApplyArchiveRuleCommand, + CancelPolicyGenerationCommand, + CreateAccessPreviewCommand, + CreateAnalyzerCommand, + CreateArchiveRuleCommand, + DeleteAnalyzerCommand, + DeleteArchiveRuleCommand, + GetAccessPreviewCommand, + GetAnalyzedResourceCommand, + GetAnalyzerCommand, + GetArchiveRuleCommand, + GetFindingCommand, + GetGeneratedPolicyCommand, + ListAccessPreviewFindingsCommand, + ListAccessPreviewsCommand, + ListAnalyzedResourcesCommand, + ListAnalyzersCommand, + ListArchiveRulesCommand, + ListFindingsCommand, + ListPolicyGenerationsCommand, + ListTagsForResourceCommand, + StartPolicyGenerationCommand, + StartResourceScanCommand, + TagResourceCommand, + UntagResourceCommand, + UpdateArchiveRuleCommand, + UpdateFindingsCommand, + ValidatePolicyCommand, +}; + +export interface AccessAnalyzer { /** - * @public - *Retroactively applies the archive rule to existing findings that meet the archive rule - * criteria.
+ * @see {@link ApplyArchiveRuleCommand} */ - public applyArchiveRule( + applyArchiveRule( args: ApplyArchiveRuleCommandInput, options?: __HttpHandlerOptions ): PromiseCancels the requested policy generation.
+ * @see {@link CancelPolicyGenerationCommand} */ - public cancelPolicyGeneration( + cancelPolicyGeneration( args: CancelPolicyGenerationCommandInput, options?: __HttpHandlerOptions ): PromiseCreates an access preview that allows you to preview IAM Access Analyzer findings for your - * resource before deploying resource permissions.
+ * @see {@link CreateAccessPreviewCommand} */ - public createAccessPreview( + createAccessPreview( args: CreateAccessPreviewCommandInput, options?: __HttpHandlerOptions ): PromiseCreates an analyzer for your account.
+ * @see {@link CreateAnalyzerCommand} */ - public createAnalyzer( + createAnalyzer( args: CreateAnalyzerCommandInput, options?: __HttpHandlerOptions ): PromiseCreates an archive rule for the specified analyzer. Archive rules automatically archive - * new findings that meet the criteria you define when you create the rule.
- *To learn about filter keys that you can use to create an archive rule, see IAM Access Analyzer filter keys in the IAM User Guide.
+ * @see {@link CreateArchiveRuleCommand} */ - public createArchiveRule( + createArchiveRule( args: CreateArchiveRuleCommandInput, options?: __HttpHandlerOptions ): PromiseDeletes the specified analyzer. When you delete an analyzer, IAM Access Analyzer is disabled - * for the account or organization in the current or specific Region. All findings that were - * generated by the analyzer are deleted. You cannot undo this action.
+ * @see {@link DeleteAnalyzerCommand} */ - public deleteAnalyzer( + deleteAnalyzer( args: DeleteAnalyzerCommandInput, options?: __HttpHandlerOptions ): PromiseDeletes the specified archive rule.
+ * @see {@link DeleteArchiveRuleCommand} */ - public deleteArchiveRule( + deleteArchiveRule( args: DeleteArchiveRuleCommandInput, options?: __HttpHandlerOptions ): PromiseRetrieves information about an access preview for the specified analyzer.
+ * @see {@link GetAccessPreviewCommand} */ - public getAccessPreview( + getAccessPreview( args: GetAccessPreviewCommandInput, options?: __HttpHandlerOptions ): PromiseRetrieves information about a resource that was analyzed.
+ * @see {@link GetAnalyzedResourceCommand} */ - public getAnalyzedResource( + getAnalyzedResource( args: GetAnalyzedResourceCommandInput, options?: __HttpHandlerOptions ): PromiseRetrieves information about the specified analyzer.
+ * @see {@link GetAnalyzerCommand} */ - public getAnalyzer(args: GetAnalyzerCommandInput, options?: __HttpHandlerOptions): PromiseRetrieves information about an archive rule.
- *To learn about filter keys that you can use to create an archive rule, see IAM Access Analyzer filter keys in the IAM User Guide.
+ * @see {@link GetArchiveRuleCommand} */ - public getArchiveRule( + getArchiveRule( args: GetArchiveRuleCommandInput, options?: __HttpHandlerOptions ): PromiseRetrieves information about the specified finding.
+ * @see {@link GetFindingCommand} */ - public getFinding(args: GetFindingCommandInput, options?: __HttpHandlerOptions): PromiseRetrieves the policy that was generated using StartPolicyGeneration
.
- *
Retrieves a list of access preview findings generated by the specified access - * preview.
+ * @see {@link ListAccessPreviewFindingsCommand} */ - public listAccessPreviewFindings( + listAccessPreviewFindings( args: ListAccessPreviewFindingsCommandInput, options?: __HttpHandlerOptions ): PromiseRetrieves a list of access previews for the specified analyzer.
+ * @see {@link ListAccessPreviewsCommand} */ - public listAccessPreviews( + listAccessPreviews( args: ListAccessPreviewsCommandInput, options?: __HttpHandlerOptions ): PromiseRetrieves a list of resources of the specified type that have been analyzed by the - * specified analyzer..
+ * @see {@link ListAnalyzedResourcesCommand} */ - public listAnalyzedResources( + listAnalyzedResources( args: ListAnalyzedResourcesCommandInput, options?: __HttpHandlerOptions ): PromiseRetrieves a list of analyzers.
+ * @see {@link ListAnalyzersCommand} */ - public listAnalyzers( - args: ListAnalyzersCommandInput, - options?: __HttpHandlerOptions - ): PromiseRetrieves a list of archive rules created for the specified analyzer.
+ * @see {@link ListArchiveRulesCommand} */ - public listArchiveRules( + listArchiveRules( args: ListArchiveRulesCommandInput, options?: __HttpHandlerOptions ): PromiseRetrieves a list of findings generated by the specified analyzer.
- *To learn about filter keys that you can use to retrieve a list of findings, see IAM Access Analyzer filter keys in the IAM User Guide.
+ * @see {@link ListFindingsCommand} */ - public listFindings( - args: ListFindingsCommandInput, - options?: __HttpHandlerOptions - ): PromiseLists all of the policy generations requested in the last seven days.
+ * @see {@link ListPolicyGenerationsCommand} */ - public listPolicyGenerations( + listPolicyGenerations( args: ListPolicyGenerationsCommandInput, options?: __HttpHandlerOptions ): PromiseRetrieves a list of tags applied to the specified resource.
+ * @see {@link ListTagsForResourceCommand} */ - public listTagsForResource( + listTagsForResource( args: ListTagsForResourceCommandInput, options?: __HttpHandlerOptions ): PromiseStarts the policy generation request.
+ * @see {@link StartPolicyGenerationCommand} */ - public startPolicyGeneration( + startPolicyGeneration( args: StartPolicyGenerationCommandInput, options?: __HttpHandlerOptions ): PromiseImmediately starts a scan of the policies applied to the specified resource.
+ * @see {@link StartResourceScanCommand} */ - public startResourceScan( + startResourceScan( args: StartResourceScanCommandInput, options?: __HttpHandlerOptions ): PromiseAdds a tag to the specified resource.
+ * @see {@link TagResourceCommand} */ - public tagResource(args: TagResourceCommandInput, options?: __HttpHandlerOptions): PromiseRemoves a tag from the specified resource.
+ * @see {@link UntagResourceCommand} */ - public untagResource( - args: UntagResourceCommandInput, - options?: __HttpHandlerOptions - ): PromiseUpdates the criteria and values for the specified archive rule.
+ * @see {@link UpdateArchiveRuleCommand} */ - public updateArchiveRule( + updateArchiveRule( args: UpdateArchiveRuleCommandInput, options?: __HttpHandlerOptions ): PromiseUpdates the status for the specified findings.
+ * @see {@link UpdateFindingsCommand} */ - public updateFindings( + updateFindings( args: UpdateFindingsCommandInput, options?: __HttpHandlerOptions ): PromiseRequests the validation of a policy and returns a list of findings. The findings help - * you identify issues and provide actionable recommendations to resolve the issue and enable - * you to author functional policies that meet security best practices.
