/** * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. * SPDX-License-Identifier: Apache-2.0. */ #pragma once #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include namespace Aws { namespace Http { class HttpClient; class HttpClientFactory; } // namespace Http namespace Utils { template< typename R, typename E> class Outcome; namespace Threading { class Executor; } // namespace Threading } // namespace Utils namespace Auth { class AWSCredentials; class AWSCredentialsProvider; } // namespace Auth namespace Client { class RetryStrategy; } // namespace Client namespace ACMPCA { namespace Model { class CreateCertificateAuthorityRequest; class CreateCertificateAuthorityAuditReportRequest; class CreatePermissionRequest; class DeleteCertificateAuthorityRequest; class DeletePermissionRequest; class DeletePolicyRequest; class DescribeCertificateAuthorityRequest; class DescribeCertificateAuthorityAuditReportRequest; class GetCertificateRequest; class GetCertificateAuthorityCertificateRequest; class GetCertificateAuthorityCsrRequest; class GetPolicyRequest; class ImportCertificateAuthorityCertificateRequest; class IssueCertificateRequest; class ListCertificateAuthoritiesRequest; class ListPermissionsRequest; class ListTagsRequest; class PutPolicyRequest; class RestoreCertificateAuthorityRequest; class RevokeCertificateRequest; class TagCertificateAuthorityRequest; class UntagCertificateAuthorityRequest; class UpdateCertificateAuthorityRequest; typedef Aws::Utils::Outcome CreateCertificateAuthorityOutcome; typedef Aws::Utils::Outcome CreateCertificateAuthorityAuditReportOutcome; typedef Aws::Utils::Outcome CreatePermissionOutcome; typedef Aws::Utils::Outcome DeleteCertificateAuthorityOutcome; typedef Aws::Utils::Outcome DeletePermissionOutcome; typedef Aws::Utils::Outcome DeletePolicyOutcome; typedef Aws::Utils::Outcome DescribeCertificateAuthorityOutcome; typedef Aws::Utils::Outcome DescribeCertificateAuthorityAuditReportOutcome; typedef Aws::Utils::Outcome GetCertificateOutcome; typedef Aws::Utils::Outcome GetCertificateAuthorityCertificateOutcome; typedef Aws::Utils::Outcome GetCertificateAuthorityCsrOutcome; typedef Aws::Utils::Outcome GetPolicyOutcome; typedef Aws::Utils::Outcome ImportCertificateAuthorityCertificateOutcome; typedef Aws::Utils::Outcome IssueCertificateOutcome; typedef Aws::Utils::Outcome ListCertificateAuthoritiesOutcome; typedef Aws::Utils::Outcome ListPermissionsOutcome; typedef Aws::Utils::Outcome ListTagsOutcome; typedef Aws::Utils::Outcome PutPolicyOutcome; typedef Aws::Utils::Outcome RestoreCertificateAuthorityOutcome; typedef Aws::Utils::Outcome RevokeCertificateOutcome; typedef Aws::Utils::Outcome TagCertificateAuthorityOutcome; typedef Aws::Utils::Outcome UntagCertificateAuthorityOutcome; typedef Aws::Utils::Outcome UpdateCertificateAuthorityOutcome; typedef std::future CreateCertificateAuthorityOutcomeCallable; typedef std::future CreateCertificateAuthorityAuditReportOutcomeCallable; typedef std::future CreatePermissionOutcomeCallable; typedef std::future DeleteCertificateAuthorityOutcomeCallable; typedef std::future DeletePermissionOutcomeCallable; typedef std::future DeletePolicyOutcomeCallable; typedef std::future DescribeCertificateAuthorityOutcomeCallable; typedef std::future DescribeCertificateAuthorityAuditReportOutcomeCallable; typedef std::future GetCertificateOutcomeCallable; typedef std::future GetCertificateAuthorityCertificateOutcomeCallable; typedef std::future GetCertificateAuthorityCsrOutcomeCallable; typedef std::future GetPolicyOutcomeCallable; typedef std::future ImportCertificateAuthorityCertificateOutcomeCallable; typedef std::future IssueCertificateOutcomeCallable; typedef std::future ListCertificateAuthoritiesOutcomeCallable; typedef std::future ListPermissionsOutcomeCallable; typedef std::future ListTagsOutcomeCallable; typedef std::future PutPolicyOutcomeCallable; typedef std::future RestoreCertificateAuthorityOutcomeCallable; typedef std::future RevokeCertificateOutcomeCallable; typedef std::future TagCertificateAuthorityOutcomeCallable; typedef std::future UntagCertificateAuthorityOutcomeCallable; typedef std::future UpdateCertificateAuthorityOutcomeCallable; } // namespace Model class ACMPCAClient; typedef std::function&) > CreateCertificateAuthorityResponseReceivedHandler; typedef std::function&) > CreateCertificateAuthorityAuditReportResponseReceivedHandler; typedef std::function&) > CreatePermissionResponseReceivedHandler; typedef std::function&) > DeleteCertificateAuthorityResponseReceivedHandler; typedef std::function&) > DeletePermissionResponseReceivedHandler; typedef std::function&) > DeletePolicyResponseReceivedHandler; typedef std::function&) > DescribeCertificateAuthorityResponseReceivedHandler; typedef std::function&) > DescribeCertificateAuthorityAuditReportResponseReceivedHandler; typedef std::function&) > GetCertificateResponseReceivedHandler; typedef std::function&) > GetCertificateAuthorityCertificateResponseReceivedHandler; typedef std::function&) > GetCertificateAuthorityCsrResponseReceivedHandler; typedef std::function&) > GetPolicyResponseReceivedHandler; typedef std::function&) > ImportCertificateAuthorityCertificateResponseReceivedHandler; typedef std::function&) > IssueCertificateResponseReceivedHandler; typedef std::function&) > ListCertificateAuthoritiesResponseReceivedHandler; typedef std::function&) > ListPermissionsResponseReceivedHandler; typedef std::function&) > ListTagsResponseReceivedHandler; typedef std::function&) > PutPolicyResponseReceivedHandler; typedef std::function&) > RestoreCertificateAuthorityResponseReceivedHandler; typedef std::function&) > RevokeCertificateResponseReceivedHandler; typedef std::function&) > TagCertificateAuthorityResponseReceivedHandler; typedef std::function&) > UntagCertificateAuthorityResponseReceivedHandler; typedef std::function&) > UpdateCertificateAuthorityResponseReceivedHandler; /** *

This is the ACM Private CA API Reference. It * provides descriptions, syntax, and usage examples for each of the actions and * data types involved in creating and managing private certificate authorities * (CA) for your organization.

The documentation for each action shows the * Query API request parameters and the XML response. Alternatively, you can use * one of the AWS SDKs to access an API that's tailored to the programming language * or platform that you're using. For more information, see AWS SDKs.

Each ACM * Private CA API action has a quota that determines the number of times the action * can be called per second. For more information, see API * Rate Quotas in ACM Private CA in the ACM Private CA user guide.

*/ class AWS_ACMPCA_API ACMPCAClient : public Aws::Client::AWSJsonClient { public: typedef Aws::Client::AWSJsonClient BASECLASS; /** * Initializes client to use DefaultCredentialProviderChain, with default http client factory, and optional client config. If client config * is not specified, it will be initialized to default values. */ ACMPCAClient(const Aws::Client::ClientConfiguration& clientConfiguration = Aws::Client::ClientConfiguration()); /** * Initializes client to use SimpleAWSCredentialsProvider, with default http client factory, and optional client config. If client config * is not specified, it will be initialized to default values. */ ACMPCAClient(const Aws::Auth::AWSCredentials& credentials, const Aws::Client::ClientConfiguration& clientConfiguration = Aws::Client::ClientConfiguration()); /** * Initializes client to use specified credentials provider with specified client config. If http client factory is not supplied, * the default http client factory will be used */ ACMPCAClient(const std::shared_ptr& credentialsProvider, const Aws::Client::ClientConfiguration& clientConfiguration = Aws::Client::ClientConfiguration()); virtual ~ACMPCAClient(); /** *

Creates a root or subordinate private certificate authority (CA). You must * specify the CA configuration, the certificate revocation list (CRL) * configuration, the CA type, and an optional idempotency token to avoid * accidental creation of multiple CAs. The CA configuration specifies the name of * the algorithm and key size to be used to create the CA private key, the type of * signing algorithm that the CA uses, and X.500 subject information. The CRL * configuration specifies the CRL expiration period in days (the validity period * of the CRL), the Amazon S3 bucket that will contain the CRL, and a CNAME alias * for the S3 bucket that is included in certificates issued by the CA. If * successful, this action returns the Amazon Resource Name (ARN) of the CA.

*

ACM Private CAA assets that are stored in Amazon S3 can be protected with * encryption. For more information, see Encrypting * Your CRLs.

Both PCA and the IAM principal must have permission * to write to the S3 bucket that you specify. If the IAM principal making the call * does not have permission to write to the bucket, then an exception is thrown. * For more information, see Configure * Access to ACM Private CA.

See Also:

AWS * API Reference

*/ virtual Model::CreateCertificateAuthorityOutcome CreateCertificateAuthority(const Model::CreateCertificateAuthorityRequest& request) const; /** *

Creates a root or subordinate private certificate authority (CA). You must * specify the CA configuration, the certificate revocation list (CRL) * configuration, the CA type, and an optional idempotency token to avoid * accidental creation of multiple CAs. The CA configuration specifies the name of * the algorithm and key size to be used to create the CA private key, the type of * signing algorithm that the CA uses, and X.500 subject information. The CRL * configuration specifies the CRL expiration period in days (the validity period * of the CRL), the Amazon S3 bucket that will contain the CRL, and a CNAME alias * for the S3 bucket that is included in certificates issued by the CA. If * successful, this action returns the Amazon Resource Name (ARN) of the CA.

*

ACM Private CAA assets that are stored in Amazon S3 can be protected with * encryption. For more information, see Encrypting * Your CRLs.

