docs(client-acm): Documentation updates, including fixes for xml formatting, broken links, and ListCertificates description.

Author: awstools

clients/client-acm/src/commands/GetCertificateCommand.ts

@@ -28,9 +28,11 @@ export interface GetCertificateCommandInput extends GetCertificateRequest {}
 export interface GetCertificateCommandOutput extends GetCertificateResponse, __MetadataBearer {}
 
 /**
- * <p>Retrieves an Amazon-issued certificate and its certificate chain. The chain consists of
- *       the certificate of the issuing CA and the intermediate certificates of any other subordinate
- *       CAs. All of the certificates are base64 encoded. You can use <a href="https://wiki.openssl.org/index.php/Command_Line_Utilities">OpenSSL</a> to decode
+ * <p>Retrieves a certificate and its certificate chain. The certificate may be either a public
+ *       or private certificate issued using the ACM <code>RequestCertificate</code> action, or a
+ *       certificate imported into ACM using the <code>ImportCertificate</code> action. The chain
+ *       consists of the certificate of the issuing CA and the intermediate certificates of any other
+ *       subordinate CAs. All of the certificates are base64 encoded. You can use <a href="https://wiki.openssl.org/index.php/Command_Line_Utilities">OpenSSL</a> to decode
  *       the certificates and inspect individual fields.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

clients/client-acm/src/commands/ImportCertificateCommand.ts

@@ -55,14 +55,6 @@ export interface ImportCertificateCommandOutput extends ImportCertificateRespons
  *                <p>The private key must be no larger than 5 KB (5,120 bytes).</p>
  *             </li>
  *             <li>
- *                <p>If the certificate you are importing is not self-signed, you must enter its
- *           certificate chain.</p>
- *             </li>
- *             <li>
- *                <p>If a certificate chain is included, the issuer must be the subject of one of the
- *           certificates in the chain.</p>
- *             </li>
- *             <li>
  *                <p>The certificate, private key, and certificate chain must be PEM-encoded.</p>
  *             </li>
  *             <li>

clients/client-acm/src/commands/ListCertificatesCommand.ts

@@ -28,10 +28,8 @@ export interface ListCertificatesCommandInput extends ListCertificatesRequest {}
 export interface ListCertificatesCommandOutput extends ListCertificatesResponse, __MetadataBearer {}
 
 /**
- * <p>Retrieves a list of certificate ARNs and domain names. You can request that only
- *       certificates that match a specific status be listed. You can also filter by specific
- *       attributes of the certificate. Default filtering returns only <code>RSA_2048</code>
- *       certificates. For more information, see <a>Filters</a>.</p>
+ * <p>Retrieves a list of certificate ARNs and domain names. By default, the API returns RSA_2048 certificates. To return all certificates in the account, include the <code>keyType</code> filter with the values <code>[RSA_1024, RSA_2048, RSA_3072, RSA_4096, EC_prime256v1, EC_secp384r1, EC_secp521r1]</code>.</p>
+ *          <p>In addition to <code>keyType</code>, you can also filter by the <code>CertificateStatuses</code>, <code>keyUsage</code>, and <code>extendedKeyUsage</code> attributes on the certificate. For more information, see <a>Filters</a>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

clients/client-acm/src/models/models_0.ts

@@ -309,11 +309,13 @@ export interface DomainValidation {
    *             </li>
    *             <li>
    *                <p>
-   *                   <code></code>SUCCESS</p>
+   *                   <code>SUCCESS</code>
+   *                </p>
    *             </li>
    *             <li>
    *                <p>
-   *                   <code></code>FAILED</p>
+   *                   <code>FAILED</code>
+   *                </p>
    *             </li>
    *          </ul>
    * @public
@@ -1318,19 +1320,19 @@ export interface CertificateSummary {
    *       list contains the domain names that are bound to the public key that is contained in the
    *       certificate. The subject alternative names include the canonical domain name (CN) of the
    *       certificate and additional domain names that can be used to connect to the website. </p>
-   *          <p>When called by <a href="https://docs.aws.amazon.com/acm/latestAPIReference/API_ListCertificates.html">ListCertificates</a>, this parameter will only return the first 100 subject alternative
+   *          <p>When called by <a>ListCertificates</a>, this parameter will only return the first 100 subject alternative
    *       names included in the certificate. To display the full list of subject alternative names, use
-   *         <a href="https://docs.aws.amazon.com/acm/latestAPIReference/API_DescribeCertificate.html">DescribeCertificate</a>.</p>
+   *       <a>DescribeCertificate</a>.</p>
    * @public
    */
   SubjectAlternativeNameSummaries?: string[];
 
   /**
-   * <p>When called by <a href="https://docs.aws.amazon.com/acm/latestAPIReference/API_ListCertificates.html">ListCertificates</a>, indicates whether the full list of subject alternative names has
+   * <p>When called by <a>ListCertificates</a>, indicates whether the full list of subject alternative names has
    *       been included in the response. If false, the response includes all of the subject alternative
    *       names included in the certificate. If true, the response only includes the first 100 subject
    *       alternative names included in the certificate. To display the full list of subject alternative
-   *       names, use <a href="https://docs.aws.amazon.com/acm/latestAPIReference/API_DescribeCertificate.html">DescribeCertificate</a>.</p>
+   *       names, use <a>DescribeCertificate</a>.</p>
    * @public
    */
   HasAdditionalSubjectAlternativeNames?: boolean;
@@ -1733,9 +1735,37 @@ export interface RequestCertificateRequest {
    *       encrypt data. RSA is the default key algorithm for ACM certificates. Elliptic Curve Digital
    *       Signature Algorithm (ECDSA) keys are smaller, offering security comparable to RSA keys but
    *       with greater computing efficiency. However, ECDSA is not supported by all network clients.
-   *       Some AWS services may require RSA keys, or only support ECDSA keys of a particular size, while
-   *       others allow the use of either RSA and ECDSA keys to ensure that compatibility is not broken.
-   *       Check the requirements for the AWS service where you plan to deploy your certificate.</p>
+   *       Some Amazon Web Services services may require RSA keys, or only support ECDSA keys of a particular size,
+   *       while others allow the use of either RSA and ECDSA keys to ensure that compatibility is not
+   *       broken. Check the requirements for the Amazon Web Services service where you plan to deploy your
+   *       certificate. For more information about selecting an algorithm, see <a href="https://docs.aws.amazon.com/acm/latest/userguide/acm-certificate.html#algorithms">Key
+   *         algorithms</a>.</p>
+   *          <note>
+   *             <p>Algorithms supported for an ACM certificate request include: </p>
+   *             <ul>
+   *                <li>
+   *                   <p>
+   *                      <code>RSA_2048</code>
+   *                   </p>
+   *                </li>
+   *                <li>
+   *                   <p>
+   *                      <code>EC_prime256v1</code>
+   *                   </p>
+   *                </li>
+   *                <li>
+   *                   <p>
+   *                      <code>EC_secp384r1</code>
+   *                   </p>
+   *                </li>
+   *             </ul>
+   *             <p>Other listed algorithms are for imported certificates only. </p>
+   *          </note>
+   *          <note>
+   *             <p>When you request a private PKI certificate signed by a CA from Amazon Web Services Private CA, the
+   *       specified signing algorithm family (RSA or ECDSA) must match the algorithm family of
+   *       the CA's secret key.</p>
+   *          </note>
    *          <p>Default: RSA_2048</p>
    * @public
    */