+ * @see {@link ValidatePolicyCommand} */ - public validatePolicy( + validatePolicy( args: ValidatePolicyCommandInput, options?: __HttpHandlerOptions ): PromiseIdentity and Access Management Access Analyzer helps identify potential resource-access risks by enabling you to + * identify any policies that grant access to an external principal. It does this by using + * logic-based reasoning to analyze resource-based policies in your Amazon Web Services environment. An + * external principal can be another Amazon Web Services account, a root user, an IAM user or role, a + * federated user, an Amazon Web Services service, or an anonymous user. You can also use IAM Access Analyzer to + * preview and validate public and cross-account access to your resources before deploying + * permissions changes. This guide describes the Identity and Access Management Access Analyzer operations that you can + * call programmatically. For general information about IAM Access Analyzer, see Identity and Access Management Access Analyzer in the IAM User Guide.
+ *To start using IAM Access Analyzer, you first need to create an analyzer.
+ */ +export class AccessAnalyzer extends AccessAnalyzerClient implements AccessAnalyzer {} +createAggregatedClient(commands, AccessAnalyzer); diff --git a/clients/client-account/src/Account.ts b/clients/client-account/src/Account.ts index 5e059500033e..63bb4f696458 100644 --- a/clients/client-account/src/Account.ts +++ b/clients/client-account/src/Account.ts @@ -1,7 +1,8 @@ // smithy-typescript generated code +import { createAggregatedClient } from "@aws-sdk/smithy-client"; import { HttpHandlerOptions as __HttpHandlerOptions } from "@aws-sdk/types"; -import { AccountClient } from "./AccountClient"; +import { AccountClient, AccountClientConfig } from "./AccountClient"; import { DeleteAlternateContactCommand, DeleteAlternateContactCommandInput, @@ -44,326 +45,158 @@ import { PutContactInformationCommandOutput, } from "./commands/PutContactInformationCommand"; -/** - * @public - *Operations for Amazon Web Services Account Management
- */ -export class Account extends AccountClient { +const commands = { + DeleteAlternateContactCommand, + DisableRegionCommand, + EnableRegionCommand, + GetAlternateContactCommand, + GetContactInformationCommand, + GetRegionOptStatusCommand, + ListRegionsCommand, + PutAlternateContactCommand, + PutContactInformationCommand, +}; + +export interface Account { /** - * @public - *Deletes the specified alternate contact from an Amazon Web Services account.
- *For complete details about how to use the alternate contact operations, see Access or - * updating the alternate contacts.
- *Before you can update the alternate contact information for an - * Amazon Web Services account that is managed by Organizations, you must first enable integration between Amazon Web Services Account Management - * and Organizations. For more information, see Enabling trusted access for - * Amazon Web Services Account Management.
- *Disables (opts-out) a particular Region for an account.
+ * @see {@link DisableRegionCommand} */ - public disableRegion( - args: DisableRegionCommandInput, - options?: __HttpHandlerOptions - ): PromiseEnables (opts-in) a particular Region for an account.
+ * @see {@link EnableRegionCommand} */ - public enableRegion( - args: EnableRegionCommandInput, - options?: __HttpHandlerOptions - ): PromiseRetrieves the specified alternate contact attached to an Amazon Web Services account.
- *For complete details about how to use the alternate contact operations, see Access or - * updating the alternate contacts.
- *Before you can update the alternate contact information for an - * Amazon Web Services account that is managed by Organizations, you must first enable integration between Amazon Web Services Account Management - * and Organizations. For more information, see Enabling trusted access for - * Amazon Web Services Account Management.
- *Retrieves the primary contact information of an Amazon Web Services account.
- *For complete details about how to use the primary contact operations, see Update - * the primary and alternate contact information.
+ * @see {@link GetContactInformationCommand} */ - public getContactInformation( + getContactInformation( args: GetContactInformationCommandInput, options?: __HttpHandlerOptions ): PromiseRetrieves the opt-in status of a particular Region.
+ * @see {@link GetRegionOptStatusCommand} */ - public getRegionOptStatus( + getRegionOptStatus( args: GetRegionOptStatusCommandInput, options?: __HttpHandlerOptions ): PromiseLists all the Regions for a given account and their respective opt-in statuses.
- * Optionally, this list can be filtered by the region-opt-status-contains
- * parameter.
Modifies the specified alternate contact attached to an Amazon Web Services account.
- *For complete details about how to use the alternate contact operations, see Access or - * updating the alternate contacts.
- *Before you can update the alternate contact information for an - * Amazon Web Services account that is managed by Organizations, you must first enable integration between Amazon Web Services Account Management - * and Organizations. For more information, see Enabling trusted access for - * Amazon Web Services Account Management.
- *Updates the primary contact information of an Amazon Web Services account.
- *For complete details about how to use the primary contact operations, see Update - * the primary and alternate contact information.
+ * @see {@link PutContactInformationCommand} */ - public putContactInformation( + putContactInformation( args: PutContactInformationCommandInput, options?: __HttpHandlerOptions ): PromiseOperations for Amazon Web Services Account Management
+ */ +export class Account extends AccountClient implements Account {} +createAggregatedClient(commands, Account); diff --git a/clients/client-acm-pca/src/ACMPCA.ts b/clients/client-acm-pca/src/ACMPCA.ts index be5959f3ff92..7f04eee3e297 100644 --- a/clients/client-acm-pca/src/ACMPCA.ts +++ b/clients/client-acm-pca/src/ACMPCA.ts @@ -1,7 +1,8 @@ // smithy-typescript generated code +import { createAggregatedClient } from "@aws-sdk/smithy-client"; import { HttpHandlerOptions as __HttpHandlerOptions } from "@aws-sdk/types"; -import { ACMPCAClient } from "./ACMPCAClient"; +import { ACMPCAClient, ACMPCAClientConfig } from "./ACMPCAClient"; import { CreateCertificateAuthorityAuditReportCommand, CreateCertificateAuthorityAuditReportCommandInput, @@ -106,1248 +107,413 @@ import { UpdateCertificateAuthorityCommandOutput, } from "./commands/UpdateCertificateAuthorityCommand"; -/** - * @public - *This is the Amazon Web Services Private Certificate Authority API Reference. It provides descriptions, - * syntax, and usage examples for each of the actions and data types involved in creating - * and managing a private certificate authority (CA) for your organization.
- *The documentation for each action shows the API request parameters and the JSON - * response. Alternatively, you can use one of the Amazon Web Services SDKs to access an API that is - * tailored to the programming language or platform that you prefer. For more information, - * see Amazon Web Services SDKs.
- *Each Amazon Web Services Private CA API operation has a quota that determines the number of times the - * operation can be called per second. Amazon Web Services Private CA throttles API requests at different rates - * depending on the operation. Throttling means that Amazon Web Services Private CA rejects an otherwise valid - * request because the request exceeds the operation's quota for the number of requests per - * second. When a request is throttled, Amazon Web Services Private CA returns a ThrottlingException error. Amazon Web Services Private CA does not guarantee a minimum request - * rate for APIs.
- *To see an up-to-date list of your Amazon Web Services Private CA quotas, or to request a quota increase, - * log into your Amazon Web Services account and visit the Service Quotas - * console.
- */ -export class ACMPCA extends ACMPCAClient { +const commands = { + CreateCertificateAuthorityCommand, + CreateCertificateAuthorityAuditReportCommand, + CreatePermissionCommand, + DeleteCertificateAuthorityCommand, + DeletePermissionCommand, + DeletePolicyCommand, + DescribeCertificateAuthorityCommand, + DescribeCertificateAuthorityAuditReportCommand, + GetCertificateCommand, + GetCertificateAuthorityCertificateCommand, + GetCertificateAuthorityCsrCommand, + GetPolicyCommand, + ImportCertificateAuthorityCertificateCommand, + IssueCertificateCommand, + ListCertificateAuthoritiesCommand, + ListPermissionsCommand, + ListTagsCommand, + PutPolicyCommand, + RestoreCertificateAuthorityCommand, + RevokeCertificateCommand, + TagCertificateAuthorityCommand, + UntagCertificateAuthorityCommand, + UpdateCertificateAuthorityCommand, +}; + +export interface ACMPCA { /** - * @public - *Creates a root or subordinate private certificate authority (CA). You must specify the - * CA configuration, an optional configuration for Online Certificate Status Protocol - * (OCSP) and/or a certificate revocation list (CRL), the CA type, and an optional - * idempotency token to avoid accidental creation of multiple CAs. The CA configuration - * specifies the name of the algorithm and key size to be used to create the CA private - * key, the type of signing algorithm that the CA uses, and X.500 subject information. The - * OCSP configuration can optionally specify a custom URL for the OCSP responder. The CRL - * configuration specifies the CRL expiration period in days (the validity period of the - * CRL), the Amazon S3 bucket that will contain the CRL, and a CNAME alias for the S3 - * bucket that is included in certificates issued by the CA. If successful, this action - * returns the Amazon Resource Name (ARN) of the CA.