Both PCA and the IAM principal must have permission * to write to the S3 bucket that you specify. If the IAM principal making the call * does not have permission to write to the bucket, then an exception is thrown. * For more information, see Configure * Access to ACM Private CA.

See Also:

AWS * API Reference

* * returns a future to the operation so that it can be executed in parallel to other requests. */ virtual Model::CreateCertificateAuthorityOutcomeCallable CreateCertificateAuthorityCallable(const Model::CreateCertificateAuthorityRequest& request) const; /** *

Creates a root or subordinate private certificate authority (CA). You must * specify the CA configuration, the certificate revocation list (CRL) * configuration, the CA type, and an optional idempotency token to avoid * accidental creation of multiple CAs. The CA configuration specifies the name of * the algorithm and key size to be used to create the CA private key, the type of * signing algorithm that the CA uses, and X.500 subject information. The CRL * configuration specifies the CRL expiration period in days (the validity period * of the CRL), the Amazon S3 bucket that will contain the CRL, and a CNAME alias * for the S3 bucket that is included in certificates issued by the CA. If * successful, this action returns the Amazon Resource Name (ARN) of the CA.

*

ACM Private CAA assets that are stored in Amazon S3 can be protected with * encryption. For more information, see Encrypting * Your CRLs.

Both PCA and the IAM principal must have permission * to write to the S3 bucket that you specify. If the IAM principal making the call * does not have permission to write to the bucket, then an exception is thrown. * For more information, see Configure * Access to ACM Private CA.

See Also:

AWS * API Reference

* * Queues the request into a thread executor and triggers associated callback when operation has finished. */ virtual void CreateCertificateAuthorityAsync(const Model::CreateCertificateAuthorityRequest& request, const CreateCertificateAuthorityResponseReceivedHandler& handler, const std::shared_ptr& context = nullptr) const; /** *

Creates an audit report that lists every time that your CA private key is * used. The report is saved in the Amazon S3 bucket that you specify on input. The * IssueCertificate * and RevokeCertificate * actions use the private key.

Both PCA and the IAM principal must * have permission to write to the S3 bucket that you specify. If the IAM principal * making the call does not have permission to write to the bucket, then an * exception is thrown. For more information, see Configure * Access to ACM Private CA.

ACM Private CAA assets that are * stored in Amazon S3 can be protected with encryption. For more information, see * Encrypting * Your Audit Reports.

See Also:

AWS * API Reference

*/ virtual Model::CreateCertificateAuthorityAuditReportOutcome CreateCertificateAuthorityAuditReport(const Model::CreateCertificateAuthorityAuditReportRequest& request) const; /** *

Creates an audit report that lists every time that your CA private key is * used. The report is saved in the Amazon S3 bucket that you specify on input. The * IssueCertificate * and RevokeCertificate * actions use the private key.

Both PCA and the IAM principal must * have permission to write to the S3 bucket that you specify. If the IAM principal * making the call does not have permission to write to the bucket, then an * exception is thrown. For more information, see Configure * Access to ACM Private CA.

ACM Private CAA assets that are * stored in Amazon S3 can be protected with encryption. For more information, see * Encrypting * Your Audit Reports.

See Also:

AWS * API Reference

* * returns a future to the operation so that it can be executed in parallel to other requests. */ virtual Model::CreateCertificateAuthorityAuditReportOutcomeCallable CreateCertificateAuthorityAuditReportCallable(const Model::CreateCertificateAuthorityAuditReportRequest& request) const; /** *

Creates an audit report that lists every time that your CA private key is * used. The report is saved in the Amazon S3 bucket that you specify on input. The * IssueCertificate * and RevokeCertificate * actions use the private key.

Both PCA and the IAM principal must * have permission to write to the S3 bucket that you specify. If the IAM principal * making the call does not have permission to write to the bucket, then an * exception is thrown. For more information, see Configure * Access to ACM Private CA.

ACM Private CAA assets that are * stored in Amazon S3 can be protected with encryption. For more information, see * Encrypting * Your Audit Reports.

See Also:

AWS * API Reference

* * Queues the request into a thread executor and triggers associated callback when operation has finished. */ virtual void CreateCertificateAuthorityAuditReportAsync(const Model::CreateCertificateAuthorityAuditReportRequest& request, const CreateCertificateAuthorityAuditReportResponseReceivedHandler& handler, const std::shared_ptr& context = nullptr) const; /** *

Grants one or more permissions on a private CA to the AWS Certificate Manager * (ACM) service principal (acm.amazonaws.com). These permissions * allow ACM to issue and renew ACM certificates that reside in the same AWS * account as the CA.

You can list current permissions with the ListPermissions * action and revoke them with the DeletePermission * action.

About Permissions

  • If the * private CA and the certificates it issues reside in the same account, you can * use CreatePermission to grant permissions for ACM to carry out * automatic certificate renewals.

  • For automatic certificate * renewal to succeed, the ACM service principal needs permissions to create, * retrieve, and list certificates.

  • If the private CA and the ACM * certificates reside in different accounts, then permissions cannot be used to * enable automatic renewals. Instead, the ACM certificate owner must set up a * resource-based policy to enable cross-account issuance and renewals. For more * information, see Using a * Resource Based Policy with ACM Private CA.

See * Also:

AWS * API Reference

*/ virtual Model::CreatePermissionOutcome CreatePermission(const Model::CreatePermissionRequest& request) const; /** *

Grants one or more permissions on a private CA to the AWS Certificate Manager * (ACM) service principal (acm.amazonaws.com). These permissions * allow ACM to issue and renew ACM certificates that reside in the same AWS * account as the CA.

You can list current permissions with the ListPermissions * action and revoke them with the DeletePermission * action.

About Permissions

  • If the * private CA and the certificates it issues reside in the same account, you can * use CreatePermission to grant permissions for ACM to carry out * automatic certificate renewals.

  • For automatic certificate * renewal to succeed, the ACM service principal needs permissions to create, * retrieve, and list certificates.

  • If the private CA and the ACM * certificates reside in different accounts, then permissions cannot be used to * enable automatic renewals. Instead, the ACM certificate owner must set up a * resource-based policy to enable cross-account issuance and renewals. For more * information, see Using a * Resource Based Policy with ACM Private CA.

See * Also:

AWS * API Reference

* * returns a future to the operation so that it can be executed in parallel to other requests. */ virtual Model::CreatePermissionOutcomeCallable CreatePermissionCallable(const Model::CreatePermissionRequest& request) const; /** *

Grants one or more permissions on a private CA to the AWS Certificate Manager * (ACM) service principal (acm.amazonaws.com). These permissions * allow ACM to issue and renew ACM certificates that reside in the same AWS * account as the CA.

You can list current permissions with the ListPermissions * action and revoke them with the DeletePermission * action.

About Permissions

  • If the * private CA and the certificates it issues reside in the same account, you can * use CreatePermission to grant permissions for ACM to carry out * automatic certificate renewals.

  • For automatic certificate * renewal to succeed, the ACM service principal needs permissions to create, * retrieve, and list certificates.

  • If the private CA and the ACM * certificates reside in different accounts, then permissions cannot be used to * enable automatic renewals. Instead, the ACM certificate owner must set up a * resource-based policy to enable cross-account issuance and renewals. For more * information, see Using a * Resource Based Policy with ACM Private CA.

See * Also:

AWS * API Reference

* * Queues the request into a thread executor and triggers associated callback when operation has finished. */ virtual void CreatePermissionAsync(const Model::CreatePermissionRequest& request, const CreatePermissionResponseReceivedHandler& handler, const std::shared_ptr& context = nullptr) const; /** *

Deletes a private certificate authority (CA). You must provide the Amazon * Resource Name (ARN) of the private CA that you want to delete. You can find the * ARN by calling the ListCertificateAuthorities * action.

Deleting a CA will invalidate other CAs and certificates * below it in your CA hierarchy.

Before you can delete a CA that * you have created and activated, you must disable it. To do this, call the UpdateCertificateAuthority * action and set the CertificateAuthorityStatus parameter to * DISABLED.

Additionally, you can delete a CA if you are * waiting for it to be created (that is, the status of the CA is * CREATING). You can also delete it if the CA has been created but * you haven't yet imported the signed certificate into ACM Private CA (that is, * the status of the CA is PENDING_CERTIFICATE).

When you * successfully call DeleteCertificateAuthority, * the CA's status changes to DELETED. However, the CA won't be * permanently deleted until the restoration period has passed. By default, if you * do not set the PermanentDeletionTimeInDays parameter, the CA * remains restorable for 30 days. You can set the parameter from 7 to 30 days. The * DescribeCertificateAuthority * action returns the time remaining in the restoration window of a private CA in * the DELETED state. To restore an eligible CA, call the RestoreCertificateAuthority * action.

See Also:

AWS * API Reference

*/ virtual Model::DeleteCertificateAuthorityOutcome DeleteCertificateAuthority(const Model::DeleteCertificateAuthorityRequest& request) const; /** *

Deletes a private certificate authority (CA). You must provide the Amazon * Resource Name (ARN) of the private CA that you want to delete. You can find the * ARN by calling the ListCertificateAuthorities * action.

Deleting a CA will invalidate other CAs and certificates * below it in your CA hierarchy.

Before you can delete a CA that * you have created and activated, you must disable it. To do this, call the UpdateCertificateAuthority * action and set the CertificateAuthorityStatus parameter to * DISABLED.

Additionally, you can delete a CA if you are * waiting for it to be created (that is, the status of the CA is * CREATING). You can also delete it if the CA has been created but * you haven't yet imported the signed certificate into ACM Private CA (that is, * the status of the CA is PENDING_CERTIFICATE).

When you * successfully call DeleteCertificateAuthority, * the CA's status changes to DELETED. However, the CA won't be * permanently deleted until the restoration period has passed. By default, if you * do not set the PermanentDeletionTimeInDays parameter, the CA * remains restorable for 30 days. You can set the parameter from 7 to 30 days. The * DescribeCertificateAuthority * action returns the time remaining in the restoration window of a private CA in * the DELETED state. To restore an eligible CA, call the RestoreCertificateAuthority * action.

