AWS IoT

2016/08/02 - AWS IoT - 1 new 7 updated api methods

Changes  Adds `listOutgoingCertificates` and support for allowing autoregistration.

ListOutgoingCertificates (new) Link ¶

Lists certificates that are being transfered but not yet accepted.

Request Syntax

client.list_outgoing_certificates(
    pageSize=123,
    marker='string',
    ascendingOrder=True|False
)
type pageSize

integer

param pageSize

The result page size.

type marker

string

param marker

The marker for the next set of results.

type ascendingOrder

boolean

param ascendingOrder

Specifies the order for results. If True, the results are returned in ascending order, based on the creation date.

rtype

dict

returns

Response Syntax

{
    'outgoingCertificates': [
        {
            'certificateArn': 'string',
            'certificateId': 'string',
            'transferredTo': 'string',
            'transferDate': datetime(2015, 1, 1),
            'transferMessage': 'string',
            'creationDate': datetime(2015, 1, 1)
        },
    ],
    'nextMarker': 'string'
}

Response Structure

  • (dict) --

    The output from the ListOutgoingCertificates operation.

    • outgoingCertificates (list) --

      The certificates that are being transfered but not yet accepted.

      • (dict) --

        A certificate that has been transfered but not yet accepted.

        • certificateArn (string) --

          The certificate ARN.

        • certificateId (string) --

          The certificate ID.

        • transferredTo (string) --

          The AWS account to which the transfer was made.

        • transferDate (datetime) --

          The date the transfer was initiated.

        • transferMessage (string) --

          The transfer message.

        • creationDate (datetime) --

          The certificate creation date.

    • nextMarker (string) --

      The marker for the next set of results.

DescribeCACertificate (updated) Link ¶
Changes (response)
{'certificateDescription': {'autoRegistrationStatus': 'ENABLE | DISABLE'}}

Describes a registered CA certificate.

Request Syntax

client.describe_ca_certificate(
    certificateId='string'
)
type certificateId

string

param certificateId

[REQUIRED]

The CA certificate identifier.

rtype

dict

returns

Response Syntax

{
    'certificateDescription': {
        'certificateArn': 'string',
        'certificateId': 'string',
        'status': 'ACTIVE'|'INACTIVE',
        'certificatePem': 'string',
        'ownedBy': 'string',
        'creationDate': datetime(2015, 1, 1),
        'autoRegistrationStatus': 'ENABLE'|'DISABLE'
    }
}

Response Structure

  • (dict) --

    The output from the DescribeCACertificate operation.

    • certificateDescription (dict) --

      The CA certificate description.

      • certificateArn (string) --

        The CA certificate ARN.

      • certificateId (string) --

        The CA certificate ID.

      • status (string) --

        The status of a CA certificate.

      • certificatePem (string) --

        The CA certificate data, in PEM format.

      • ownedBy (string) --

        The owner of the CA certificate.

      • creationDate (datetime) --

        The date the CA certificate was created.

      • autoRegistrationStatus (string) --

        Whether the CA certificate configured for auto registration of device certificates. Valid values are "ENABLE" and "DISABLE"

DescribeCertificate (updated) Link ¶
Changes (response)
{'certificateDescription': {'status': ['PENDING_ACTIVATION']}}

Gets information about the specified certificate.

Request Syntax

client.describe_certificate(
    certificateId='string'
)
type certificateId

string

param certificateId

[REQUIRED]

The ID of the certificate.

rtype

dict

returns

Response Syntax

{
    'certificateDescription': {
        'certificateArn': 'string',
        'certificateId': 'string',
        'caCertificateId': 'string',
        'status': 'ACTIVE'|'INACTIVE'|'REVOKED'|'PENDING_TRANSFER'|'REGISTER_INACTIVE'|'PENDING_ACTIVATION',
        'certificatePem': 'string',
        'ownedBy': 'string',
        'previousOwnedBy': 'string',
        'creationDate': datetime(2015, 1, 1),
        'lastModifiedDate': datetime(2015, 1, 1),
        'transferData': {
            'transferMessage': 'string',
            'rejectReason': 'string',
            'transferDate': datetime(2015, 1, 1),
            'acceptDate': datetime(2015, 1, 1),
            'rejectDate': datetime(2015, 1, 1)
        }
    }
}

Response Structure

  • (dict) --

    The output of the DescribeCertificate operation.