- *Both Amazon Web Services Private CA and the IAM principal must have permission to write to - * the S3 bucket that you specify. If the IAM principal making the call - * does not have permission to write to the bucket, then an exception is - * thrown. For more information, see Access - * policies for CRLs in Amazon S3.
- *Amazon Web Services Private CA assets that are stored in Amazon S3 can be protected with encryption. - * For more information, see Encrypting Your - * CRLs.
+ * @see {@link CreateCertificateAuthorityCommand} */ - public createCertificateAuthority( + createCertificateAuthority( args: CreateCertificateAuthorityCommandInput, options?: __HttpHandlerOptions ): PromiseCreates an audit report that lists every time that your CA private key is used. The - * report is saved in the Amazon S3 bucket that you specify on input. The IssueCertificate and RevokeCertificate actions use - * the private key.
- *Both Amazon Web Services Private CA and the IAM principal must have permission to write to - * the S3 bucket that you specify. If the IAM principal making the call - * does not have permission to write to the bucket, then an exception is - * thrown. For more information, see Access - * policies for CRLs in Amazon S3.
- *Amazon Web Services Private CA assets that are stored in Amazon S3 can be protected with encryption. - * For more information, see Encrypting Your Audit - * Reports.
- *You can generate a maximum of one report every 30 minutes.
- *Grants one or more permissions on a private CA to the Certificate Manager (ACM) service
- * principal (acm.amazonaws.com
). These permissions allow ACM to issue and
- * renew ACM certificates that reside in the same Amazon Web Services account as the CA.
You can list current permissions with the ListPermissions action and - * revoke them with the DeletePermission action.
- *- * About Permissions - *
- *If the private CA and the certificates it issues reside in the same
- * account, you can use CreatePermission
to grant permissions for ACM to
- * carry out automatic certificate renewals.
For automatic certificate renewal to succeed, the ACM service principal - * needs permissions to create, retrieve, and list certificates.
- *If the private CA and the ACM certificates reside in different accounts, - * then permissions cannot be used to enable automatic renewals. Instead, - * the ACM certificate owner must set up a resource-based policy to enable - * cross-account issuance and renewals. For more information, see - * Using a Resource - * Based Policy with Amazon Web Services Private CA.
- *Deletes a private certificate authority (CA). You must provide the Amazon Resource - * Name (ARN) of the private CA that you want to delete. You can find the ARN by calling - * the ListCertificateAuthorities action.
- *Deleting a CA will invalidate other CAs and certificates below it in your CA - * hierarchy.
- *Before you can delete a CA that you have created and activated, you must disable it.
- * To do this, call the UpdateCertificateAuthority action and set the CertificateAuthorityStatus parameter to DISABLED
.
Additionally, you can delete a CA if you are waiting for it to be created (that is,
- * the status of the CA is CREATING
). You can also delete it if the CA has
- * been created but you haven't yet imported the signed certificate into Amazon Web Services Private CA (that
- * is, the status of the CA is PENDING_CERTIFICATE
).
When you successfully call DeleteCertificateAuthority, the CA's status changes to
- * DELETED
. However, the CA won't be permanently deleted until the restoration
- * period has passed. By default, if you do not set the
- * PermanentDeletionTimeInDays
parameter, the CA remains restorable for 30
- * days. You can set the parameter from 7 to 30 days. The DescribeCertificateAuthority action returns the time remaining in the
- * restoration window of a private CA in the DELETED
state. To restore an
- * eligible CA, call the RestoreCertificateAuthority action.
Revokes permissions on a private CA granted to the Certificate Manager (ACM) service principal - * (acm.amazonaws.com).
- *These permissions allow ACM to issue and renew ACM certificates that reside in the - * same Amazon Web Services account as the CA. If you revoke these permissions, ACM will no longer - * renew the affected certificates automatically.
- *Permissions can be granted with the CreatePermission action and - * listed with the ListPermissions action.
- *- * About Permissions - *
- *If the private CA and the certificates it issues reside in the same
- * account, you can use CreatePermission
to grant permissions for ACM to
- * carry out automatic certificate renewals.
For automatic certificate renewal to succeed, the ACM service principal - * needs permissions to create, retrieve, and list certificates.
- *If the private CA and the ACM certificates reside in different accounts, - * then permissions cannot be used to enable automatic renewals. Instead, - * the ACM certificate owner must set up a resource-based policy to enable - * cross-account issuance and renewals. For more information, see - * Using a Resource - * Based Policy with Amazon Web Services Private CA.
- *Deletes the resource-based policy attached to a private CA. Deletion will remove any - * access that the policy has granted. If there is no policy attached to the private CA, - * this action will return successful.
- *If you delete a policy that was applied through Amazon Web Services Resource Access Manager (RAM), - * the CA will be removed from all shares in which it was included.
- *The Certificate Manager Service Linked Role that the policy supports is not affected when you - * delete the policy.
- *The current policy can be shown with GetPolicy and updated with PutPolicy.
- *- * About Policies - *
- *A policy grants access on a private CA to an Amazon Web Services customer account, to Amazon Web Services Organizations, or to - * an Amazon Web Services Organizations unit. Policies are under the control of a CA administrator. For more information, - * see Using a Resource Based Policy with Amazon Web Services Private CA.
- *A policy permits a user of Certificate Manager (ACM) to issue ACM certificates - * signed by a CA in another account.
- *For ACM to manage automatic renewal of these certificates, - * the ACM user must configure a Service Linked Role (SLR). The SLR allows - * the ACM service to assume the identity of the user, subject to confirmation against the - * Amazon Web Services Private CA policy. For more information, see - * Using a - * Service Linked Role with ACM.
- *Updates made in Amazon Web Services Resource Manager (RAM) are reflected in policies. For more information, - * see Attach a Policy for Cross-Account - * Access.
- *Lists information about your private certificate authority (CA) or one that has been - * shared with you. You specify the private CA on input by its ARN (Amazon Resource Name). - * The output contains the status of your CA. This can be any of the following:
- *
- * CREATING
- Amazon Web Services Private CA is creating your private certificate
- * authority.
- * PENDING_CERTIFICATE
- The certificate is pending. You must use
- * your Amazon Web Services Private CA-hosted or on-premises root or subordinate CA to sign your
- * private CA CSR and then import it into Amazon Web Services Private CA.
- * ACTIVE
- Your private CA is active.
- * DISABLED
- Your private CA has been disabled.
- * EXPIRED
- Your private CA certificate has expired.
- * FAILED
- Your private CA has failed. Your CA can fail because of
- * problems such a network outage or back-end Amazon Web Services failure or other errors. A
- * failed CA can never return to the pending state. You must create a new CA.
- *
- * DELETED
- Your private CA is within the restoration period, after
- * which it is permanently deleted. The length of time remaining in the CA's
- * restoration period is also included in this action's output.
Lists information about a specific audit report created by calling the CreateCertificateAuthorityAuditReport action. Audit information is created - * every time the certificate authority (CA) private key is used. The private key is used - * when you call the IssueCertificate action or the - * RevokeCertificate action.