See Also:

AWS * API Reference

* * returns a future to the operation so that it can be executed in parallel to other requests. */ virtual Model::DeleteCertificateAuthorityOutcomeCallable DeleteCertificateAuthorityCallable(const Model::DeleteCertificateAuthorityRequest& request) const; /** *

Deletes a private certificate authority (CA). You must provide the Amazon * Resource Name (ARN) of the private CA that you want to delete. You can find the * ARN by calling the ListCertificateAuthorities * action.

Deleting a CA will invalidate other CAs and certificates * below it in your CA hierarchy.

Before you can delete a CA that * you have created and activated, you must disable it. To do this, call the UpdateCertificateAuthority * action and set the CertificateAuthorityStatus parameter to * DISABLED.

Additionally, you can delete a CA if you are * waiting for it to be created (that is, the status of the CA is * CREATING). You can also delete it if the CA has been created but * you haven't yet imported the signed certificate into ACM Private CA (that is, * the status of the CA is PENDING_CERTIFICATE).

When you * successfully call DeleteCertificateAuthority, * the CA's status changes to DELETED. However, the CA won't be * permanently deleted until the restoration period has passed. By default, if you * do not set the PermanentDeletionTimeInDays parameter, the CA * remains restorable for 30 days. You can set the parameter from 7 to 30 days. The * DescribeCertificateAuthority * action returns the time remaining in the restoration window of a private CA in * the DELETED state. To restore an eligible CA, call the RestoreCertificateAuthority * action.

See Also:

AWS * API Reference

* * Queues the request into a thread executor and triggers associated callback when operation has finished. */ virtual void DeleteCertificateAuthorityAsync(const Model::DeleteCertificateAuthorityRequest& request, const DeleteCertificateAuthorityResponseReceivedHandler& handler, const std::shared_ptr& context = nullptr) const; /** *

Revokes permissions on a private CA granted to the AWS Certificate Manager * (ACM) service principal (acm.amazonaws.com).

These permissions allow ACM * to issue and renew ACM certificates that reside in the same AWS account as the * CA. If you revoke these permissions, ACM will no longer renew the affected * certificates automatically.

Permissions can be granted with the CreatePermission * action and listed with the ListPermissions * action.

About Permissions

  • If the * private CA and the certificates it issues reside in the same account, you can * use CreatePermission to grant permissions for ACM to carry out * automatic certificate renewals.

  • For automatic certificate * renewal to succeed, the ACM service principal needs permissions to create, * retrieve, and list certificates.

  • If the private CA and the ACM * certificates reside in different accounts, then permissions cannot be used to * enable automatic renewals. Instead, the ACM certificate owner must set up a * resource-based policy to enable cross-account issuance and renewals. For more * information, see Using a * Resource Based Policy with ACM Private CA.

See * Also:

AWS * API Reference

*/ virtual Model::DeletePermissionOutcome DeletePermission(const Model::DeletePermissionRequest& request) const; /** *

Revokes permissions on a private CA granted to the AWS Certificate Manager * (ACM) service principal (acm.amazonaws.com).

These permissions allow ACM * to issue and renew ACM certificates that reside in the same AWS account as the * CA. If you revoke these permissions, ACM will no longer renew the affected * certificates automatically.

Permissions can be granted with the CreatePermission * action and listed with the ListPermissions * action.

About Permissions

  • If the * private CA and the certificates it issues reside in the same account, you can * use CreatePermission to grant permissions for ACM to carry out * automatic certificate renewals.

  • For automatic certificate * renewal to succeed, the ACM service principal needs permissions to create, * retrieve, and list certificates.

  • If the private CA and the ACM * certificates reside in different accounts, then permissions cannot be used to * enable automatic renewals. Instead, the ACM certificate owner must set up a * resource-based policy to enable cross-account issuance and renewals. For more * information, see Using a * Resource Based Policy with ACM Private CA.

See * Also:

AWS * API Reference

* * returns a future to the operation so that it can be executed in parallel to other requests. */ virtual Model::DeletePermissionOutcomeCallable DeletePermissionCallable(const Model::DeletePermissionRequest& request) const; /** *

Revokes permissions on a private CA granted to the AWS Certificate Manager * (ACM) service principal (acm.amazonaws.com).

These permissions allow ACM * to issue and renew ACM certificates that reside in the same AWS account as the * CA. If you revoke these permissions, ACM will no longer renew the affected * certificates automatically.

Permissions can be granted with the CreatePermission * action and listed with the ListPermissions * action.

About Permissions

  • If the * private CA and the certificates it issues reside in the same account, you can * use CreatePermission to grant permissions for ACM to carry out * automatic certificate renewals.

  • For automatic certificate * renewal to succeed, the ACM service principal needs permissions to create, * retrieve, and list certificates.

  • If the private CA and the ACM * certificates reside in different accounts, then permissions cannot be used to * enable automatic renewals. Instead, the ACM certificate owner must set up a * resource-based policy to enable cross-account issuance and renewals. For more * information, see Using a * Resource Based Policy with ACM Private CA.

See * Also:

AWS * API Reference

* * Queues the request into a thread executor and triggers associated callback when operation has finished. */ virtual void DeletePermissionAsync(const Model::DeletePermissionRequest& request, const DeletePermissionResponseReceivedHandler& handler, const std::shared_ptr& context = nullptr) const; /** *

Deletes the resource-based policy attached to a private CA. Deletion will * remove any access that the policy has granted. If there is no policy attached to * the private CA, this action will return successful.

If you delete a * policy that was applied through AWS Resource Access Manager (RAM), the CA will * be removed from all shares in which it was included.

The AWS Certificate * Manager Service Linked Role that the policy supports is not affected when you * delete the policy.

The current policy can be shown with GetPolicy * and updated with PutPolicy.

*

About Policies

  • A policy grants access * on a private CA to an AWS customer account, to AWS Organizations, or to an AWS * Organizations unit. Policies are under the control of a CA administrator. For * more information, see Using a * Resource Based Policy with ACM Private CA.

  • A policy * permits a user of AWS Certificate Manager (ACM) to issue ACM certificates signed * by a CA in another account.

  • For ACM to manage automatic * renewal of these certificates, the ACM user must configure a Service Linked Role * (SLR). The SLR allows the ACM service to assume the identity of the user, * subject to confirmation against the ACM Private CA policy. For more information, * see Using a * Service Linked Role with ACM.

  • Updates made in AWS Resource * Manager (RAM) are reflected in policies. For more information, see Using AWS Resource Access Manager * (RAM) with ACM Private CA.

See Also:

AWS * API Reference

*/ virtual Model::DeletePolicyOutcome DeletePolicy(const Model::DeletePolicyRequest& request) const; /** *

Deletes the resource-based policy attached to a private CA. Deletion will * remove any access that the policy has granted. If there is no policy attached to * the private CA, this action will return successful.

If you delete a * policy that was applied through AWS Resource Access Manager (RAM), the CA will * be removed from all shares in which it was included.

The AWS Certificate * Manager Service Linked Role that the policy supports is not affected when you * delete the policy.

The current policy can be shown with GetPolicy * and updated with PutPolicy.

*

About Policies

  • A policy grants access * on a private CA to an AWS customer account, to AWS Organizations, or to an AWS * Organizations unit. Policies are under the control of a CA administrator. For * more information, see Using a * Resource Based Policy with ACM Private CA.

  • A policy * permits a user of AWS Certificate Manager (ACM) to issue ACM certificates signed * by a CA in another account.

  • For ACM to manage automatic * renewal of these certificates, the ACM user must configure a Service Linked Role * (SLR). The SLR allows the ACM service to assume the identity of the user, * subject to confirmation against the ACM Private CA policy. For more information, * see Using a * Service Linked Role with ACM.

  • Updates made in AWS Resource * Manager (RAM) are reflected in policies. For more information, see Using AWS Resource Access Manager * (RAM) with ACM Private CA.

See Also:

AWS * API Reference

* * returns a future to the operation so that it can be executed in parallel to other requests. */ virtual Model::DeletePolicyOutcomeCallable DeletePolicyCallable(const Model::DeletePolicyRequest& request) const; /** *

Deletes the resource-based policy attached to a private CA. Deletion will * remove any access that the policy has granted. If there is no policy attached to * the private CA, this action will return successful.

If you delete a * policy that was applied through AWS Resource Access Manager (RAM), the CA will * be removed from all shares in which it was included.

The AWS Certificate * Manager Service Linked Role that the policy supports is not affected when you * delete the policy.

The current policy can be shown with GetPolicy * and updated with PutPolicy.

*

About Policies

  • A policy grants access * on a private CA to an AWS customer account, to AWS Organizations, or to an AWS * Organizations unit. Policies are under the control of a CA administrator. For * more information, see Using a * Resource Based Policy with ACM Private CA.

  • A policy * permits a user of AWS Certificate Manager (ACM) to issue ACM certificates signed * by a CA in another account.

  • For ACM to manage automatic * renewal of these certificates, the ACM user must configure a Service Linked Role * (SLR). The SLR allows the ACM service to assume the identity of the user, * subject to confirmation against the ACM Private CA policy. For more information, * see Using a * Service Linked Role with ACM.

  • Updates made in AWS Resource * Manager (RAM) are reflected in policies. For more information, see Using AWS Resource Access Manager * (RAM) with ACM Private CA.

See Also:

AWS * API Reference

* * Queues the request into a thread executor and triggers associated callback when operation has finished. */ virtual void DeletePolicyAsync(const Model::DeletePolicyRequest& request, const DeletePolicyResponseReceivedHandler& handler, const std::shared_ptr& context = nullptr) const; /** *

Lists information about your private certificate authority (CA) or one that * has been shared with you. You specify the private CA on input by its ARN (Amazon * Resource Name). The output contains the status of your CA. This can be any of * the following:

  • CREATING - ACM Private CA is * creating your private certificate authority.

  • * PENDING_CERTIFICATE - The certificate is pending. You must use your * ACM Private CA-hosted or on-premises root or subordinate CA to sign your private * CA CSR and then import it into PCA.

  • ACTIVE - * Your private CA is active.

  • DISABLED - Your * private CA has been disabled.