    • certificateDescription (dict) --

      The description of the certificate.

      • certificateArn (string) --

        The ARN of the certificate.

      • certificateId (string) --

        The ID of the certificate.

      • caCertificateId (string) --

        The certificate ID of the CA certificate used to sign this certificate.

      • status (string) --

        The status of the certificate.

      • certificatePem (string) --

        The certificate data, in PEM format.

      • ownedBy (string) --

        The ID of the AWS account that owns the certificate.

      • previousOwnedBy (string) --

        The ID of the AWS account of the previous owner of the certificate.

      • creationDate (datetime) --

        The date and time the certificate was created.

      • lastModifiedDate (datetime) --

        The date and time the certificate was last modified.

      • transferData (dict) --

        The transfer data.

        • transferMessage (string) --

          The transfer message.

        • rejectReason (string) --

          The reason why the transfer was rejected.

        • transferDate (datetime) --

          The date the transfer took place.

        • acceptDate (datetime) --

          The date the transfer was accepted.

        • rejectDate (datetime) --

          The date the transfer was rejected.

ListCertificates (updated) Link ¶
Changes (response)
{'certificates': {'status': ['PENDING_ACTIVATION']}}

Lists the certificates registered in your AWS account.

The results are paginated with a default page size of 25. You can use the returned marker to retrieve additional results.

Request Syntax

client.list_certificates(
    pageSize=123,
    marker='string',
    ascendingOrder=True|False
)
type pageSize

integer

param pageSize

The result page size.

type marker

string

param marker

The marker for the next set of results.

type ascendingOrder

boolean

param ascendingOrder

Specifies the order for results. If True, the results are returned in ascending order, based on the creation date.

rtype

dict

returns

Response Syntax

{
    'certificates': [
        {
            'certificateArn': 'string',
            'certificateId': 'string',
            'status': 'ACTIVE'|'INACTIVE'|'REVOKED'|'PENDING_TRANSFER'|'REGISTER_INACTIVE'|'PENDING_ACTIVATION',
            'creationDate': datetime(2015, 1, 1)
        },
    ],
    'nextMarker': 'string'
}

Response Structure

  • (dict) --

    The output of the ListCertificates operation.

    • certificates (list) --

      The descriptions of the certificates.

      • (dict) --

        Information about a certificate.

        • certificateArn (string) --

          The ARN of the certificate.

        • certificateId (string) --

          The ID of the certificate.

        • status (string) --

          The status of the certificate.

          The status value REGISTER_INACTIVE is deprecated and should not be used.

        • creationDate (datetime) --

          The date and time the certificate was created.

    • nextMarker (string) --

      The marker for the next set of results, or null if there are no additional results.

ListCertificatesByCA (updated) Link ¶
Changes (response)
{'certificates': {'status': ['PENDING_ACTIVATION']}}

List the device certificates signed by the specified CA certificate.

Request Syntax

client.list_certificates_by_ca(
    caCertificateId='string',
    pageSize=123,
    marker='string',
    ascendingOrder=True|False
)
type caCertificateId

string

param caCertificateId

[REQUIRED]

The ID of the CA certificate. This operation will list all registered device certificate that were signed by this CA certificate.

type pageSize

integer

param pageSize

The result page size.

type marker

string

param marker

The marker for the next set of results.

type ascendingOrder

boolean

param ascendingOrder

Specifies the order for results. If True, the results are returned in ascending order, based on the creation date.

rtype

dict

returns

Response Syntax

{
    'certificates': [
        {
            'certificateArn': 'string',
            'certificateId': 'string',
            'status': 'ACTIVE'|'INACTIVE'|'REVOKED'|'PENDING_TRANSFER'|'REGISTER_INACTIVE'|'PENDING_ACTIVATION',
            'creationDate': datetime(2015, 1, 1)
        },
    ],
    'nextMarker': 'string'
}

Response Structure

  • (dict) --

    The output of the ListCertificatesByCA operation.