+ * @see {@link DescribeCertificateAuthorityAuditReportCommand} */ - public describeCertificateAuthorityAuditReport( + describeCertificateAuthorityAuditReport( args: DescribeCertificateAuthorityAuditReportCommandInput, options?: __HttpHandlerOptions ): PromiseRetrieves a certificate from your private CA or one that has been shared with you. The - * ARN of the certificate is returned when you call the IssueCertificate action. You - * must specify both the ARN of your private CA and the ARN of the issued certificate when - * calling the GetCertificate action. You can retrieve the - * certificate if it is in the ISSUED state. You can call - * the CreateCertificateAuthorityAuditReport action to create a report that - * contains information about all of the certificates issued and revoked by your private - * CA.
+ * @see {@link GetCertificateCommand} */ - public getCertificate( + getCertificate( args: GetCertificateCommandInput, options?: __HttpHandlerOptions ): PromiseRetrieves the certificate and certificate chain for your private certificate authority - * (CA) or one that has been shared with you. Both the certificate and the chain are base64 - * PEM-encoded. The chain does not include the CA certificate. Each certificate in the - * chain signs the one before it.
+ * @see {@link GetCertificateAuthorityCertificateCommand} */ - public getCertificateAuthorityCertificate( + getCertificateAuthorityCertificate( args: GetCertificateAuthorityCertificateCommandInput, options?: __HttpHandlerOptions ): PromiseRetrieves the certificate signing request (CSR) for your private certificate authority - * (CA). The CSR is created when you call the CreateCertificateAuthority action. Sign the CSR with your Amazon Web Services Private CA-hosted - * or on-premises root or subordinate CA. Then import the signed certificate back into - * Amazon Web Services Private CA by calling the ImportCertificateAuthorityCertificate action. The CSR is returned as a - * base64 PEM-encoded string.
+ * @see {@link GetCertificateAuthorityCsrCommand} */ - public getCertificateAuthorityCsr( + getCertificateAuthorityCsr( args: GetCertificateAuthorityCsrCommandInput, options?: __HttpHandlerOptions ): PromiseRetrieves the resource-based policy attached to a private CA. If either the private CA
- * resource or the policy cannot be found, this action returns a
- * ResourceNotFoundException
.
The policy can be attached or updated with PutPolicy and removed with DeletePolicy.
- *- * About Policies - *
- *A policy grants access on a private CA to an Amazon Web Services customer account, to Amazon Web Services Organizations, or to - * an Amazon Web Services Organizations unit. Policies are under the control of a CA administrator. For more information, - * see Using a Resource Based Policy with Amazon Web Services Private CA.
- *A policy permits a user of Certificate Manager (ACM) to issue ACM certificates - * signed by a CA in another account.
- *For ACM to manage automatic renewal of these certificates, - * the ACM user must configure a Service Linked Role (SLR). The SLR allows - * the ACM service to assume the identity of the user, subject to confirmation against the - * Amazon Web Services Private CA policy. For more information, see - * Using a - * Service Linked Role with ACM.
- *Updates made in Amazon Web Services Resource Manager (RAM) are reflected in policies. For more information, - * see Attach a Policy for Cross-Account - * Access.
- *Imports a signed private CA certificate into Amazon Web Services Private CA. This action is used when you - * are using a chain of trust whose root is located outside Amazon Web Services Private CA. Before you can call - * this action, the following preparations must in place:
- *In Amazon Web Services Private CA, call the CreateCertificateAuthority action to create the private CA that you - * plan to back with the imported certificate.
- *Call the GetCertificateAuthorityCsr action to generate a certificate signing - * request (CSR).
- *Sign the CSR using a root or intermediate CA hosted by either an on-premises - * PKI hierarchy or by a commercial CA.
- *Create a certificate chain and copy the signed certificate and the certificate - * chain to your working directory.
- *Amazon Web Services Private CA supports three scenarios for installing a CA certificate:
- *Installing a certificate for a root CA hosted by Amazon Web Services Private CA.
- *Installing a subordinate CA certificate whose parent authority is hosted by - * Amazon Web Services Private CA.
- *Installing a subordinate CA certificate whose parent authority is externally - * hosted.
- *The following additional requirements apply when you import a CA certificate.
- *Only a self-signed certificate can be imported as a root CA.
- *A self-signed certificate cannot be imported as a subordinate CA.
- *Your certificate chain must not include the private CA certificate that you - * are importing.
- *Your root CA must be the last certificate in your chain. The subordinate - * certificate, if any, that your root CA signed must be next to last. The - * subordinate certificate signed by the preceding subordinate CA must come next, - * and so on until your chain is built.
- *The chain must be PEM-encoded.
- *The maximum allowed size of a certificate is 32 KB.
- *The maximum allowed size of a certificate chain is 2 MB.
- *- * Enforcement of Critical Constraints - *
- *Amazon Web Services Private CA allows the following extensions to be marked critical in the imported CA - * certificate or chain.
- *Basic constraints (must be marked critical)
- *Subject alternative names
- *Key usage
- *Extended key usage
- *Authority key identifier
- *Subject key identifier
- *Issuer alternative name
- *Subject directory attributes
- *Subject information access
- *Certificate policies
- *Policy mappings
- *Inhibit anyPolicy
- *Amazon Web Services Private CA rejects the following extensions when they are marked critical in an - * imported CA certificate or chain.
- *Name constraints
- *Policy constraints
- *CRL distribution points
- *Authority information access
- *Freshest CRL
- *Any other extension
- *Uses your private certificate authority (CA), or one that has been shared with you, to - * issue a client certificate. This action returns the Amazon Resource Name (ARN) of the - * certificate. You can retrieve the certificate by calling the GetCertificate action and - * specifying the ARN.
- *You cannot use the ACM ListCertificateAuthorities action to retrieve the ARNs of the - * certificates that you issue by using Amazon Web Services Private CA.
- *Lists the private certificate authorities that you created by using the CreateCertificateAuthority action.
+ * @see {@link ListCertificateAuthoritiesCommand} */ - public listCertificateAuthorities( + listCertificateAuthorities( args: ListCertificateAuthoritiesCommandInput, options?: __HttpHandlerOptions ): PromiseList all permissions on a private CA, if any, granted to the Certificate Manager (ACM) service - * principal (acm.amazonaws.com).
- *These permissions allow ACM to issue and renew ACM certificates that reside in the - * same Amazon Web Services account as the CA.
- *Permissions can be granted with the CreatePermission action and - * revoked with the DeletePermission action.
- *- * About Permissions - *
- *If the private CA and the certificates it issues reside in the same
- * account, you can use CreatePermission
to grant permissions for ACM to
- * carry out automatic certificate renewals.
For automatic certificate renewal to succeed, the ACM service principal - * needs permissions to create, retrieve, and list certificates.
- *If the private CA and the ACM certificates reside in different accounts, - * then permissions cannot be used to enable automatic renewals. Instead, - * the ACM certificate owner must set up a resource-based policy to enable - * cross-account issuance and renewals. For more information, see - * Using a Resource - * Based Policy with Amazon Web Services Private CA.
- *Lists the tags, if any, that are associated with your private CA or one that has been - * shared with you. Tags are labels that you can use to identify and organize your CAs. - * Each tag consists of a key and an optional value. Call the TagCertificateAuthority - * action to add one or more tags to your CA. Call the UntagCertificateAuthority action to remove tags.
+ * @see {@link ListTagsCommand} */ - public listTags(args: ListTagsCommandInput, options?: __HttpHandlerOptions): PromiseAttaches a resource-based policy to a private CA.
- *A policy can also be applied by sharing a private CA through Amazon Web Services Resource Access - * Manager (RAM). For more information, see Attach a Policy for Cross-Account - * Access.
- *The policy can be displayed with GetPolicy and removed with DeletePolicy.
- *- * About Policies - *
- *A policy grants access on a private CA to an Amazon Web Services customer account, to Amazon Web Services Organizations, or to - * an Amazon Web Services Organizations unit. Policies are under the control of a CA administrator. For more information, - * see Using a Resource Based Policy with Amazon Web Services Private CA.
- *A policy permits a user of Certificate Manager (ACM) to issue ACM certificates - * signed by a CA in another account.
- *For ACM to manage automatic renewal of these certificates, - * the ACM user must configure a Service Linked Role (SLR). The SLR allows - * the ACM service to assume the identity of the user, subject to confirmation against the - * Amazon Web Services Private CA policy. For more information, see - * Using a - * Service Linked Role with ACM.