  • EXPIRED - Your * private CA certificate has expired.

  • FAILED - * Your private CA has failed. Your CA can fail because of problems such a network * outage or backend AWS failure or other errors. A failed CA can never return to * the pending state. You must create a new CA.

  • * DELETED - Your private CA is within the restoration period, after * which it is permanently deleted. The length of time remaining in the CA's * restoration period is also included in this action's output.

    • *

See Also:

AWS * API Reference

*/ virtual Model::DescribeCertificateAuthorityOutcome DescribeCertificateAuthority(const Model::DescribeCertificateAuthorityRequest& request) const; /** *

Lists information about your private certificate authority (CA) or one that * has been shared with you. You specify the private CA on input by its ARN (Amazon * Resource Name). The output contains the status of your CA. This can be any of * the following:

  • CREATING - ACM Private CA is * creating your private certificate authority.

  • * PENDING_CERTIFICATE - The certificate is pending. You must use your * ACM Private CA-hosted or on-premises root or subordinate CA to sign your private * CA CSR and then import it into PCA.

  • ACTIVE - * Your private CA is active.

  • DISABLED - Your * private CA has been disabled.

  • EXPIRED - Your * private CA certificate has expired.

  • FAILED - * Your private CA has failed. Your CA can fail because of problems such a network * outage or backend AWS failure or other errors. A failed CA can never return to * the pending state. You must create a new CA.

  • * DELETED - Your private CA is within the restoration period, after * which it is permanently deleted. The length of time remaining in the CA's * restoration period is also included in this action's output.

    • *

See Also:

AWS * API Reference

* * returns a future to the operation so that it can be executed in parallel to other requests. */ virtual Model::DescribeCertificateAuthorityOutcomeCallable DescribeCertificateAuthorityCallable(const Model::DescribeCertificateAuthorityRequest& request) const; /** *

Lists information about your private certificate authority (CA) or one that * has been shared with you. You specify the private CA on input by its ARN (Amazon * Resource Name). The output contains the status of your CA. This can be any of * the following:

  • CREATING - ACM Private CA is * creating your private certificate authority.

  • * PENDING_CERTIFICATE - The certificate is pending. You must use your * ACM Private CA-hosted or on-premises root or subordinate CA to sign your private * CA CSR and then import it into PCA.

  • ACTIVE - * Your private CA is active.

  • DISABLED - Your * private CA has been disabled.

  • EXPIRED - Your * private CA certificate has expired.

  • FAILED - * Your private CA has failed. Your CA can fail because of problems such a network * outage or backend AWS failure or other errors. A failed CA can never return to * the pending state. You must create a new CA.

  • * DELETED - Your private CA is within the restoration period, after * which it is permanently deleted. The length of time remaining in the CA's * restoration period is also included in this action's output.

    • *

See Also:

AWS * API Reference

* * Queues the request into a thread executor and triggers associated callback when operation has finished. */ virtual void DescribeCertificateAuthorityAsync(const Model::DescribeCertificateAuthorityRequest& request, const DescribeCertificateAuthorityResponseReceivedHandler& handler, const std::shared_ptr& context = nullptr) const; /** *

Lists information about a specific audit report created by calling the CreateCertificateAuthorityAuditReport * action. Audit information is created every time the certificate authority (CA) * private key is used. The private key is used when you call the IssueCertificate * action or the RevokeCertificate * action.

See Also:

AWS * API Reference

*/ virtual Model::DescribeCertificateAuthorityAuditReportOutcome DescribeCertificateAuthorityAuditReport(const Model::DescribeCertificateAuthorityAuditReportRequest& request) const; /** *

Lists information about a specific audit report created by calling the CreateCertificateAuthorityAuditReport * action. Audit information is created every time the certificate authority (CA) * private key is used. The private key is used when you call the IssueCertificate * action or the RevokeCertificate * action.

See Also:

AWS * API Reference

* * returns a future to the operation so that it can be executed in parallel to other requests. */ virtual Model::DescribeCertificateAuthorityAuditReportOutcomeCallable DescribeCertificateAuthorityAuditReportCallable(const Model::DescribeCertificateAuthorityAuditReportRequest& request) const; /** *

Lists information about a specific audit report created by calling the CreateCertificateAuthorityAuditReport * action. Audit information is created every time the certificate authority (CA) * private key is used. The private key is used when you call the IssueCertificate * action or the RevokeCertificate * action.

See Also:

AWS * API Reference

* * Queues the request into a thread executor and triggers associated callback when operation has finished. */ virtual void DescribeCertificateAuthorityAuditReportAsync(const Model::DescribeCertificateAuthorityAuditReportRequest& request, const DescribeCertificateAuthorityAuditReportResponseReceivedHandler& handler, const std::shared_ptr& context = nullptr) const; /** *

Retrieves a certificate from your private CA or one that has been shared with * you. The ARN of the certificate is returned when you call the IssueCertificate * action. You must specify both the ARN of your private CA and the ARN of the * issued certificate when calling the GetCertificate action. You can * retrieve the certificate if it is in the ISSUED state. You can call the * CreateCertificateAuthorityAuditReport * action to create a report that contains information about all of the * certificates issued and revoked by your private CA.

See Also:

* AWS * API Reference

*/ virtual Model::GetCertificateOutcome GetCertificate(const Model::GetCertificateRequest& request) const; /** *

Retrieves a certificate from your private CA or one that has been shared with * you. The ARN of the certificate is returned when you call the IssueCertificate * action. You must specify both the ARN of your private CA and the ARN of the * issued certificate when calling the GetCertificate action. You can * retrieve the certificate if it is in the ISSUED state. You can call the * CreateCertificateAuthorityAuditReport * action to create a report that contains information about all of the * certificates issued and revoked by your private CA.

See Also:

* AWS * API Reference

* * returns a future to the operation so that it can be executed in parallel to other requests. */ virtual Model::GetCertificateOutcomeCallable GetCertificateCallable(const Model::GetCertificateRequest& request) const; /** *

Retrieves a certificate from your private CA or one that has been shared with * you. The ARN of the certificate is returned when you call the IssueCertificate * action. You must specify both the ARN of your private CA and the ARN of the * issued certificate when calling the GetCertificate action. You can * retrieve the certificate if it is in the ISSUED state. You can call the * CreateCertificateAuthorityAuditReport * action to create a report that contains information about all of the * certificates issued and revoked by your private CA.

See Also:

* AWS * API Reference

* * Queues the request into a thread executor and triggers associated callback when operation has finished. */ virtual void GetCertificateAsync(const Model::GetCertificateRequest& request, const GetCertificateResponseReceivedHandler& handler, const std::shared_ptr& context = nullptr) const; /** *

Retrieves the certificate and certificate chain for your private certificate * authority (CA) or one that has been shared with you. Both the certificate and * the chain are base64 PEM-encoded. The chain does not include the CA certificate. * Each certificate in the chain signs the one before it.

See Also:

* AWS * API Reference

*/ virtual Model::GetCertificateAuthorityCertificateOutcome GetCertificateAuthorityCertificate(const Model::GetCertificateAuthorityCertificateRequest& request) const; /** *

Retrieves the certificate and certificate chain for your private certificate * authority (CA) or one that has been shared with you. Both the certificate and * the chain are base64 PEM-encoded. The chain does not include the CA certificate. * Each certificate in the chain signs the one before it.

See Also:

* AWS * API Reference

* * returns a future to the operation so that it can be executed in parallel to other requests. */ virtual Model::GetCertificateAuthorityCertificateOutcomeCallable GetCertificateAuthorityCertificateCallable(const Model::GetCertificateAuthorityCertificateRequest& request) const; /** *

Retrieves the certificate and certificate chain for your private certificate * authority (CA) or one that has been shared with you. Both the certificate and * the chain are base64 PEM-encoded. The chain does not include the CA certificate. * Each certificate in the chain signs the one before it.

See Also:

* AWS * API Reference

* * Queues the request into a thread executor and triggers associated callback when operation has finished. */ virtual void GetCertificateAuthorityCertificateAsync(const Model::GetCertificateAuthorityCertificateRequest& request, const GetCertificateAuthorityCertificateResponseReceivedHandler& handler, const std::shared_ptr& context = nullptr) const; /** *

Retrieves the certificate signing request (CSR) for your private certificate * authority (CA). The CSR is created when you call the CreateCertificateAuthority * action. Sign the CSR with your ACM Private CA-hosted or on-premises root or * subordinate CA. Then import the signed certificate back into ACM Private CA by * calling the ImportCertificateAuthorityCertificate * action. The CSR is returned as a base64 PEM-encoded string.

See * Also:

AWS * API Reference

*/ virtual Model::GetCertificateAuthorityCsrOutcome GetCertificateAuthorityCsr(const Model::GetCertificateAuthorityCsrRequest& request) const; /** *

Retrieves the certificate signing request (CSR) for your private certificate * authority (CA). The CSR is created when you call the CreateCertificateAuthority * action. Sign the CSR with your ACM Private CA-hosted or on-premises root or * subordinate CA. Then import the signed certificate back into ACM Private CA by * calling the ImportCertificateAuthorityCertificate * action. The CSR is returned as a base64 PEM-encoded string.

See * Also:

AWS * API Reference

* * returns a future to the operation so that it can be executed in parallel to other requests. */ virtual Model::GetCertificateAuthorityCsrOutcomeCallable GetCertificateAuthorityCsrCallable(const Model::GetCertificateAuthorityCsrRequest& request) const; /** *

Retrieves the certificate signing request (CSR) for your private certificate * authority (CA). The CSR is created when you call the CreateCertificateAuthority * action. Sign the CSR with your ACM Private CA-hosted or on-premises root or * subordinate CA. Then import the signed certificate back into ACM Private CA by * calling the ImportCertificateAuthorityCertificate * action. The CSR is returned as a base64 PEM-encoded string.

