RDS.Client.describe_certificates(**kwargs)¶Lists the set of CA certificates provided by Amazon RDS for this Amazon Web Services account.
For more information, see Using SSL/TLS to encrypt a connection to a DB instance in the Amazon RDS User Guide and Using SSL/TLS to encrypt a connection to a DB cluster in the Amazon Aurora User Guide .
See also: AWS API Documentation
Request Syntax
response = client.describe_certificates(
CertificateIdentifier='string',
Filters=[
{
'Name': 'string',
'Values': [
'string',
]
},
],
MaxRecords=123,
Marker='string'
)
The user-supplied certificate identifier. If this parameter is specified, information for only the identified certificate is returned. This parameter isn't case-sensitive.
Constraints:
This parameter isn't currently supported.
A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as IDs. The filters supported by a describe operation are documented with the describe operation.
Note
Currently, wildcards are not supported in filters.
The following actions can be filtered:
DescribeDBClusterBacktracksDescribeDBClusterEndpointsDescribeDBClustersDescribeDBInstancesDescribePendingMaintenanceActionsThe name of the filter. Filter names are case-sensitive.
One or more filter values. Filter values are case-sensitive.
The maximum number of records to include in the response. If more records exist than the specified MaxRecords value, a pagination token called a marker is included in the response so you can retrieve the remaining results.
Default: 100
Constraints: Minimum 20, maximum 100.
DescribeCertificates request. If this parameter is specified, the response includes only records beyond the marker, up to the value specified by MaxRecords .dict
Response Syntax
{
'Certificates': [
{
'CertificateIdentifier': 'string',
'CertificateType': 'string',
'Thumbprint': 'string',
'ValidFrom': datetime(2015, 1, 1),
'ValidTill': datetime(2015, 1, 1),
'CertificateArn': 'string',
'CustomerOverride': True|False,
'CustomerOverrideValidTill': datetime(2015, 1, 1)
},
],
'Marker': 'string'
}
Response Structure
(dict) --
Data returned by the DescribeCertificates action.
Certificates (list) --
The list of Certificate objects for the Amazon Web Services account.
(dict) --
A CA certificate for an Amazon Web Services account.
For more information, see Using SSL/TLS to encrypt a connection to a DB instance in the Amazon RDS User Guide and Using SSL/TLS to encrypt a connection to a DB cluster in the Amazon Aurora User Guide .
CertificateIdentifier (string) --
The unique key that identifies a certificate.
CertificateType (string) --
The type of the certificate.
Thumbprint (string) --
The thumbprint of the certificate.
ValidFrom (datetime) --
The starting date from which the certificate is valid.
ValidTill (datetime) --
The final date that the certificate continues to be valid.
CertificateArn (string) --
The Amazon Resource Name (ARN) for the certificate.
CustomerOverride (boolean) --
Whether there is an override for the default certificate identifier.
CustomerOverrideValidTill (datetime) --
If there is an override for the default certificate identifier, when the override expires.
Marker (string) --
An optional pagination token provided by a previous DescribeCertificates request. If this parameter is specified, the response includes only records beyond the marker, up to the value specified by MaxRecords .
Exceptions
RDS.Client.exceptions.CertificateNotFoundFaultExamples
This example lists up to 20 certificates for the specified certificate identifier.
response = client.describe_certificates(
CertificateIdentifier='rds-ca-2015',
MaxRecords=20,
)
print(response)
Expected Output:
{
'ResponseMetadata': {
'...': '...',
},
}