- *Updates made in Amazon Web Services Resource Manager (RAM) are reflected in policies. For more information, - * see Attach a Policy for Cross-Account - * Access.
- *Restores a certificate authority (CA) that is in the DELETED
state. You
- * can restore a CA during the period that you defined in the PermanentDeletionTimeInDays parameter of the DeleteCertificateAuthority action. Currently, you can specify 7 to 30 days.
- * If you did not specify a PermanentDeletionTimeInDays
- * value, by default you can restore the CA at any time in a 30 day period. You can check
- * the time remaining in the restoration period of a private CA in the DELETED
- * state by calling the DescribeCertificateAuthority or ListCertificateAuthorities actions. The status of a restored CA is set to
- * its pre-deletion status when the RestoreCertificateAuthority action returns. To change its status to
- * ACTIVE
, call the UpdateCertificateAuthority action. If the private CA was in the
- * PENDING_CERTIFICATE
state at deletion, you must use the ImportCertificateAuthorityCertificate action to import a certificate
- * authority into the private CA before it can be activated. You cannot restore a CA after
- * the restoration period has ended.
Revokes a certificate that was issued inside Amazon Web Services Private CA. If you enable a certificate
- * revocation list (CRL) when you create or update your private CA, information about the
- * revoked certificates will be included in the CRL. Amazon Web Services Private CA writes the CRL to an S3
- * bucket that you specify. A CRL is typically updated approximately 30 minutes after a
- * certificate is revoked. If for any reason the CRL update fails, Amazon Web Services Private CA attempts
- * makes further attempts every 15 minutes. With Amazon CloudWatch, you can create alarms
- * for the metrics CRLGenerated
and MisconfiguredCRLBucket
. For
- * more information, see Supported CloudWatch Metrics.
Both Amazon Web Services Private CA and the IAM principal must have permission to write to - * the S3 bucket that you specify. If the IAM principal making the call - * does not have permission to write to the bucket, then an exception is - * thrown. For more information, see Access - * policies for CRLs in Amazon S3.
- *Amazon Web Services Private CA also writes revocation information to the audit report. For more - * information, see CreateCertificateAuthorityAuditReport.
- *You cannot revoke a root CA self-signed certificate.
- *Adds one or more tags to your private CA. Tags are labels that you can use to identify - * and organize your Amazon Web Services resources. Each tag consists of a key and an optional value. You - * specify the private CA on input by its Amazon Resource Name (ARN). You specify the tag - * by using a key-value pair. You can apply a tag to just one private CA if you want to - * identify a specific characteristic of that CA, or you can apply the same tag to multiple - * private CAs if you want to filter for a common relationship among those CAs. To remove - * one or more tags, use the UntagCertificateAuthority action. Call the ListTags action to see what tags are - * associated with your CA.
- *To attach tags to a private CA during the creation procedure, a CA administrator
- * must first associate an inline IAM policy with the
- * CreateCertificateAuthority
action and explicitly allow tagging. For
- * more information, see Attaching tags to a CA
- * at the time of creation.
Remove one or more tags from your private CA. A tag consists of a key-value pair. If - * you do not specify the value portion of the tag when calling this action, the tag will - * be removed regardless of value. If you specify a value, the tag is removed only if it is - * associated with the specified value. To add tags to a private CA, use the TagCertificateAuthority. Call the ListTags action to see what tags are - * associated with your CA.
+ * @see {@link UntagCertificateAuthorityCommand} */ - public untagCertificateAuthority( + untagCertificateAuthority( args: UntagCertificateAuthorityCommandInput, options?: __HttpHandlerOptions ): PromiseUpdates the status or configuration of a private certificate authority (CA). Your
- * private CA must be in the ACTIVE
or DISABLED
state before you
- * can update it. You can disable a private CA that is in the ACTIVE
state or
- * make a CA that is in the DISABLED
state active again.
Both Amazon Web Services Private CA and the IAM principal must have permission to write to - * the S3 bucket that you specify. If the IAM principal making the call - * does not have permission to write to the bucket, then an exception is - * thrown. For more information, see Access - * policies for CRLs in Amazon S3.
- *This is the Amazon Web Services Private Certificate Authority API Reference. It provides descriptions, + * syntax, and usage examples for each of the actions and data types involved in creating + * and managing a private certificate authority (CA) for your organization.
+ *The documentation for each action shows the API request parameters and the JSON + * response. Alternatively, you can use one of the Amazon Web Services SDKs to access an API that is + * tailored to the programming language or platform that you prefer. For more information, + * see Amazon Web Services SDKs.
+ *Each Amazon Web Services Private CA API operation has a quota that determines the number of times the + * operation can be called per second. Amazon Web Services Private CA throttles API requests at different rates + * depending on the operation. Throttling means that Amazon Web Services Private CA rejects an otherwise valid + * request because the request exceeds the operation's quota for the number of requests per + * second. When a request is throttled, Amazon Web Services Private CA returns a ThrottlingException error. Amazon Web Services Private CA does not guarantee a minimum request + * rate for APIs.
+ *To see an up-to-date list of your Amazon Web Services Private CA quotas, or to request a quota increase, + * log into your Amazon Web Services account and visit the Service Quotas + * console.
+ */ +export class ACMPCA extends ACMPCAClient implements ACMPCA {} +createAggregatedClient(commands, ACMPCA); diff --git a/clients/client-acm/src/ACM.ts b/clients/client-acm/src/ACM.ts index 27ade0a70b8e..4babb127f827 100644 --- a/clients/client-acm/src/ACM.ts +++ b/clients/client-acm/src/ACM.ts @@ -1,7 +1,8 @@ // smithy-typescript generated code +import { createAggregatedClient } from "@aws-sdk/smithy-client"; import { HttpHandlerOptions as __HttpHandlerOptions } from "@aws-sdk/types"; -import { ACMClient } from "./ACMClient"; +import { ACMClient, ACMClientConfig } from "./ACMClient"; import { AddTagsToCertificateCommand, AddTagsToCertificateCommandInput, @@ -78,648 +79,283 @@ import { UpdateCertificateOptionsCommandOutput, } from "./commands/UpdateCertificateOptionsCommand"; -/** - * @public - *You can use Certificate Manager (ACM) to manage SSL/TLS certificates for your Amazon Web Services-based websites - * and applications. For more information about using ACM, see the Certificate Manager User Guide.
- */ -export class ACM extends ACMClient { +const commands = { + AddTagsToCertificateCommand, + DeleteCertificateCommand, + DescribeCertificateCommand, + ExportCertificateCommand, + GetAccountConfigurationCommand, + GetCertificateCommand, + ImportCertificateCommand, + ListCertificatesCommand, + ListTagsForCertificateCommand, + PutAccountConfigurationCommand, + RemoveTagsFromCertificateCommand, + RenewCertificateCommand, + RequestCertificateCommand, + ResendValidationEmailCommand, + UpdateCertificateOptionsCommand, +}; + +export interface ACM { /** - * @public - *Adds one or more tags to an ACM certificate. Tags are labels that you can use to
- * identify and organize your Amazon Web Services resources. Each tag consists of a key
and an
- * optional value
. You specify the certificate on input by its Amazon Resource Name
- * (ARN). You specify the tag by using a key-value pair.
You can apply a tag to just one certificate if you want to identify a specific - * characteristic of that certificate, or you can apply the same tag to multiple certificates if - * you want to filter for a common relationship among those certificates. Similarly, you can - * apply the same tag to multiple resources if you want to specify a relationship among those - * resources. For example, you can add the same tag to an ACM certificate and an Elastic Load - * Balancing load balancer to indicate that they are both used by the same website. For more - * information, see Tagging ACM - * certificates.
- *To remove one or more tags, use the RemoveTagsFromCertificate action. To - * view all of the tags that have been applied to the certificate, use the ListTagsForCertificate action.
+ * @see {@link AddTagsToCertificateCommand} */ - public addTagsToCertificate( + addTagsToCertificate( args: AddTagsToCertificateCommandInput, options?: __HttpHandlerOptions ): PromiseDeletes a certificate and its associated private key. If this action succeeds, the - * certificate no longer appears in the list that can be displayed by calling the ListCertificates action or be retrieved by calling the GetCertificate action. The certificate will not be available for use by Amazon Web Services - * services integrated with ACM.
