2016/04/11 - AWS IoT - 9 new 5 updated api methods
Registers a device certificate with AWS IoT. If you have more than one CA certificate that has the same subject field, you must specify the CA certificate that was used to sign the device certificate being registered.
Request Syntax
client.register_certificate( certificatePem='string', caCertificatePem='string', setAsActive=True|False )
string
[REQUIRED]
The certificate data, in PEM format.
string
The CA certificate used to sign the device certificate being registered.
boolean
A boolean value that specifies if the CA certificate is set to active.
dict
Response Syntax
{ 'certificateArn': 'string', 'certificateId': 'string' }
Response Structure
(dict) --
The output from the RegisterCertificate operation.
certificateArn (string) --
The certificate ARN.
certificateId (string) --
The certificate identifier.
Updates a registered CA certificate.
Request Syntax
client.update_ca_certificate( certificateId='string', newStatus='ACTIVE'|'INACTIVE' )
string
[REQUIRED]
The CA certificate identifier.
string
[REQUIRED]
The updated status of the CA certificate.
None
Deletes a registered CA certificate.
Request Syntax
client.delete_ca_certificate( certificateId='string' )
string
[REQUIRED]
The ID of the certificate to delete.
dict
Response Syntax
{}
Response Structure
(dict) --
The output for the DeleteCACertificate operation.
Gets a registration code used to register a CA certificate with AWS IoT.
Request Syntax
client.get_registration_code()
dict
Response Syntax
{ 'registrationCode': 'string' }
Response Structure
(dict) --
The output from the GetRegistrationCode operation.
registrationCode (string) --
The CA certificate registration code.
Lists the CA certificates registered for your AWS account.
The results are paginated with a default page size of 25. You can use the returned marker to retrieve additional results.
Request Syntax
client.list_ca_certificates( pageSize=123, marker='string', ascendingOrder=True|False )
integer
The result page size.
string
The marker for the next set of results.
boolean
Determines the order of the results.
dict
Response Syntax
{ 'certificates': [ { 'certificateArn': 'string', 'certificateId': 'string', 'status': 'ACTIVE'|'INACTIVE', 'creationDate': datetime(2015, 1, 1) }, ], 'nextMarker': 'string' }
Response Structure
(dict) --
The output from the ListCACertificates operation.
certificates (list) --
The CA certificates registered in your AWS account.
(dict) --
A CA certificate.
certificateArn (string) --
The ARN of the CA certificate.
certificateId (string) --
The ID of the CA certificate.
status (string) --
The status of the CA certificate.
creationDate (datetime) --
The date the CA certificate was created.
nextMarker (string) --
The current position within the list of CA certificates.
List the device certificates signed by the specified CA certificate.
Request Syntax
client.list_certificates_by_ca( caCertificateId='string', pageSize=123, marker='string', ascendingOrder=True|False )
string
[REQUIRED]
The ID of the CA certificate. This operation will list all registered device certificate that were signed by this CA certificate.
integer
The result page size.
string
The marker for the next set of results.
boolean
Specifies the order for results. If True, the results are returned in ascending order, based on the creation date.
dict
Response Syntax
{ 'certificates': [ { 'certificateArn': 'string', 'certificateId': 'string', 'status': 'ACTIVE'|'INACTIVE'|'REVOKED'|'PENDING_TRANSFER'|'REGISTER_INACTIVE', 'creationDate': datetime(2015, 1, 1) }, ], 'nextMarker': 'string' }
Response Structure
(dict) --
The output of the ListCertificatesByCA operation.
certificates (list) --
The device certificates signed by the specified CA certificate.
(dict) --
Information about a certificate.
certificateArn (string) --
The ARN of the certificate.
certificateId (string) --
The ID of the certificate.
status (string) --
The status of the certificate.
creationDate (datetime) --
The date and time the certificate was created.
nextMarker (string) --
The marker for the next set of results, or null if there are no additional results.