    • certificates (list) --

      The device certificates signed by the specified CA certificate.

      • (dict) --

        Information about a certificate.

        • certificateArn (string) --

          The ARN of the certificate.

        • certificateId (string) --

          The ID of the certificate.

        • status (string) --

          The status of the certificate.

          The status value REGISTER_INACTIVE is deprecated and should not be used.

        • creationDate (datetime) --

          The date and time the certificate was created.

    • nextMarker (string) --

      The marker for the next set of results, or null if there are no additional results.

RegisterCACertificate (updated) Link ¶
Changes (request)
{'allowAutoRegistration': 'boolean'}

Registers a CA certificate with AWS IoT. This CA certificate can then be used to sign device certificates, which can be then registered with AWS IoT. You can register up to 10 CA certificates per AWS account that have the same subject field and public key. This enables you to have up to 10 certificate authorities sign your device certificates. If you have more than one CA certificate registered, make sure you pass the CA certificate when you register your device certificates with the RegisterCertificate API.

Request Syntax

client.register_ca_certificate(
    caCertificate='string',
    verificationCertificate='string',
    setAsActive=True|False,
    allowAutoRegistration=True|False
)
type caCertificate

string

param caCertificate

[REQUIRED]

The CA certificate.

type verificationCertificate

string

param verificationCertificate

[REQUIRED]

The private key verification certificate.

type setAsActive

boolean

param setAsActive

A boolean value that specifies if the CA certificate is set to active.

type allowAutoRegistration

boolean

param allowAutoRegistration

Allows this CA certificate to be used for auto registration of device certificates.

rtype

dict

returns

Response Syntax

{
    'certificateArn': 'string',
    'certificateId': 'string'
}

Response Structure

  • (dict) --

    The output from the RegisterCACertificateResponse operation.

    • certificateArn (string) --

      The CA certificate ARN.

    • certificateId (string) --

      The CA certificate identifier.

UpdateCACertificate (updated) Link ¶
Changes (request)
{'newAutoRegistrationStatus': 'ENABLE | DISABLE'}

Updates a registered CA certificate.

Request Syntax

client.update_ca_certificate(
    certificateId='string',
    newStatus='ACTIVE'|'INACTIVE',
    newAutoRegistrationStatus='ENABLE'|'DISABLE'
)
type certificateId

string

param certificateId

[REQUIRED]

The CA certificate identifier.

type newStatus

string

param newStatus

The updated status of the CA certificate.

Note: The status value REGISTER_INACTIVE is deprecated and should not be used.

type newAutoRegistrationStatus

string

param newAutoRegistrationStatus

The new value for the auto registration status. Valid values are: "ENABLE" or "DISABLE".

returns

None

UpdateCertificate (updated) Link ¶
Changes (request)
{'newStatus': ['PENDING_ACTIVATION']}

Updates the status of the specified certificate. This operation is idempotent.

Moving a certificate from the ACTIVE state (including REVOKED) will not disconnect currently connected devices, but these devices will be unable to reconnect.

The ACTIVE state is required to authenticate devices connecting to AWS IoT using a certificate.

Request Syntax

client.update_certificate(
    certificateId='string',
    newStatus='ACTIVE'|'INACTIVE'|'REVOKED'|'PENDING_TRANSFER'|'REGISTER_INACTIVE'|'PENDING_ACTIVATION'
)
type certificateId

string

param certificateId

[REQUIRED]

The ID of the certificate.

type newStatus

string

param newStatus

[REQUIRED]

The new status.

Note: Setting the status to PENDING_TRANSFER will result in an exception being thrown. PENDING_TRANSFER is a status used internally by AWS IoT. It is not intended for developer use.

Note: The status value REGISTER_INACTIVE is deprecated and should not be used.

returns

None