RDS / Client / describe_certificates

describe_certificates#

RDS.Client.describe_certificates(**kwargs)#

Lists the set of CA certificates provided by Amazon RDS for this Amazon Web Services account.

For more information, see Using SSL/TLS to encrypt a connection to a DB instance in the Amazon RDS User Guide and Using SSL/TLS to encrypt a connection to a DB cluster in the Amazon Aurora User Guide.

See also: AWS API Documentation

Request Syntax

response = client.describe_certificates(
    CertificateIdentifier='string',
    Filters=[
        {
            'Name': 'string',
            'Values': [
                'string',
            ]
        },
    ],
    MaxRecords=123,
    Marker='string'
)
Parameters:

  • CertificateIdentifier (string) –

    The user-supplied certificate identifier. If this parameter is specified, information for only the identified certificate is returned. This parameter isn’t case-sensitive.

    Constraints:

    • Must match an existing CertificateIdentifier.

  • Filters (list) –

    This parameter isn’t currently supported.

    • (dict) –

      A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as IDs. The filters supported by a describe operation are documented with the describe operation.

      Note

      Currently, wildcards are not supported in filters.

      The following actions can be filtered:

      • DescribeDBClusterBacktracks

      • DescribeDBClusterEndpoints

      • DescribeDBClusters

      • DescribeDBInstances

      • DescribePendingMaintenanceActions

      • Name (string) – [REQUIRED]

        The name of the filter. Filter names are case-sensitive.

      • Values (list) – [REQUIRED]

        One or more filter values. Filter values are case-sensitive.

        • (string) –

  • MaxRecords (integer) –

    The maximum number of records to include in the response. If more records exist than the specified MaxRecords value, a pagination token called a marker is included in the response so you can retrieve the remaining results.

    Default: 100

    Constraints: Minimum 20, maximum 100.

  • Marker (string) – An optional pagination token provided by a previous DescribeCertificates request. If this parameter is specified, the response includes only records beyond the marker, up to the value specified by MaxRecords.

Return type:

dict

Returns:

Response Syntax

{
    'Certificates': [
        {
            'CertificateIdentifier': 'string',
            'CertificateType': 'string',
            'Thumbprint': 'string',
            'ValidFrom': datetime(2015, 1, 1),
            'ValidTill': datetime(2015, 1, 1),
            'CertificateArn': 'string',
            'CustomerOverride': True|False,
            'CustomerOverrideValidTill': datetime(2015, 1, 1)
        },
    ],
    'Marker': 'string'
}

Response Structure

  • (dict) –

    Data returned by the DescribeCertificates action.

    • Certificates (list) –

      The list of Certificate objects for the Amazon Web Services account.

      • (dict) –

        A CA certificate for an Amazon Web Services account.

        For more information, see Using SSL/TLS to encrypt a connection to a DB instance in the Amazon RDS User Guide and Using SSL/TLS to encrypt a connection to a DB cluster in the Amazon Aurora User Guide.

        • CertificateIdentifier (string) –

          The unique key that identifies a certificate.

        • CertificateType (string) –

          The type of the certificate.

        • Thumbprint (string) –

          The thumbprint of the certificate.

        • ValidFrom (datetime) –

          The starting date from which the certificate is valid.

        • ValidTill (datetime) –

          The final date that the certificate continues to be valid.

        • CertificateArn (string) –

          The Amazon Resource Name (ARN) for the certificate.

        • CustomerOverride (boolean) –

          Whether there is an override for the default certificate identifier.

        • CustomerOverrideValidTill (datetime) –

          If there is an override for the default certificate identifier, when the override expires.

    • Marker (string) –

      An optional pagination token provided by a previous DescribeCertificates request. If this parameter is specified, the response includes only records beyond the marker, up to the value specified by MaxRecords .

Exceptions

  • RDS.Client.exceptions.CertificateNotFoundFault

Examples

This example lists up to 20 certificates for the specified certificate identifier.

response = client.describe_certificates(
    CertificateIdentifier='rds-ca-2015',
    MaxRecords=20,
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}