See * Also:

AWS * API Reference

* * Queues the request into a thread executor and triggers associated callback when operation has finished. */ virtual void GetCertificateAuthorityCsrAsync(const Model::GetCertificateAuthorityCsrRequest& request, const GetCertificateAuthorityCsrResponseReceivedHandler& handler, const std::shared_ptr& context = nullptr) const; /** *

Retrieves the resource-based policy attached to a private CA. If either the * private CA resource or the policy cannot be found, this action returns a * ResourceNotFoundException.

The policy can be attached or * updated with PutPolicy * and removed with DeletePolicy.

*

About Policies

  • A policy grants access * on a private CA to an AWS customer account, to AWS Organizations, or to an AWS * Organizations unit. Policies are under the control of a CA administrator. For * more information, see Using a * Resource Based Policy with ACM Private CA.

  • A policy * permits a user of AWS Certificate Manager (ACM) to issue ACM certificates signed * by a CA in another account.

  • For ACM to manage automatic * renewal of these certificates, the ACM user must configure a Service Linked Role * (SLR). The SLR allows the ACM service to assume the identity of the user, * subject to confirmation against the ACM Private CA policy. For more information, * see Using a * Service Linked Role with ACM.

  • Updates made in AWS Resource * Manager (RAM) are reflected in policies. For more information, see Using AWS Resource Access Manager * (RAM) with ACM Private CA.

See Also:

AWS * API Reference

*/ virtual Model::GetPolicyOutcome GetPolicy(const Model::GetPolicyRequest& request) const; /** *

Retrieves the resource-based policy attached to a private CA. If either the * private CA resource or the policy cannot be found, this action returns a * ResourceNotFoundException.

The policy can be attached or * updated with PutPolicy * and removed with DeletePolicy.

*

About Policies

  • A policy grants access * on a private CA to an AWS customer account, to AWS Organizations, or to an AWS * Organizations unit. Policies are under the control of a CA administrator. For * more information, see Using a * Resource Based Policy with ACM Private CA.

  • A policy * permits a user of AWS Certificate Manager (ACM) to issue ACM certificates signed * by a CA in another account.

  • For ACM to manage automatic * renewal of these certificates, the ACM user must configure a Service Linked Role * (SLR). The SLR allows the ACM service to assume the identity of the user, * subject to confirmation against the ACM Private CA policy. For more information, * see Using a * Service Linked Role with ACM.

  • Updates made in AWS Resource * Manager (RAM) are reflected in policies. For more information, see Using AWS Resource Access Manager * (RAM) with ACM Private CA.

See Also:

AWS * API Reference

* * returns a future to the operation so that it can be executed in parallel to other requests. */ virtual Model::GetPolicyOutcomeCallable GetPolicyCallable(const Model::GetPolicyRequest& request) const; /** *

Retrieves the resource-based policy attached to a private CA. If either the * private CA resource or the policy cannot be found, this action returns a * ResourceNotFoundException.

The policy can be attached or * updated with PutPolicy * and removed with DeletePolicy.

*

About Policies

  • A policy grants access * on a private CA to an AWS customer account, to AWS Organizations, or to an AWS * Organizations unit. Policies are under the control of a CA administrator. For * more information, see Using a * Resource Based Policy with ACM Private CA.

  • A policy * permits a user of AWS Certificate Manager (ACM) to issue ACM certificates signed * by a CA in another account.

  • For ACM to manage automatic * renewal of these certificates, the ACM user must configure a Service Linked Role * (SLR). The SLR allows the ACM service to assume the identity of the user, * subject to confirmation against the ACM Private CA policy. For more information, * see Using a * Service Linked Role with ACM.

  • Updates made in AWS Resource * Manager (RAM) are reflected in policies. For more information, see Using AWS Resource Access Manager * (RAM) with ACM Private CA.

See Also:

AWS * API Reference

* * Queues the request into a thread executor and triggers associated callback when operation has finished. */ virtual void GetPolicyAsync(const Model::GetPolicyRequest& request, const GetPolicyResponseReceivedHandler& handler, const std::shared_ptr& context = nullptr) const; /** *

Imports a signed private CA certificate into ACM Private CA. This action is * used when you are using a chain of trust whose root is located outside ACM * Private CA. Before you can call this action, the following preparations must in * place:

  1. In ACM Private CA, call the CreateCertificateAuthority * action to create the private CA that that you plan to back with the imported * certificate.

  2. Call the GetCertificateAuthorityCsr * action to generate a certificate signing request (CSR).

  3. Sign * the CSR using a root or intermediate CA hosted by either an on-premises PKI * hierarchy or by a commercial CA.

  4. Create a certificate chain * and copy the signed certificate and the certificate chain to your working * directory.

The following requirements apply when you import a * CA certificate.

  • You cannot import a non-self-signed certificate * for use as a root CA.

  • You cannot import a self-signed * certificate for use as a subordinate CA.

  • Your certificate * chain must not include the private CA certificate that you are importing.

    *

  • Your ACM Private CA-hosted or on-premises CA certificate must be * the last certificate in your chain. The subordinate certificate, if any, that * your root CA signed must be next to last. The subordinate certificate signed by * the preceding subordinate CA must come next, and so on until your chain is * built.

  • The chain must be PEM-encoded.

  • The * maximum allowed size of a certificate is 32 KB.

  • The maximum * allowed size of a certificate chain is 2 MB.

Enforcement * of Critical Constraints

ACM Private CA allows the following * extensions to be marked critical in the imported CA certificate or chain.

*

  • Basic constraints (must be marked critical)

  • *

    Subject alternative names

  • Key usage

  • *

    Extended key usage

  • Authority key identifier

  • *

    Subject key identifier

  • Issuer alternative name

    • *

  • Subject directory attributes

  • Subject information * access

  • Certificate policies

  • Policy * mappings

  • Inhibit anyPolicy

ACM Private CA * rejects the following extensions when they are marked critical in an imported CA * certificate or chain.

  • Name constraints

  • Policy * constraints

  • CRL distribution points

  • *

    Authority information access

  • Freshest CRL

  • *

    Any other extension

See Also:

AWS * API Reference

*/ virtual Model::ImportCertificateAuthorityCertificateOutcome ImportCertificateAuthorityCertificate(const Model::ImportCertificateAuthorityCertificateRequest& request) const; /** *

Imports a signed private CA certificate into ACM Private CA. This action is * used when you are using a chain of trust whose root is located outside ACM * Private CA. Before you can call this action, the following preparations must in * place:

  1. In ACM Private CA, call the CreateCertificateAuthority * action to create the private CA that that you plan to back with the imported * certificate.

  2. Call the GetCertificateAuthorityCsr * action to generate a certificate signing request (CSR).

  3. Sign * the CSR using a root or intermediate CA hosted by either an on-premises PKI * hierarchy or by a commercial CA.

  4. Create a certificate chain * and copy the signed certificate and the certificate chain to your working * directory.

The following requirements apply when you import a * CA certificate.

  • You cannot import a non-self-signed certificate * for use as a root CA.

  • You cannot import a self-signed * certificate for use as a subordinate CA.

  • Your certificate * chain must not include the private CA certificate that you are importing.

    *

  • Your ACM Private CA-hosted or on-premises CA certificate must be * the last certificate in your chain. The subordinate certificate, if any, that * your root CA signed must be next to last. The subordinate certificate signed by * the preceding subordinate CA must come next, and so on until your chain is * built.

  • The chain must be PEM-encoded.

  • The * maximum allowed size of a certificate is 32 KB.

  • The maximum * allowed size of a certificate chain is 2 MB.

Enforcement * of Critical Constraints

ACM Private CA allows the following * extensions to be marked critical in the imported CA certificate or chain.

*

  • Basic constraints (must be marked critical)

  • *

    Subject alternative names

  • Key usage

  • *

    Extended key usage

  • Authority key identifier

  • *

    Subject key identifier

  • Issuer alternative name

    • *

  • Subject directory attributes

  • Subject information * access

  • Certificate policies

  • Policy * mappings

  • Inhibit anyPolicy

ACM Private CA * rejects the following extensions when they are marked critical in an imported CA * certificate or chain.

  • Name constraints

  • Policy * constraints

  • CRL distribution points

  • *

    Authority information access

  • Freshest CRL

  • *

    Any other extension

See Also:

AWS * API Reference

* * returns a future to the operation so that it can be executed in parallel to other requests. */ virtual Model::ImportCertificateAuthorityCertificateOutcomeCallable ImportCertificateAuthorityCertificateCallable(const Model::ImportCertificateAuthorityCertificateRequest& request) const; /** *

Imports a signed private CA certificate into ACM Private CA. This action is * used when you are using a chain of trust whose root is located outside ACM * Private CA. Before you can call this action, the following preparations must in * place:

  1. In ACM Private CA, call the CreateCertificateAuthority * action to create the private CA that that you plan to back with the imported * certificate.

  2. Call the GetCertificateAuthorityCsr * action to generate a certificate signing request (CSR).

  3. Sign * the CSR using a root or intermediate CA hosted by either an on-premises PKI * hierarchy or by a commercial CA.

  4. Create a certificate chain * and copy the signed certificate and the certificate chain to your working * directory.

The following requirements apply when you import a * CA certificate.

  • You cannot import a non-self-signed certificate * for use as a root CA.

  • You cannot import a self-signed * certificate for use as a subordinate CA.

  • Your certificate * chain must not include the private CA certificate that you are importing.

    *

  • Your ACM Private CA-hosted or on-premises CA certificate must be * the last certificate in your chain. The subordinate certificate, if any, that * your root CA signed must be next to last. The subordinate certificate signed by * the preceding subordinate CA must come next, and so on until your chain is * built.

  • The chain must be PEM-encoded.

  • The * maximum allowed size of a certificate is 32 KB.

  • The maximum * allowed size of a certificate chain is 2 MB.

Enforcement * of Critical Constraints

ACM Private CA allows the following * extensions to be marked critical in the imported CA certificate or chain.

*

  • Basic constraints (must be marked critical)

  • *

    Subject alternative names

  • Key usage

  • *

    Extended key usage

  • Authority key identifier

  • *

    Subject key identifier

  • Issuer alternative name

    • *

  • Subject directory attributes

  • Subject information * access

  • Certificate policies

  • Policy * mappings

  • Inhibit anyPolicy

ACM Private CA * rejects the following extensions when they are marked critical in an imported CA * certificate or chain.