Registers a CA certificate with AWS IoT. This CA certificate can then be used to sign device certificates, which can be then registered with AWS IoT. You can register up to 10 CA certificates per AWS account that have the same subject field and public key. This enables you to have up to 10 certificate authorities sign your device certificates. If you have more than one CA certificate registered, make sure you pass the CA certificate when you register your device certificates with the RegisterCertificate API.
Request Syntax
client.register_ca_certificate( caCertificate='string', verificationCertificate='string', setAsActive=True|False )
string
[REQUIRED]
The CA certificate.
string
[REQUIRED]
The private key verification certificate.
boolean
A boolean value that specifies if the CA certificate is set to active.
dict
Response Syntax
{ 'certificateArn': 'string', 'certificateId': 'string' }
Response Structure
(dict) --
The output from the RegisterCACertificateResponse operation.
certificateArn (string) --
The CA certificate ARN.
certificateId (string) --
The CA certificate identifier.
Describes a registered CA certificate.
Request Syntax
client.describe_ca_certificate( certificateId='string' )
string
[REQUIRED]
The CA certificate identifier.
dict
Response Syntax
{ 'certificateDescription': { 'certificateArn': 'string', 'certificateId': 'string', 'status': 'ACTIVE'|'INACTIVE', 'certificatePem': 'string', 'ownedBy': 'string', 'creationDate': datetime(2015, 1, 1) } }
Response Structure
(dict) --
The output from the DescribeCACertificate operation.
certificateDescription (dict) --
The CA certificate description.
certificateArn (string) --
The CA certificate ARN.
certificateId (string) --
The CA certificate ID.
status (string) --
The status of a CA certificate.
certificatePem (string) --
The CA certificate data, in PEM format.
ownedBy (string) --
The owner of the CA certificate.
creationDate (datetime) --
The date the CA certificate was created.
Deletes a CA certificate registration code.
Request Syntax
client.delete_registration_code()
dict
Response Syntax
{}
Response Structure
(dict) --
The output for the DeleteRegistrationCode operation.
{'certificateDescription': {'caCertificateId': 'string', 'previousOwnedBy': 'string', 'status': ['REGISTER_INACTIVE'], 'transferData': {'acceptDate': 'timestamp', 'rejectDate': 'timestamp', 'rejectReason': 'string', 'transferDate': 'timestamp', 'transferMessage': 'string'}}}
Gets information about the specified certificate.
Request Syntax
client.describe_certificate( certificateId='string' )
string
[REQUIRED]
The ID of the certificate.
dict
Response Syntax
{ 'certificateDescription': { 'certificateArn': 'string', 'certificateId': 'string', 'caCertificateId': 'string', 'status': 'ACTIVE'|'INACTIVE'|'REVOKED'|'PENDING_TRANSFER'|'REGISTER_INACTIVE', 'certificatePem': 'string', 'ownedBy': 'string', 'previousOwnedBy': 'string', 'creationDate': datetime(2015, 1, 1), 'lastModifiedDate': datetime(2015, 1, 1), 'transferData': { 'transferMessage': 'string', 'rejectReason': 'string', 'transferDate': datetime(2015, 1, 1), 'acceptDate': datetime(2015, 1, 1), 'rejectDate': datetime(2015, 1, 1) } } }
Response Structure
(dict) --
The output of the DescribeCertificate operation.
certificateDescription (dict) --
The description of the certificate.
certificateArn (string) --
The ARN of the certificate.
certificateId (string) --
The ID of the certificate.
caCertificateId (string) --
The certificate ID of the CA certificate used to sign this certificate.
status (string) --
The status of the certificate.
certificatePem (string) --
The certificate data, in PEM format.
ownedBy (string) --
The ID of the AWS account that owns the certificate.
previousOwnedBy (string) --
The ID of the AWS account of the previous owner of the certificate.
creationDate (datetime) --
The date and time the certificate was created.
lastModifiedDate (datetime) --
The date and time the certificate was last modified.
transferData (dict) --
The transfer data.
transferMessage (string) --
The transfer message.
rejectReason (string) --
The reason why the transfer was rejected.
transferDate (datetime) --
The date the transfer took place.
acceptDate (datetime) --
The date the transfer was accepted.
rejectDate (datetime) --
The date the transfer was rejected.
