AWS IoT

2023/12/14 - AWS IoT - 5 new api methods

Changes  This release adds the ability to self-manage certificate signing in AWS IoT Core fleet provisioning using the new certificate provider resource.

CreateCertificateProvider (new) Link ¶

Creates an Amazon Web Services IoT Core certificate provider. You can use Amazon Web Services IoT Core certificate provider to customize how to sign a certificate signing request (CSR) in IoT fleet provisioning. For more information, see Customizing certificate signing using Amazon Web Services IoT Core certificate provider from Amazon Web Services IoT Core Developer Guide .

Requires permission to access the CreateCertificateProvider action.

Warning

After you create a certificate provider, the behavior of ` CreateCertificateFromCsr API for fleet provisioning <https://docs.aws.amazon.com/iot/latest/developerguide/fleet-provision-api.html#create-cert-csr>`__ will change and all API calls to CreateCertificateFromCsr will invoke the certificate provider to create the certificates. It can take up to a few minutes for this behavior to change after a certificate provider is created.

See also: AWS API Documentation

Request Syntax

client.create_certificate_provider(
    certificateProviderName='string',
    lambdaFunctionArn='string',
    accountDefaultForOperations=[
        'CreateCertificateFromCsr',
    ],
    clientToken='string',
    tags=[
        {
            'Key': 'string',
            'Value': 'string'
        },
    ]
)
type certificateProviderName

string

param certificateProviderName

[REQUIRED]

The name of the certificate provider.

type lambdaFunctionArn

string

param lambdaFunctionArn

[REQUIRED]

The ARN of the Lambda function that defines the authentication logic.

type accountDefaultForOperations

list

param accountDefaultForOperations

[REQUIRED]

A list of the operations that the certificate provider will use to generate certificates. Valid value: CreateCertificateFromCsr .

  • (string) --

type clientToken

string

param clientToken

A string that you can optionally pass in the CreateCertificateProvider request to make sure the request is idempotent.

This field is autopopulated if not provided.

type tags

list

param tags

Metadata which can be used to manage the certificate provider.

  • (dict) --

    A set of key/value pairs that are used to manage the resource.

    • Key (string) -- [REQUIRED]

      The tag's key.

    • Value (string) --

      The tag's value.

rtype

dict

returns

Response Syntax

{
    'certificateProviderName': 'string',
    'certificateProviderArn': 'string'
}

Response Structure

  • (dict) --

    • certificateProviderName (string) --

      The name of the certificate provider.

    • certificateProviderArn (string) --

      The ARN of the certificate provider.

UpdateCertificateProvider (new) Link ¶

Updates a certificate provider.

Requires permission to access the UpdateCertificateProvider action.

See also: AWS API Documentation

Request Syntax

client.update_certificate_provider(
    certificateProviderName='string',
    lambdaFunctionArn='string',
    accountDefaultForOperations=[
        'CreateCertificateFromCsr',
    ]
)
type certificateProviderName

string

param certificateProviderName

[REQUIRED]

The name of the certificate provider.

type lambdaFunctionArn

string

param lambdaFunctionArn

The Lambda function ARN that's associated with the certificate provider.

type accountDefaultForOperations

list

param accountDefaultForOperations

A list of the operations that the certificate provider will use to generate certificates. Valid value: CreateCertificateFromCsr .

  • (string) --

rtype

dict

returns

Response Syntax

{
    'certificateProviderName': 'string',
    'certificateProviderArn': 'string'
}

Response Structure

  • (dict) --

    • certificateProviderName (string) --

      The name of the certificate provider.

    • certificateProviderArn (string) --

      The ARN of the certificate provider.

DescribeCertificateProvider (new) Link ¶

Describes a certificate provider.

Requires permission to access the DescribeCertificateProvider action.

See also: AWS API Documentation

Request Syntax

client.describe_certificate_provider(
    certificateProviderName='string'
)
type certificateProviderName

string

param certificateProviderName

[REQUIRED]

The name of the certificate provider.

rtype

dict

returns

Response Syntax

{
    'certificateProviderName': 'string',
    'certificateProviderArn': 'string',
    'lambdaFunctionArn': 'string',
    'accountDefaultForOperations': [
        'CreateCertificateFromCsr',
    ],
    'creationDate': datetime(2015, 1, 1),
    'lastModifiedDate': datetime(2015, 1, 1)
}

Response Structure

  • (dict) --

    • certificateProviderName (string) --

      The name of the certificate provider.

    • certificateProviderArn (string) --

      The ARN of the certificate provider.

    • lambdaFunctionArn (string) --

      The Lambda function ARN that's associated with the certificate provider.

    • accountDefaultForOperations (list) --

      A list of the operations that the certificate provider will use to generate certificates. Valid value: CreateCertificateFromCsr .

      • (string) --

    • creationDate (datetime) --

      The date-time string that indicates when the certificate provider was created.

    • lastModifiedDate (datetime) --

      The date-time string that indicates when the certificate provider was last updated.

DeleteCertificateProvider (new) Link ¶

Deletes a certificate provider.

Requires permission to access the DeleteCertificateProvider action.

If you delete the certificate provider resource, the behavior of CreateCertificateFromCsr will resume, and IoT will create certificates signed by IoT from a certificate signing request (CSR).

See also: AWS API Documentation

Request Syntax

client.delete_certificate_provider(
    certificateProviderName='string'
)
type certificateProviderName

string

param certificateProviderName

[REQUIRED]

The name of the certificate provider.

rtype

dict

returns

Response Syntax

{}

Response Structure

  • (dict) --

ListCertificateProviders (new) Link ¶

Lists all your certificate providers in your Amazon Web Services account.

Requires permission to access the ListCertificateProviders action.

See also: AWS API Documentation

Request Syntax

client.list_certificate_providers(
    nextToken='string',
    ascendingOrder=True|False
)
type nextToken

string

param nextToken

The token for the next set of results, or null if there are no more results.

type ascendingOrder

boolean

param ascendingOrder

Returns the list of certificate providers in ascending alphabetical order.

rtype

dict

returns

Response Syntax

{
    'certificateProviders': [
        {
            'certificateProviderName': 'string',
            'certificateProviderArn': 'string'
        },
    ],
    'nextToken': 'string'
}

Response Structure

  • (dict) --

    • certificateProviders (list) --

      The list of certificate providers in your Amazon Web Services account.

      • (dict) --

        The certificate provider summary.

        • certificateProviderName (string) --

          The name of the certificate provider.

        • certificateProviderArn (string) --

          The ARN of the certificate provider.

    • nextToken (string) --

      The token for the next set of results, or null if there are no more results.