- *You cannot delete an ACM certificate that is being used by another Amazon Web Services service. To - * delete a certificate that is in use, the certificate association must first be - * removed.
- *Returns detailed metadata about the specified ACM certificate.
- *If you have just created a certificate using the RequestCertificate
action,
- * there is a delay of several seconds before you can retrieve information about it.
Exports a private certificate issued by a private certificate authority (CA) for use - * anywhere. The exported file contains the certificate, the certificate chain, and the encrypted - * private 2048-bit RSA key associated with the public key that is embedded in the certificate. - * For security, you must assign a passphrase for the private key when exporting it.
- *For information about exporting and formatting a certificate using the ACM console or - * CLI, see Export a - * Private Certificate.
+ * @see {@link ExportCertificateCommand} */ - public exportCertificate( + exportCertificate( args: ExportCertificateCommandInput, options?: __HttpHandlerOptions ): PromiseReturns the account configuration options associated with an Amazon Web Services account.
+ * @see {@link GetAccountConfigurationCommand} */ - public getAccountConfiguration( + getAccountConfiguration( args: GetAccountConfigurationCommandInput, options?: __HttpHandlerOptions ): PromiseRetrieves an Amazon-issued certificate and its certificate chain. The chain consists of - * the certificate of the issuing CA and the intermediate certificates of any other subordinate - * CAs. All of the certificates are base64 encoded. You can use OpenSSL to decode - * the certificates and inspect individual fields.
+ * @see {@link GetCertificateCommand} */ - public getCertificate( + getCertificate( args: GetCertificateCommandInput, options?: __HttpHandlerOptions ): PromiseImports a certificate into Certificate Manager (ACM) to use with services that are integrated with - * ACM. Note that integrated - * services allow only certificate types and keys they support to be associated with - * their resources. Further, their support differs depending on whether the certificate is - * imported into IAM or into ACM. For more information, see the documentation for each - * service. For more information about importing certificates into ACM, see Importing - * Certificates in the Certificate Manager User Guide.
- *ACM does not provide managed renewal for certificates that you import.
- *Note the following guidelines when importing third party certificates:
- *You must enter the private key that matches the certificate you are importing.
- *The private key must be unencrypted. You cannot import a private key that is protected - * by a password or a passphrase.
- *The private key must be no larger than 5 KB (5,120 bytes).
- *If the certificate you are importing is not self-signed, you must enter its - * certificate chain.
- *If a certificate chain is included, the issuer must be the subject of one of the - * certificates in the chain.
- *The certificate, private key, and certificate chain must be PEM-encoded.
- *The current time must be between the Not Before
and Not
- * After
certificate fields.
The Issuer
field must not be empty.
The OCSP authority URL, if present, must not exceed 1000 characters.
- *To import a new certificate, omit the CertificateArn
argument. Include
- * this argument only when you want to replace a previously imported certificate.
When you import a certificate by using the CLI, you must specify the certificate, the
- * certificate chain, and the private key by their file names preceded by
- * fileb://
. For example, you can specify a certificate saved in the
- * C:\temp
folder as fileb://C:\temp\certificate_to_import.pem
.
- * If you are making an HTTP or HTTPS Query request, include these arguments as BLOBs.
- *
When you import a certificate by using an SDK, you must specify the certificate, the - * certificate chain, and the private key files in the manner required by the programming - * language you're using.
- *The cryptographic algorithm of an imported certificate must match the algorithm of the - * signing CA. For example, if the signing CA key type is RSA, then the certificate key type - * must also be RSA.
- *This operation returns the Amazon - * Resource Name (ARN) of the imported certificate.
+ * @see {@link ImportCertificateCommand} */ - public importCertificate( + importCertificate( args: ImportCertificateCommandInput, options?: __HttpHandlerOptions ): PromiseRetrieves a list of certificate ARNs and domain names. You can request that only
- * certificates that match a specific status be listed. You can also filter by specific
- * attributes of the certificate. Default filtering returns only RSA_2048
- * certificates. For more information, see Filters.
Lists the tags that have been applied to the ACM certificate. Use the certificate's - * Amazon Resource Name (ARN) to specify the certificate. To add a tag to an ACM certificate, - * use the AddTagsToCertificate action. To delete a tag, use the RemoveTagsFromCertificate action.
+ * @see {@link ListTagsForCertificateCommand} */ - public listTagsForCertificate( + listTagsForCertificate( args: ListTagsForCertificateCommandInput, options?: __HttpHandlerOptions ): PromiseAdds or modifies account-level configurations in ACM.
- *The supported configuration option is DaysBeforeExpiry
. This option specifies
- * the number of days prior to certificate expiration when ACM starts generating
- * EventBridge
events. ACM sends one event per day per certificate until the
- * certificate expires. By default, accounts receive events starting 45 days before certificate
- * expiration.
Remove one or more tags from an ACM certificate. A tag consists of a key-value pair. If - * you do not specify the value portion of the tag when calling this function, the tag will be - * removed regardless of value. If you specify a value, the tag is removed only if it is - * associated with the specified value.
- *To add tags to a certificate, use the AddTagsToCertificate action. To - * view all of the tags that have been applied to a specific ACM certificate, use the ListTagsForCertificate action.
+ * @see {@link RemoveTagsFromCertificateCommand} */ - public removeTagsFromCertificate( + removeTagsFromCertificate( args: RemoveTagsFromCertificateCommandInput, options?: __HttpHandlerOptions ): PromiseRenews an eligible ACM certificate. At this time, only exported private certificates can - * be renewed with this operation. In order to renew your Amazon Web Services Private CA certificates with ACM, you - * must first grant the ACM - * service principal permission to do so. For more information, see Testing Managed Renewal - * in the ACM User Guide.
+ * @see {@link RenewCertificateCommand} */ - public renewCertificate( + renewCertificate( args: RenewCertificateCommandInput, options?: __HttpHandlerOptions ): PromiseRequests an ACM certificate for use with other Amazon Web Services services. To request an ACM
- * certificate, you must specify a fully qualified domain name (FQDN) in the
- * DomainName
parameter. You can also specify additional FQDNs in the
- * SubjectAlternativeNames
parameter.
If you are requesting a private certificate, domain validation is not required. If you are - * requesting a public certificate, each domain name that you specify must be validated to verify - * that you own or control the domain. You can use DNS validation or email validation. - * We recommend that you use DNS validation. ACM issues public certificates after receiving - * approval from the domain owner.
- *ACM behavior differs from the RFC 6125 - * specification of the certificate validation process. ACM first checks for a Subject - * Alternative Name, and, if it finds one, ignores the common name (CN).
- *After successful completion of the RequestCertificate
action, there is a
- * delay of several seconds before you can retrieve information about the new certificate.
Resends the email that requests domain ownership validation. The domain owner or an - * authorized representative must approve the ACM certificate before it can be issued. The - * certificate can be approved by clicking a link in the mail to navigate to the Amazon - * certificate approval website and then clicking I Approve. - * However, the validation email can be blocked by spam filters. Therefore, if you do not receive - * the original mail, you can request that the mail be resent within 72 hours of requesting the - * ACM certificate. If more than 72 hours have elapsed since your original request or since - * your last attempt to resend validation mail, you must request a new certificate. For more - * information about setting up your contact email addresses, see Configure Email for your Domain.
+ * @see {@link ResendValidationEmailCommand} */ - public resendValidationEmail( + resendValidationEmail( args: ResendValidationEmailCommandInput, options?: __HttpHandlerOptions ): PromiseUpdates a certificate. Currently, you can use this function to specify whether to opt in - * to or out of recording your certificate in a certificate transparency log. For more - * information, see Opting Out of - * Certificate Transparency Logging.
+ * @see {@link UpdateCertificateOptionsCommand} */ - public updateCertificateOptions( + updateCertificateOptions( args: UpdateCertificateOptionsCommandInput, options?: __HttpHandlerOptions ): PromiseYou can use Certificate Manager (ACM) to manage SSL/TLS certificates for your Amazon Web Services-based websites + * and applications. For more information about using ACM, see the Certificate Manager User Guide.