{'certificates': {'status': ['REGISTER_INACTIVE']}}
Lists the certificates registered in your AWS account.
The results are paginated with a default page size of 25. You can use the returned marker to retrieve additional results.
Request Syntax
client.list_certificates( pageSize=123, marker='string', ascendingOrder=True|False )
integer
The result page size.
string
The marker for the next set of results.
boolean
Specifies the order for results. If True, the results are returned in ascending order, based on the creation date.
dict
Response Syntax
{ 'certificates': [ { 'certificateArn': 'string', 'certificateId': 'string', 'status': 'ACTIVE'|'INACTIVE'|'REVOKED'|'PENDING_TRANSFER'|'REGISTER_INACTIVE', 'creationDate': datetime(2015, 1, 1) }, ], 'nextMarker': 'string' }
Response Structure
(dict) --
The output of the ListCertificates operation.
certificates (list) --
The descriptions of the certificates.
(dict) --
Information about a certificate.
certificateArn (string) --
The ARN of the certificate.
certificateId (string) --
The ID of the certificate.
status (string) --
The status of the certificate.
creationDate (datetime) --
The date and time the certificate was created.
nextMarker (string) --
The marker for the next set of results, or null if there are no additional results.
{'rejectReason': 'string'}
Rejects a pending certificate transfer. After AWS IoT rejects a certificate transfer, the certificate status changes from PENDING_TRANSFER to INACTIVE .
To check for pending certificate transfers, call ListCertificates to enumerate your certificates.
This operation can only be called by the transfer destination. After it is called, the certificate will be returned to the source's account in the INACTIVE state.
Request Syntax
client.reject_certificate_transfer( certificateId='string', rejectReason='string' )
string
[REQUIRED]
The ID of the certificate.
string
The reason the certificate transfer was rejected.
None
{'transferMessage': 'string'}
Transfers the specified certificate to the specified AWS account.
You can cancel the transfer until it is acknowledged by the recipient.
No notification is sent to the transfer destination's account. It is up to the caller to notify the transfer target.
The certificate being transferred must not be in the ACTIVE state. You can use the UpdateCertificate API to deactivate it.
The certificate must not have any policies attached to it. You can use the DetachPrincipalPolicy API to detach them.
Request Syntax
client.transfer_certificate( certificateId='string', targetAwsAccount='string', transferMessage='string' )
string
[REQUIRED]
The ID of the certificate.
string
[REQUIRED]
The AWS account.
string
The transfer message.
dict
Response Syntax
{ 'transferredCertificateArn': 'string' }
Response Structure
(dict) --
The output from the TransferCertificate operation.
transferredCertificateArn (string) --
The ARN of the certificate.
{'newStatus': ['REGISTER_INACTIVE']}
Updates the status of the specified certificate. This operation is idempotent.
Moving a certificate from the ACTIVE state (including REVOKED) will not disconnect currently connected devices, but these devices will be unable to reconnect.
The ACTIVE state is required to authenticate devices connecting to AWS IoT using a certificate.
Request Syntax
client.update_certificate( certificateId='string', newStatus='ACTIVE'|'INACTIVE'|'REVOKED'|'PENDING_TRANSFER'|'REGISTER_INACTIVE' )
string
[REQUIRED]
The ID of the certificate.
string
[REQUIRED]
The new status.
Note: Setting the status to PENDING_TRANSFER will result in an exception being thrown. PENDING_TRANSFER is a status used internally by AWS IoT. It is not intended for developer use.
None