  • Name constraints

  • Policy * constraints

  • CRL distribution points

  • *

    Authority information access

  • Freshest CRL

  • *

    Any other extension

See Also:

AWS * API Reference

* * Queues the request into a thread executor and triggers associated callback when operation has finished. */ virtual void ImportCertificateAuthorityCertificateAsync(const Model::ImportCertificateAuthorityCertificateRequest& request, const ImportCertificateAuthorityCertificateResponseReceivedHandler& handler, const std::shared_ptr& context = nullptr) const; /** *

Uses your private certificate authority (CA), or one that has been shared * with you, to issue a client certificate. This action returns the Amazon Resource * Name (ARN) of the certificate. You can retrieve the certificate by calling the * GetCertificate * action and specifying the ARN.

You cannot use the ACM * ListCertificateAuthorities action to retrieve the ARNs of the * certificates that you issue by using ACM Private CA.

See * Also:

AWS * API Reference

*/ virtual Model::IssueCertificateOutcome IssueCertificate(const Model::IssueCertificateRequest& request) const; /** *

Uses your private certificate authority (CA), or one that has been shared * with you, to issue a client certificate. This action returns the Amazon Resource * Name (ARN) of the certificate. You can retrieve the certificate by calling the * GetCertificate * action and specifying the ARN.

You cannot use the ACM * ListCertificateAuthorities action to retrieve the ARNs of the * certificates that you issue by using ACM Private CA.

See * Also:

AWS * API Reference

* * returns a future to the operation so that it can be executed in parallel to other requests. */ virtual Model::IssueCertificateOutcomeCallable IssueCertificateCallable(const Model::IssueCertificateRequest& request) const; /** *

Uses your private certificate authority (CA), or one that has been shared * with you, to issue a client certificate. This action returns the Amazon Resource * Name (ARN) of the certificate. You can retrieve the certificate by calling the * GetCertificate * action and specifying the ARN.

You cannot use the ACM * ListCertificateAuthorities action to retrieve the ARNs of the * certificates that you issue by using ACM Private CA.

See * Also:

AWS * API Reference

* * Queues the request into a thread executor and triggers associated callback when operation has finished. */ virtual void IssueCertificateAsync(const Model::IssueCertificateRequest& request, const IssueCertificateResponseReceivedHandler& handler, const std::shared_ptr& context = nullptr) const; /** *

Lists the private certificate authorities that you created by using the CreateCertificateAuthority * action.

See Also:

AWS * API Reference

*/ virtual Model::ListCertificateAuthoritiesOutcome ListCertificateAuthorities(const Model::ListCertificateAuthoritiesRequest& request) const; /** *

Lists the private certificate authorities that you created by using the CreateCertificateAuthority * action.

See Also:

AWS * API Reference

* * returns a future to the operation so that it can be executed in parallel to other requests. */ virtual Model::ListCertificateAuthoritiesOutcomeCallable ListCertificateAuthoritiesCallable(const Model::ListCertificateAuthoritiesRequest& request) const; /** *

Lists the private certificate authorities that you created by using the CreateCertificateAuthority * action.

See Also:

AWS * API Reference

* * Queues the request into a thread executor and triggers associated callback when operation has finished. */ virtual void ListCertificateAuthoritiesAsync(const Model::ListCertificateAuthoritiesRequest& request, const ListCertificateAuthoritiesResponseReceivedHandler& handler, const std::shared_ptr& context = nullptr) const; /** *

List all permissions on a private CA, if any, granted to the AWS Certificate * Manager (ACM) service principal (acm.amazonaws.com).

These permissions * allow ACM to issue and renew ACM certificates that reside in the same AWS * account as the CA.

Permissions can be granted with the CreatePermission * action and revoked with the DeletePermission * action.

About Permissions

  • If the * private CA and the certificates it issues reside in the same account, you can * use CreatePermission to grant permissions for ACM to carry out * automatic certificate renewals.

  • For automatic certificate * renewal to succeed, the ACM service principal needs permissions to create, * retrieve, and list certificates.

  • If the private CA and the ACM * certificates reside in different accounts, then permissions cannot be used to * enable automatic renewals. Instead, the ACM certificate owner must set up a * resource-based policy to enable cross-account issuance and renewals. For more * information, see Using a * Resource Based Policy with ACM Private CA.

See * Also:

AWS * API Reference

*/ virtual Model::ListPermissionsOutcome ListPermissions(const Model::ListPermissionsRequest& request) const; /** *

List all permissions on a private CA, if any, granted to the AWS Certificate * Manager (ACM) service principal (acm.amazonaws.com).

These permissions * allow ACM to issue and renew ACM certificates that reside in the same AWS * account as the CA.

Permissions can be granted with the CreatePermission * action and revoked with the DeletePermission * action.

About Permissions

  • If the * private CA and the certificates it issues reside in the same account, you can * use CreatePermission to grant permissions for ACM to carry out * automatic certificate renewals.

  • For automatic certificate * renewal to succeed, the ACM service principal needs permissions to create, * retrieve, and list certificates.

  • If the private CA and the ACM * certificates reside in different accounts, then permissions cannot be used to * enable automatic renewals. Instead, the ACM certificate owner must set up a * resource-based policy to enable cross-account issuance and renewals. For more * information, see Using a * Resource Based Policy with ACM Private CA.

See * Also:

AWS * API Reference

* * returns a future to the operation so that it can be executed in parallel to other requests. */ virtual Model::ListPermissionsOutcomeCallable ListPermissionsCallable(const Model::ListPermissionsRequest& request) const; /** *

List all permissions on a private CA, if any, granted to the AWS Certificate * Manager (ACM) service principal (acm.amazonaws.com).

These permissions * allow ACM to issue and renew ACM certificates that reside in the same AWS * account as the CA.

Permissions can be granted with the CreatePermission * action and revoked with the DeletePermission * action.

About Permissions

  • If the * private CA and the certificates it issues reside in the same account, you can * use CreatePermission to grant permissions for ACM to carry out * automatic certificate renewals.

  • For automatic certificate * renewal to succeed, the ACM service principal needs permissions to create, * retrieve, and list certificates.

  • If the private CA and the ACM * certificates reside in different accounts, then permissions cannot be used to * enable automatic renewals. Instead, the ACM certificate owner must set up a * resource-based policy to enable cross-account issuance and renewals. For more * information, see Using a * Resource Based Policy with ACM Private CA.

See * Also:

AWS * API Reference

* * Queues the request into a thread executor and triggers associated callback when operation has finished. */ virtual void ListPermissionsAsync(const Model::ListPermissionsRequest& request, const ListPermissionsResponseReceivedHandler& handler, const std::shared_ptr& context = nullptr) const; /** *

Lists the tags, if any, that are associated with your private CA or one that * has been shared with you. Tags are labels that you can use to identify and * organize your CAs. Each tag consists of a key and an optional value. Call the TagCertificateAuthority * action to add one or more tags to your CA. Call the UntagCertificateAuthority * action to remove tags.

See Also:

AWS * API Reference

*/ virtual Model::ListTagsOutcome ListTags(const Model::ListTagsRequest& request) const; /** *

Lists the tags, if any, that are associated with your private CA or one that * has been shared with you. Tags are labels that you can use to identify and * organize your CAs. Each tag consists of a key and an optional value. Call the TagCertificateAuthority * action to add one or more tags to your CA. Call the UntagCertificateAuthority * action to remove tags.

See Also:

AWS * API Reference

* * returns a future to the operation so that it can be executed in parallel to other requests. */ virtual Model::ListTagsOutcomeCallable ListTagsCallable(const Model::ListTagsRequest& request) const; /** *

Lists the tags, if any, that are associated with your private CA or one that * has been shared with you. Tags are labels that you can use to identify and * organize your CAs. Each tag consists of a key and an optional value. Call the TagCertificateAuthority * action to add one or more tags to your CA. Call the UntagCertificateAuthority * action to remove tags.

See Also:

AWS * API Reference

* * Queues the request into a thread executor and triggers associated callback when operation has finished. */ virtual void ListTagsAsync(const Model::ListTagsRequest& request, const ListTagsResponseReceivedHandler& handler, const std::shared_ptr& context = nullptr) const; /** *

Attaches a resource-based policy to a private CA.

A policy can also * be applied by sharing * a private CA through AWS Resource Access Manager (RAM).

The policy can be * displayed with GetPolicy * and removed with DeletePolicy.

*

About Policies

  • A policy grants access * on a private CA to an AWS customer account, to AWS Organizations, or to an AWS * Organizations unit. Policies are under the control of a CA administrator. For * more information, see Using a * Resource Based Policy with ACM Private CA.

  • A policy * permits a user of AWS Certificate Manager (ACM) to issue ACM certificates signed * by a CA in another account.

  • For ACM to manage automatic * renewal of these certificates, the ACM user must configure a Service Linked Role * (SLR). The SLR allows the ACM service to assume the identity of the user, * subject to confirmation against the ACM Private CA policy. For more information, * see Using a * Service Linked Role with ACM.

  • Updates made in AWS Resource * Manager (RAM) are reflected in policies. For more information, see Using AWS Resource Access Manager * (RAM) with ACM Private CA.

See Also:

AWS * API Reference

*/ virtual Model::PutPolicyOutcome PutPolicy(const Model::PutPolicyRequest& request) const; /** *

Attaches a resource-based policy to a private CA.

A policy can also * be applied by sharing * a private CA through AWS Resource Access Manager (RAM).

The policy can be * displayed with GetPolicy * and removed with DeletePolicy.

*

About Policies

  • A policy grants access * on a private CA to an AWS customer account, to AWS Organizations, or to an AWS * Organizations unit. Policies are under the control of a CA administrator. For * more information, see Using a * Resource Based Policy with ACM Private CA.

  • A policy * permits a user of AWS Certificate Manager (ACM) to issue ACM certificates signed * by a CA in another account.