+ */ +export class ACM extends ACMClient implements ACM {} +createAggregatedClient(commands, ACM); diff --git a/clients/client-alexa-for-business/src/AlexaForBusiness.ts b/clients/client-alexa-for-business/src/AlexaForBusiness.ts index 99ab65b7e641..9dce8b57ea03 100644 --- a/clients/client-alexa-for-business/src/AlexaForBusiness.ts +++ b/clients/client-alexa-for-business/src/AlexaForBusiness.ts @@ -1,7 +1,8 @@ // smithy-typescript generated code +import { createAggregatedClient } from "@aws-sdk/smithy-client"; import { HttpHandlerOptions as __HttpHandlerOptions } from "@aws-sdk/types"; -import { AlexaForBusinessClient } from "./AlexaForBusinessClient"; +import { AlexaForBusinessClient, AlexaForBusinessClientConfig } from "./AlexaForBusinessClient"; import { ApproveSkillCommand, ApproveSkillCommandInput, @@ -400,3035 +401,1491 @@ import { UpdateSkillGroupCommandOutput, } from "./commands/UpdateSkillGroupCommand"; -/** - * @public - *Alexa for Business helps you use Alexa in your organization. Alexa for Business provides you with the tools - * to manage Alexa devices, enroll your users, and assign skills, at scale. You can build your - * own context-aware voice skills using the Alexa Skills Kit and the Alexa for Business API operations. - * You can also make these available as private skills for your organization. Alexa for Business makes it - * efficient to voice-enable your products and services, thus providing context-aware voice - * experiences for your customers. Device makers building with the Alexa Voice Service (AVS) - * can create fully integrated solutions, register their products with Alexa for Business, and manage them - * as shared devices in their organization.
- */ -export class AlexaForBusiness extends AlexaForBusinessClient { +const commands = { + ApproveSkillCommand, + AssociateContactWithAddressBookCommand, + AssociateDeviceWithNetworkProfileCommand, + AssociateDeviceWithRoomCommand, + AssociateSkillGroupWithRoomCommand, + AssociateSkillWithSkillGroupCommand, + AssociateSkillWithUsersCommand, + CreateAddressBookCommand, + CreateBusinessReportScheduleCommand, + CreateConferenceProviderCommand, + CreateContactCommand, + CreateGatewayGroupCommand, + CreateNetworkProfileCommand, + CreateProfileCommand, + CreateRoomCommand, + CreateSkillGroupCommand, + CreateUserCommand, + DeleteAddressBookCommand, + DeleteBusinessReportScheduleCommand, + DeleteConferenceProviderCommand, + DeleteContactCommand, + DeleteDeviceCommand, + DeleteDeviceUsageDataCommand, + DeleteGatewayGroupCommand, + DeleteNetworkProfileCommand, + DeleteProfileCommand, + DeleteRoomCommand, + DeleteRoomSkillParameterCommand, + DeleteSkillAuthorizationCommand, + DeleteSkillGroupCommand, + DeleteUserCommand, + DisassociateContactFromAddressBookCommand, + DisassociateDeviceFromRoomCommand, + DisassociateSkillFromSkillGroupCommand, + DisassociateSkillFromUsersCommand, + DisassociateSkillGroupFromRoomCommand, + ForgetSmartHomeAppliancesCommand, + GetAddressBookCommand, + GetConferencePreferenceCommand, + GetConferenceProviderCommand, + GetContactCommand, + GetDeviceCommand, + GetGatewayCommand, + GetGatewayGroupCommand, + GetInvitationConfigurationCommand, + GetNetworkProfileCommand, + GetProfileCommand, + GetRoomCommand, + GetRoomSkillParameterCommand, + GetSkillGroupCommand, + ListBusinessReportSchedulesCommand, + ListConferenceProvidersCommand, + ListDeviceEventsCommand, + ListGatewayGroupsCommand, + ListGatewaysCommand, + ListSkillsCommand, + ListSkillsStoreCategoriesCommand, + ListSkillsStoreSkillsByCategoryCommand, + ListSmartHomeAppliancesCommand, + ListTagsCommand, + PutConferencePreferenceCommand, + PutInvitationConfigurationCommand, + PutRoomSkillParameterCommand, + PutSkillAuthorizationCommand, + RegisterAVSDeviceCommand, + RejectSkillCommand, + ResolveRoomCommand, + RevokeInvitationCommand, + SearchAddressBooksCommand, + SearchContactsCommand, + SearchDevicesCommand, + SearchNetworkProfilesCommand, + SearchProfilesCommand, + SearchRoomsCommand, + SearchSkillGroupsCommand, + SearchUsersCommand, + SendAnnouncementCommand, + SendInvitationCommand, + StartDeviceSyncCommand, + StartSmartHomeApplianceDiscoveryCommand, + TagResourceCommand, + UntagResourceCommand, + UpdateAddressBookCommand, + UpdateBusinessReportScheduleCommand, + UpdateConferenceProviderCommand, + UpdateContactCommand, + UpdateDeviceCommand, + UpdateGatewayCommand, + UpdateGatewayGroupCommand, + UpdateNetworkProfileCommand, + UpdateProfileCommand, + UpdateRoomCommand, + UpdateSkillGroupCommand, +}; + +export interface AlexaForBusiness { /** - * @public - *Associates a skill with the organization under the customer's AWS account. If a skill - * is private, the user implicitly accepts access to this skill during enablement.
+ * @see {@link ApproveSkillCommand} */ - public approveSkill( - args: ApproveSkillCommandInput, - options?: __HttpHandlerOptions - ): PromiseAssociates a contact with a given address book.
- */ - public associateContactWithAddressBook( + + /** + * @see {@link AssociateContactWithAddressBookCommand} + */ + associateContactWithAddressBook( args: AssociateContactWithAddressBookCommandInput, options?: __HttpHandlerOptions ): PromiseAssociates a device with the specified network profile.
- */ - public associateDeviceWithNetworkProfile( + + /** + * @see {@link AssociateDeviceWithNetworkProfileCommand} + */ + associateDeviceWithNetworkProfile( args: AssociateDeviceWithNetworkProfileCommandInput, options?: __HttpHandlerOptions ): PromiseAssociates a device with a given room. This applies all the settings from the room - * profile to the device, and all the skills in any skill groups added to that room. This - * operation requires the device to be online, or else a manual sync is required.
- */ - public associateDeviceWithRoom( + + /** + * @see {@link AssociateDeviceWithRoomCommand} + */ + associateDeviceWithRoom( args: AssociateDeviceWithRoomCommandInput, options?: __HttpHandlerOptions ): PromiseAssociates a skill group with a given room. This enables all skills in the associated - * skill group on all devices in the room.
- */ - public associateSkillGroupWithRoom( + + /** + * @see {@link AssociateSkillGroupWithRoomCommand} + */ + associateSkillGroupWithRoom( args: AssociateSkillGroupWithRoomCommandInput, options?: __HttpHandlerOptions ): PromiseAssociates a skill with a skill group.
- */ - public associateSkillWithSkillGroup( + + /** + * @see {@link AssociateSkillWithSkillGroupCommand} + */ + associateSkillWithSkillGroup( args: AssociateSkillWithSkillGroupCommandInput, options?: __HttpHandlerOptions ): PromiseMakes a private skill available for enrolled users to enable on their devices.
- */ - public associateSkillWithUsers( + + /** + * @see {@link AssociateSkillWithUsersCommand} + */ + associateSkillWithUsers( args: AssociateSkillWithUsersCommandInput, options?: __HttpHandlerOptions ): PromiseCreates an address book with the specified details.
- */ - public createAddressBook( + + /** + * @see {@link CreateAddressBookCommand} + */ + createAddressBook( args: CreateAddressBookCommandInput, options?: __HttpHandlerOptions ): PromiseCreates a recurring schedule for usage reports to deliver to the specified S3 - * location with a specified daily or weekly interval.
- */ - public createBusinessReportSchedule( + + /** + * @see {@link CreateBusinessReportScheduleCommand} + */ + createBusinessReportSchedule( args: CreateBusinessReportScheduleCommandInput, options?: __HttpHandlerOptions ): PromiseAdds a new conference provider under the user's AWS account.
