AWS Certificate Manager Update: AWS Certificate Manager documentation updated on API calls ImportCertificate and ListCertificate. Specific updates included input constraints, private key size for import and next token size for list.

AWS · AWS · commit 4554a82cfca6 · 2020-03-19T18:04:03.000Z
diff --git a/.changes/next-release/feature-AWSCertificateManager-4c688e6.json b/.changes/next-release/feature-AWSCertificateManager-4c688e6.json
@@ -0,0 +1,5 @@
+{
+    "type": "feature",
+    "category": "AWS Certificate Manager",
+    "description": "AWS Certificate Manager documentation updated on API calls ImportCertificate and ListCertificate. Specific updates included input constraints, private key size for import and next token size for list."
+}
diff --git a/services/acm/src/main/resources/codegen-resources/service-2.json b/services/acm/src/main/resources/codegen-resources/service-2.json
@@ -86,7 +86,7 @@
         {"shape":"RequestInProgressException"},
         {"shape":"InvalidArnException"}
       ],
-      "documentation":"<p>Retrieves a certificate specified by an ARN and its certificate chain . The chain is an ordered list of certificates that contains the end entity certificate, intermediate certificates of subordinate CAs, and the root certificate in that order. The certificate and certificate chain are base64 encoded. If you want to decode the certificate to see the individual fields, you can use OpenSSL.</p>"
+      "documentation":"<p>Retrieves an Amazon-issued certificate and its certificate chain. The chain consists of the certificate of the issuing CA and the intermediate certificates of any other subordinate CAs. All of the certificates are base64 encoded. You can use <a href=\"https://wiki.openssl.org/index.php/Command_Line_Utilities\">OpenSSL</a> to decode the certificates and inspect individual fields.</p>"
     },
     "ImportCertificate":{
       "name":"ImportCertificate",
@@ -498,7 +498,7 @@
         },
         "ResourceRecord":{
           "shape":"ResourceRecord",
-          "documentation":"<p>Contains the CNAME record that you add to your DNS database for domain validation. For more information, see <a href=\"https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html\">Use DNS to Validate Domain Ownership</a>.</p>"
+          "documentation":"<p>Contains the CNAME record that you add to your DNS database for domain validation. For more information, see <a href=\"https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html\">Use DNS to Validate Domain Ownership</a>.</p> <p>Note: The CNAME information that you need does not include the name of your domain. If you include&#x2028; your domain name in the DNS database CNAME record, validation fails.&#x2028; For example, if the name is \"_a79865eb4cd1a6ab990a45779b4e0b96.yourdomain.com\", only \"_a79865eb4cd1a6ab990a45779b4e0b96\" must be used.</p>"
         },
         "ValidationMethod":{
           "shape":"ValidationMethod",
@@ -664,11 +664,11 @@
       "members":{
         "Certificate":{
           "shape":"CertificateBody",
-          "documentation":"<p>String that contains the ACM certificate represented by the ARN specified at input.</p>"
+          "documentation":"<p>The ACM-issued certificate corresponding to the ARN specified as input.</p>"
         },
         "CertificateChain":{
           "shape":"CertificateChain",
-          "documentation":"<p>The certificate chain that contains the root certificate issued by the certificate authority (CA).</p>"
+          "documentation":"<p>Certificates forming the requested certificate's chain of trust. The chain consists of the certificate of the issuing CA and the intermediate certificates of any other subordinate CAs. </p>"
         }
       }
     },
@@ -822,7 +822,7 @@
       "members":{
         "message":{"shape":"String"}
       },
-      "documentation":"<p>An ACM limit has been exceeded.</p>",
+      "documentation":"<p>An ACM quota has been exceeded.</p>",
       "exception":true
     },
     "ListCertificatesRequest":{
@@ -885,7 +885,7 @@
     },
     "NextToken":{
       "type":"string",
-      "max":320,
+      "max":10000,
       "min":1,
       "pattern":"[\\u0009\\u000A\\u000D\\u0020-\\u00FF]*"
     },
@@ -904,7 +904,7 @@
     },
     "PrivateKeyBlob":{
       "type":"blob",
-      "max":524288,
+      "max":5120,
       "min":1,
       "sensitive":true
     },
@@ -996,7 +996,7 @@
         },
         "SubjectAlternativeNames":{
           "shape":"DomainList",
-          "documentation":"<p>Additional FQDNs to be included in the Subject Alternative Name extension of the ACM certificate. For example, add the name www.example.net to a certificate for which the <code>DomainName</code> field is www.example.com if users can reach your site by using either name. The maximum number of domain names that you can add to an ACM certificate is 100. However, the initial limit is 10 domain names. If you need more than 10 names, you must request a limit increase. For more information, see <a href=\"https://docs.aws.amazon.com/acm/latest/userguide/acm-limits.html\">Limits</a>.</p> <p> The maximum length of a SAN DNS name is 253 octets. The name is made up of multiple labels separated by periods. No label can be longer than 63 octets. Consider the following examples: </p> <ul> <li> <p> <code>(63 octets).(63 octets).(63 octets).(61 octets)</code> is legal because the total length is 253 octets (63+1+63+1+63+1+61) and no label exceeds 63 octets.</p> </li> <li> <p> <code>(64 octets).(63 octets).(63 octets).(61 octets)</code> is not legal because the total length exceeds 253 octets (64+1+63+1+63+1+61) and the first label exceeds 63 octets.</p> </li> <li> <p> <code>(63 octets).(63 octets).(63 octets).(62 octets)</code> is not legal because the total length of the DNS name (63+1+63+1+63+1+62) exceeds 253 octets.</p> </li> </ul>"
+          "documentation":"<p>Additional FQDNs to be included in the Subject Alternative Name extension of the ACM certificate. For example, add the name www.example.net to a certificate for which the <code>DomainName</code> field is www.example.com if users can reach your site by using either name. The maximum number of domain names that you can add to an ACM certificate is 100. However, the initial quota is 10 domain names. If you need more than 10 names, you must request a quota increase. For more information, see <a href=\"https://docs.aws.amazon.com/acm/latest/userguide/acm-limits.html\">Quotas</a>.</p> <p> The maximum length of a SAN DNS name is 253 octets. The name is made up of multiple labels separated by periods. No label can be longer than 63 octets. Consider the following examples: </p> <ul> <li> <p> <code>(63 octets).(63 octets).(63 octets).(61 octets)</code> is legal because the total length is 253 octets (63+1+63+1+63+1+61) and no label exceeds 63 octets.</p> </li> <li> <p> <code>(64 octets).(63 octets).(63 octets).(61 octets)</code> is not legal because the total length exceeds 253 octets (64+1+63+1+63+1+61) and the first label exceeds 63 octets.</p> </li> <li> <p> <code>(63 octets).(63 octets).(63 octets).(62 octets)</code> is not legal because the total length of the DNS name (63+1+63+1+63+1+62) exceeds 253 octets.</p> </li> </ul>"
         },
         "IdempotencyToken":{
           "shape":"IdempotencyToken",