  • For ACM to manage automatic * renewal of these certificates, the ACM user must configure a Service Linked Role * (SLR). The SLR allows the ACM service to assume the identity of the user, * subject to confirmation against the ACM Private CA policy. For more information, * see Using a * Service Linked Role with ACM.

  • Updates made in AWS Resource * Manager (RAM) are reflected in policies. For more information, see Using AWS Resource Access Manager * (RAM) with ACM Private CA.

See Also:

AWS * API Reference

* * returns a future to the operation so that it can be executed in parallel to other requests. */ virtual Model::PutPolicyOutcomeCallable PutPolicyCallable(const Model::PutPolicyRequest& request) const; /** *

Attaches a resource-based policy to a private CA.

A policy can also * be applied by sharing * a private CA through AWS Resource Access Manager (RAM).

The policy can be * displayed with GetPolicy * and removed with DeletePolicy.

*

About Policies

  • A policy grants access * on a private CA to an AWS customer account, to AWS Organizations, or to an AWS * Organizations unit. Policies are under the control of a CA administrator. For * more information, see Using a * Resource Based Policy with ACM Private CA.

  • A policy * permits a user of AWS Certificate Manager (ACM) to issue ACM certificates signed * by a CA in another account.

  • For ACM to manage automatic * renewal of these certificates, the ACM user must configure a Service Linked Role * (SLR). The SLR allows the ACM service to assume the identity of the user, * subject to confirmation against the ACM Private CA policy. For more information, * see Using a * Service Linked Role with ACM.

  • Updates made in AWS Resource * Manager (RAM) are reflected in policies. For more information, see Using AWS Resource Access Manager * (RAM) with ACM Private CA.

See Also:

AWS * API Reference

* * Queues the request into a thread executor and triggers associated callback when operation has finished. */ virtual void PutPolicyAsync(const Model::PutPolicyRequest& request, const PutPolicyResponseReceivedHandler& handler, const std::shared_ptr& context = nullptr) const; /** *

Restores a certificate authority (CA) that is in the DELETED * state. You can restore a CA during the period that you defined in the * PermanentDeletionTimeInDays parameter of the DeleteCertificateAuthority * action. Currently, you can specify 7 to 30 days. If you did not specify a * PermanentDeletionTimeInDays value, by default you can restore the CA at * any time in a 30 day period. You can check the time remaining in the restoration * period of a private CA in the DELETED state by calling the DescribeCertificateAuthority * or ListCertificateAuthorities * actions. The status of a restored CA is set to its pre-deletion status when the * RestoreCertificateAuthority action returns. To change its status to * ACTIVE, call the UpdateCertificateAuthority * action. If the private CA was in the PENDING_CERTIFICATE state at * deletion, you must use the ImportCertificateAuthorityCertificate * action to import a certificate authority into the private CA before it can be * activated. You cannot restore a CA after the restoration period has * ended.

See Also:

AWS * API Reference

*/ virtual Model::RestoreCertificateAuthorityOutcome RestoreCertificateAuthority(const Model::RestoreCertificateAuthorityRequest& request) const; /** *

Restores a certificate authority (CA) that is in the DELETED * state. You can restore a CA during the period that you defined in the * PermanentDeletionTimeInDays parameter of the DeleteCertificateAuthority * action. Currently, you can specify 7 to 30 days. If you did not specify a * PermanentDeletionTimeInDays value, by default you can restore the CA at * any time in a 30 day period. You can check the time remaining in the restoration * period of a private CA in the DELETED state by calling the DescribeCertificateAuthority * or ListCertificateAuthorities * actions. The status of a restored CA is set to its pre-deletion status when the * RestoreCertificateAuthority action returns. To change its status to * ACTIVE, call the UpdateCertificateAuthority * action. If the private CA was in the PENDING_CERTIFICATE state at * deletion, you must use the ImportCertificateAuthorityCertificate * action to import a certificate authority into the private CA before it can be * activated. You cannot restore a CA after the restoration period has * ended.

See Also:

AWS * API Reference

* * returns a future to the operation so that it can be executed in parallel to other requests. */ virtual Model::RestoreCertificateAuthorityOutcomeCallable RestoreCertificateAuthorityCallable(const Model::RestoreCertificateAuthorityRequest& request) const; /** *

Restores a certificate authority (CA) that is in the DELETED * state. You can restore a CA during the period that you defined in the * PermanentDeletionTimeInDays parameter of the DeleteCertificateAuthority * action. Currently, you can specify 7 to 30 days. If you did not specify a * PermanentDeletionTimeInDays value, by default you can restore the CA at * any time in a 30 day period. You can check the time remaining in the restoration * period of a private CA in the DELETED state by calling the DescribeCertificateAuthority * or ListCertificateAuthorities * actions. The status of a restored CA is set to its pre-deletion status when the * RestoreCertificateAuthority action returns. To change its status to * ACTIVE, call the UpdateCertificateAuthority * action. If the private CA was in the PENDING_CERTIFICATE state at * deletion, you must use the ImportCertificateAuthorityCertificate * action to import a certificate authority into the private CA before it can be * activated. You cannot restore a CA after the restoration period has * ended.

See Also:

AWS * API Reference

* * Queues the request into a thread executor and triggers associated callback when operation has finished. */ virtual void RestoreCertificateAuthorityAsync(const Model::RestoreCertificateAuthorityRequest& request, const RestoreCertificateAuthorityResponseReceivedHandler& handler, const std::shared_ptr& context = nullptr) const; /** *

Revokes a certificate that was issued inside ACM Private CA. If you enable a * certificate revocation list (CRL) when you create or update your private CA, * information about the revoked certificates will be included in the CRL. ACM * Private CA writes the CRL to an S3 bucket that you specify. A CRL is typically * updated approximately 30 minutes after a certificate is revoked. If for any * reason the CRL update fails, ACM Private CA attempts makes further attempts * every 15 minutes. With Amazon CloudWatch, you can create alarms for the metrics * CRLGenerated and MisconfiguredCRLBucket. For more * information, see Supported * CloudWatch Metrics.

Both PCA and the IAM principal must have * permission to write to the S3 bucket that you specify. If the IAM principal * making the call does not have permission to write to the bucket, then an * exception is thrown. For more information, see Configure * Access to ACM Private CA.

ACM Private CA also writes * revocation information to the audit report. For more information, see CreateCertificateAuthorityAuditReport.

*

You cannot revoke a root CA self-signed certificate.

*

See Also:

AWS * API Reference

*/ virtual Model::RevokeCertificateOutcome RevokeCertificate(const Model::RevokeCertificateRequest& request) const; /** *

Revokes a certificate that was issued inside ACM Private CA. If you enable a * certificate revocation list (CRL) when you create or update your private CA, * information about the revoked certificates will be included in the CRL. ACM * Private CA writes the CRL to an S3 bucket that you specify. A CRL is typically * updated approximately 30 minutes after a certificate is revoked. If for any * reason the CRL update fails, ACM Private CA attempts makes further attempts * every 15 minutes. With Amazon CloudWatch, you can create alarms for the metrics * CRLGenerated and MisconfiguredCRLBucket. For more * information, see Supported * CloudWatch Metrics.

Both PCA and the IAM principal must have * permission to write to the S3 bucket that you specify. If the IAM principal * making the call does not have permission to write to the bucket, then an * exception is thrown. For more information, see Configure * Access to ACM Private CA.

ACM Private CA also writes * revocation information to the audit report. For more information, see CreateCertificateAuthorityAuditReport.

*

You cannot revoke a root CA self-signed certificate.

*

See Also:

AWS * API Reference

* * returns a future to the operation so that it can be executed in parallel to other requests. */ virtual Model::RevokeCertificateOutcomeCallable RevokeCertificateCallable(const Model::RevokeCertificateRequest& request) const; /** *

Revokes a certificate that was issued inside ACM Private CA. If you enable a * certificate revocation list (CRL) when you create or update your private CA, * information about the revoked certificates will be included in the CRL. ACM * Private CA writes the CRL to an S3 bucket that you specify. A CRL is typically * updated approximately 30 minutes after a certificate is revoked. If for any * reason the CRL update fails, ACM Private CA attempts makes further attempts * every 15 minutes. With Amazon CloudWatch, you can create alarms for the metrics * CRLGenerated and MisconfiguredCRLBucket. For more * information, see Supported * CloudWatch Metrics.

Both PCA and the IAM principal must have * permission to write to the S3 bucket that you specify. If the IAM principal * making the call does not have permission to write to the bucket, then an * exception is thrown. For more information, see Configure * Access to ACM Private CA.

ACM Private CA also writes * revocation information to the audit report. For more information, see CreateCertificateAuthorityAuditReport.

*

You cannot revoke a root CA self-signed certificate.

*

See Also:

AWS * API Reference

* * Queues the request into a thread executor and triggers associated callback when operation has finished. */ virtual void RevokeCertificateAsync(const Model::RevokeCertificateRequest& request, const RevokeCertificateResponseReceivedHandler& handler, const std::shared_ptr& context = nullptr) const; /** *

Adds one or more tags to your private CA. Tags are labels that you can use to * identify and organize your AWS resources. Each tag consists of a key and an * optional value. You specify the private CA on input by its Amazon Resource Name * (ARN). You specify the tag by using a key-value pair. You can apply a tag to * just one private CA if you want to identify a specific characteristic of that * CA, or you can apply the same tag to multiple private CAs if you want to filter * for a common relationship among those CAs. To remove one or more tags, use the * UntagCertificateAuthority * action. Call the ListTags * action to see what tags are associated with your CA.

See Also:

* AWS * API Reference

*/ virtual Model::TagCertificateAuthorityOutcome TagCertificateAuthority(const Model::TagCertificateAuthorityRequest& request) const; /** *

Adds one or more tags to your private CA. Tags are labels that you can use to * identify and organize your AWS resources. Each tag consists of a key and an * optional value. You specify the private CA on input by its Amazon Resource Name * (ARN). You specify the tag by using a key-value pair. You can apply a tag to * just one private CA if you want to identify a specific characteristic of that * CA, or you can apply the same tag to multiple private CAs if you want to filter * for a common relationship among those CAs. To remove one or more tags, use the * UntagCertificateAuthority * action. Call the ListTags * action to see what tags are associated with your CA.