- */ - public createConferenceProvider( + + /** + * @see {@link CreateConferenceProviderCommand} + */ + createConferenceProvider( args: CreateConferenceProviderCommandInput, options?: __HttpHandlerOptions ): PromiseCreates a contact with the specified details.
- */ - public createContact( - args: CreateContactCommandInput, - options?: __HttpHandlerOptions - ): PromiseCreates a gateway group with the specified details.
- */ - public createGatewayGroup( + + /** + * @see {@link CreateGatewayGroupCommand} + */ + createGatewayGroup( args: CreateGatewayGroupCommandInput, options?: __HttpHandlerOptions ): PromiseCreates a network profile with the specified details.
- */ - public createNetworkProfile( + + /** + * @see {@link CreateNetworkProfileCommand} + */ + createNetworkProfile( args: CreateNetworkProfileCommandInput, options?: __HttpHandlerOptions ): PromiseCreates a new room profile with the specified details.
- */ - public createProfile( - args: CreateProfileCommandInput, - options?: __HttpHandlerOptions - ): PromiseCreates a room with the specified details.
- */ - public createRoom(args: CreateRoomCommandInput, options?: __HttpHandlerOptions): PromiseCreates a skill group with a specified name and description.
- */ - public createSkillGroup( + + /** + * @see {@link CreateSkillGroupCommand} + */ + createSkillGroup( args: CreateSkillGroupCommandInput, options?: __HttpHandlerOptions ): PromiseCreates a user.
- */ - public createUser(args: CreateUserCommandInput, options?: __HttpHandlerOptions): PromiseDeletes an address book by the address book ARN.
- */ - public deleteAddressBook( + + /** + * @see {@link DeleteAddressBookCommand} + */ + deleteAddressBook( args: DeleteAddressBookCommandInput, options?: __HttpHandlerOptions ): PromiseDeletes the recurring report delivery schedule with the specified schedule - * ARN.
- */ - public deleteBusinessReportSchedule( + + /** + * @see {@link DeleteBusinessReportScheduleCommand} + */ + deleteBusinessReportSchedule( args: DeleteBusinessReportScheduleCommandInput, options?: __HttpHandlerOptions ): PromiseDeletes a conference provider.
- */ - public deleteConferenceProvider( + + /** + * @see {@link DeleteConferenceProviderCommand} + */ + deleteConferenceProvider( args: DeleteConferenceProviderCommandInput, options?: __HttpHandlerOptions ): PromiseDeletes a contact by the contact ARN.
- */ - public deleteContact( - args: DeleteContactCommandInput, - options?: __HttpHandlerOptions - ): PromiseRemoves a device from Alexa For Business.
- */ - public deleteDevice( - args: DeleteDeviceCommandInput, - options?: __HttpHandlerOptions - ): PromiseWhen this action is called for a specified shared device, it allows authorized users to - * delete the device's entire previous history of voice input data and associated response - * data. This action can be called once every 24 hours for a specific shared device.
- */ - public deleteDeviceUsageData( + + /** + * @see {@link DeleteDeviceUsageDataCommand} + */ + deleteDeviceUsageData( args: DeleteDeviceUsageDataCommandInput, options?: __HttpHandlerOptions ): PromiseDeletes a gateway group.
- */ - public deleteGatewayGroup( + + /** + * @see {@link DeleteGatewayGroupCommand} + */ + deleteGatewayGroup( args: DeleteGatewayGroupCommandInput, options?: __HttpHandlerOptions ): PromiseDeletes a network profile by the network profile ARN.
- */ - public deleteNetworkProfile( + + /** + * @see {@link DeleteNetworkProfileCommand} + */ + deleteNetworkProfile( args: DeleteNetworkProfileCommandInput, options?: __HttpHandlerOptions ): PromiseDeletes a room profile by the profile ARN.
- */ - public deleteProfile( - args: DeleteProfileCommandInput, - options?: __HttpHandlerOptions - ): PromiseDeletes a room by the room ARN.
- */ - public deleteRoom(args: DeleteRoomCommandInput, options?: __HttpHandlerOptions): PromiseDeletes room skill parameter details by room, skill, and parameter key ID.
- */ - public deleteRoomSkillParameter( + + /** + * @see {@link DeleteRoomSkillParameterCommand} + */ + deleteRoomSkillParameter( args: DeleteRoomSkillParameterCommandInput, options?: __HttpHandlerOptions ): PromiseUnlinks a third-party account from a skill.
- */ - public deleteSkillAuthorization( + + /** + * @see {@link DeleteSkillAuthorizationCommand} + */ + deleteSkillAuthorization( args: DeleteSkillAuthorizationCommandInput, options?: __HttpHandlerOptions ): PromiseDeletes a skill group by skill group ARN.
- */ - public deleteSkillGroup( + + /** + * @see {@link DeleteSkillGroupCommand} + */ + deleteSkillGroup( args: DeleteSkillGroupCommandInput, options?: __HttpHandlerOptions ): PromiseDeletes a specified user by user ARN and enrollment ARN.
- */ - public deleteUser(args: DeleteUserCommandInput, options?: __HttpHandlerOptions): PromiseDisassociates a contact from a given address book.
- */ - public disassociateContactFromAddressBook( + + /** + * @see {@link DisassociateContactFromAddressBookCommand} + */ + disassociateContactFromAddressBook( args: DisassociateContactFromAddressBookCommandInput, options?: __HttpHandlerOptions ): PromiseDisassociates a device from its current room. The device continues to be connected to - * the Wi-Fi network and is still registered to the account. The device settings and skills - * are removed from the room.
- */ - public disassociateDeviceFromRoom( + + /** + * @see {@link DisassociateDeviceFromRoomCommand} + */ + disassociateDeviceFromRoom( args: DisassociateDeviceFromRoomCommandInput, options?: __HttpHandlerOptions ): PromiseDisassociates a skill from a skill group.
- */ - public disassociateSkillFromSkillGroup( + + /** + * @see {@link DisassociateSkillFromSkillGroupCommand} + */ + disassociateSkillFromSkillGroup( args: DisassociateSkillFromSkillGroupCommandInput, options?: __HttpHandlerOptions ): PromiseMakes a private skill unavailable for enrolled users and prevents them from enabling it - * on their devices.
- */ - public disassociateSkillFromUsers( + + /** + * @see {@link DisassociateSkillFromUsersCommand} + */ + disassociateSkillFromUsers( args: DisassociateSkillFromUsersCommandInput, options?: __HttpHandlerOptions ): PromiseDisassociates a skill group from a specified room. This disables all skills in the - * skill group on all devices in the room.
- */ - public disassociateSkillGroupFromRoom( + + /** + * @see {@link DisassociateSkillGroupFromRoomCommand} + */ + disassociateSkillGroupFromRoom( args: DisassociateSkillGroupFromRoomCommandInput, options?: __HttpHandlerOptions ): PromiseForgets smart home appliances associated to a room.
- */ - public forgetSmartHomeAppliances( + + /** + * @see {@link ForgetSmartHomeAppliancesCommand} + */ + forgetSmartHomeAppliances( args: ForgetSmartHomeAppliancesCommandInput, options?: __HttpHandlerOptions ): PromiseGets address the book details by the address book ARN.
- */ - public getAddressBook( + + /** + * @see {@link GetAddressBookCommand} + */ + getAddressBook( args: GetAddressBookCommandInput, options?: __HttpHandlerOptions ): PromiseRetrieves the existing conference preferences.
- */ - public getConferencePreference( + + /** + * @see {@link GetConferencePreferenceCommand} + */ + getConferencePreference( args: GetConferencePreferenceCommandInput, options?: __HttpHandlerOptions ): PromiseGets details about a specific conference provider.
- */ - public getConferenceProvider( + + /** + * @see {@link GetConferenceProviderCommand} + */ + getConferenceProvider( args: GetConferenceProviderCommandInput, options?: __HttpHandlerOptions ): PromiseGets the contact details by the contact ARN.
- */ - public getContact(args: GetContactCommandInput, options?: __HttpHandlerOptions): Promise