See Also:

* AWS * API Reference

* * returns a future to the operation so that it can be executed in parallel to other requests. */ virtual Model::TagCertificateAuthorityOutcomeCallable TagCertificateAuthorityCallable(const Model::TagCertificateAuthorityRequest& request) const; /** *

Adds one or more tags to your private CA. Tags are labels that you can use to * identify and organize your AWS resources. Each tag consists of a key and an * optional value. You specify the private CA on input by its Amazon Resource Name * (ARN). You specify the tag by using a key-value pair. You can apply a tag to * just one private CA if you want to identify a specific characteristic of that * CA, or you can apply the same tag to multiple private CAs if you want to filter * for a common relationship among those CAs. To remove one or more tags, use the * UntagCertificateAuthority * action. Call the ListTags * action to see what tags are associated with your CA.

See Also:

* AWS * API Reference

* * Queues the request into a thread executor and triggers associated callback when operation has finished. */ virtual void TagCertificateAuthorityAsync(const Model::TagCertificateAuthorityRequest& request, const TagCertificateAuthorityResponseReceivedHandler& handler, const std::shared_ptr& context = nullptr) const; /** *

Remove one or more tags from your private CA. A tag consists of a key-value * pair. If you do not specify the value portion of the tag when calling this * action, the tag will be removed regardless of value. If you specify a value, the * tag is removed only if it is associated with the specified value. To add tags to * a private CA, use the TagCertificateAuthority. * Call the ListTags * action to see what tags are associated with your CA.

See Also:

* AWS * API Reference

*/ virtual Model::UntagCertificateAuthorityOutcome UntagCertificateAuthority(const Model::UntagCertificateAuthorityRequest& request) const; /** *

Remove one or more tags from your private CA. A tag consists of a key-value * pair. If you do not specify the value portion of the tag when calling this * action, the tag will be removed regardless of value. If you specify a value, the * tag is removed only if it is associated with the specified value. To add tags to * a private CA, use the TagCertificateAuthority. * Call the ListTags * action to see what tags are associated with your CA.

See Also:

* AWS * API Reference

* * returns a future to the operation so that it can be executed in parallel to other requests. */ virtual Model::UntagCertificateAuthorityOutcomeCallable UntagCertificateAuthorityCallable(const Model::UntagCertificateAuthorityRequest& request) const; /** *

Remove one or more tags from your private CA. A tag consists of a key-value * pair. If you do not specify the value portion of the tag when calling this * action, the tag will be removed regardless of value. If you specify a value, the * tag is removed only if it is associated with the specified value. To add tags to * a private CA, use the TagCertificateAuthority. * Call the ListTags * action to see what tags are associated with your CA.

See Also:

* AWS * API Reference

* * Queues the request into a thread executor and triggers associated callback when operation has finished. */ virtual void UntagCertificateAuthorityAsync(const Model::UntagCertificateAuthorityRequest& request, const UntagCertificateAuthorityResponseReceivedHandler& handler, const std::shared_ptr& context = nullptr) const; /** *

Updates the status or configuration of a private certificate authority (CA). * Your private CA must be in the ACTIVE or DISABLED * state before you can update it. You can disable a private CA that is in the * ACTIVE state or make a CA that is in the DISABLED * state active again.

Both PCA and the IAM principal must have * permission to write to the S3 bucket that you specify. If the IAM principal * making the call does not have permission to write to the bucket, then an * exception is thrown. For more information, see Configure * Access to ACM Private CA.

See Also:

AWS * API Reference

*/ virtual Model::UpdateCertificateAuthorityOutcome UpdateCertificateAuthority(const Model::UpdateCertificateAuthorityRequest& request) const; /** *

Updates the status or configuration of a private certificate authority (CA). * Your private CA must be in the ACTIVE or DISABLED * state before you can update it. You can disable a private CA that is in the * ACTIVE state or make a CA that is in the DISABLED * state active again.

Both PCA and the IAM principal must have * permission to write to the S3 bucket that you specify. If the IAM principal * making the call does not have permission to write to the bucket, then an * exception is thrown. For more information, see Configure * Access to ACM Private CA.

See Also:

AWS * API Reference

* * returns a future to the operation so that it can be executed in parallel to other requests. */ virtual Model::UpdateCertificateAuthorityOutcomeCallable UpdateCertificateAuthorityCallable(const Model::UpdateCertificateAuthorityRequest& request) const; /** *

Updates the status or configuration of a private certificate authority (CA). * Your private CA must be in the ACTIVE or DISABLED * state before you can update it. You can disable a private CA that is in the * ACTIVE state or make a CA that is in the DISABLED * state active again.

Both PCA and the IAM principal must have * permission to write to the S3 bucket that you specify. If the IAM principal * making the call does not have permission to write to the bucket, then an * exception is thrown. For more information, see Configure * Access to ACM Private CA.

See Also:

AWS * API Reference

* * Queues the request into a thread executor and triggers associated callback when operation has finished. */ virtual void UpdateCertificateAuthorityAsync(const Model::UpdateCertificateAuthorityRequest& request, const UpdateCertificateAuthorityResponseReceivedHandler& handler, const std::shared_ptr& context = nullptr) const; void OverrideEndpoint(const Aws::String& endpoint); private: void init(const Aws::Client::ClientConfiguration& clientConfiguration); void CreateCertificateAuthorityAsyncHelper(const Model::CreateCertificateAuthorityRequest& request, const CreateCertificateAuthorityResponseReceivedHandler& handler, const std::shared_ptr& context) const; void CreateCertificateAuthorityAuditReportAsyncHelper(const Model::CreateCertificateAuthorityAuditReportRequest& request, const CreateCertificateAuthorityAuditReportResponseReceivedHandler& handler, const std::shared_ptr& context) const; void CreatePermissionAsyncHelper(const Model::CreatePermissionRequest& request, const CreatePermissionResponseReceivedHandler& handler, const std::shared_ptr& context) const; void DeleteCertificateAuthorityAsyncHelper(const Model::DeleteCertificateAuthorityRequest& request, const DeleteCertificateAuthorityResponseReceivedHandler& handler, const std::shared_ptr& context) const; void DeletePermissionAsyncHelper(const Model::DeletePermissionRequest& request, const DeletePermissionResponseReceivedHandler& handler, const std::shared_ptr& context) const; void DeletePolicyAsyncHelper(const Model::DeletePolicyRequest& request, const DeletePolicyResponseReceivedHandler& handler, const std::shared_ptr& context) const; void DescribeCertificateAuthorityAsyncHelper(const Model::DescribeCertificateAuthorityRequest& request, const DescribeCertificateAuthorityResponseReceivedHandler& handler, const std::shared_ptr& context) const; void DescribeCertificateAuthorityAuditReportAsyncHelper(const Model::DescribeCertificateAuthorityAuditReportRequest& request, const DescribeCertificateAuthorityAuditReportResponseReceivedHandler& handler, const std::shared_ptr& context) const; void GetCertificateAsyncHelper(const Model::GetCertificateRequest& request, const GetCertificateResponseReceivedHandler& handler, const std::shared_ptr& context) const; void GetCertificateAuthorityCertificateAsyncHelper(const Model::GetCertificateAuthorityCertificateRequest& request, const GetCertificateAuthorityCertificateResponseReceivedHandler& handler, const std::shared_ptr& context) const; void GetCertificateAuthorityCsrAsyncHelper(const Model::GetCertificateAuthorityCsrRequest& request, const GetCertificateAuthorityCsrResponseReceivedHandler& handler, const std::shared_ptr& context) const; void GetPolicyAsyncHelper(const Model::GetPolicyRequest& request, const GetPolicyResponseReceivedHandler& handler, const std::shared_ptr& context) const; void ImportCertificateAuthorityCertificateAsyncHelper(const Model::ImportCertificateAuthorityCertificateRequest& request, const ImportCertificateAuthorityCertificateResponseReceivedHandler& handler, const std::shared_ptr& context) const; void IssueCertificateAsyncHelper(const Model::IssueCertificateRequest& request, const IssueCertificateResponseReceivedHandler& handler, const std::shared_ptr& context) const; void ListCertificateAuthoritiesAsyncHelper(const Model::ListCertificateAuthoritiesRequest& request, const ListCertificateAuthoritiesResponseReceivedHandler& handler, const std::shared_ptr& context) const; void ListPermissionsAsyncHelper(const Model::ListPermissionsRequest& request, const ListPermissionsResponseReceivedHandler& handler, const std::shared_ptr& context) const; void ListTagsAsyncHelper(const Model::ListTagsRequest& request, const ListTagsResponseReceivedHandler& handler, const std::shared_ptr& context) const; void PutPolicyAsyncHelper(const Model::PutPolicyRequest& request, const PutPolicyResponseReceivedHandler& handler, const std::shared_ptr& context) const; void RestoreCertificateAuthorityAsyncHelper(const Model::RestoreCertificateAuthorityRequest& request, const RestoreCertificateAuthorityResponseReceivedHandler& handler, const std::shared_ptr& context) const; void RevokeCertificateAsyncHelper(const Model::RevokeCertificateRequest& request, const RevokeCertificateResponseReceivedHandler& handler, const std::shared_ptr& context) const; void TagCertificateAuthorityAsyncHelper(const Model::TagCertificateAuthorityRequest& request, const TagCertificateAuthorityResponseReceivedHandler& handler, const std::shared_ptr& context) const; void UntagCertificateAuthorityAsyncHelper(const Model::UntagCertificateAuthorityRequest& request, const UntagCertificateAuthorityResponseReceivedHandler& handler, const std::shared_ptr& context) const; void UpdateCertificateAuthorityAsyncHelper(const Model::UpdateCertificateAuthorityRequest& request, const UpdateCertificateAuthorityResponseReceivedHandler& handler, const std::shared_ptr& context) const; Aws::String m_uri; Aws::String m_configScheme; std::shared_ptr m_executor; }; } // namespace ACMPCA } // namespace Aws