IAMRolesAnywhere / Client / import_crl

import_crl#

IAMRolesAnywhere.Client.import_crl(**kwargs)#

Imports the certificate revocation list (CRL). A CRL is a list of certificates that have been revoked by the issuing certificate Authority (CA).In order to be properly imported, a CRL must be in PEM format. IAM Roles Anywhere validates against the CRL before issuing credentials.

Required permissions: rolesanywhere:ImportCrl.

See also: AWS API Documentation

Request Syntax

response = client.import_crl(
    crlData=b'bytes',
    enabled=True|False,
    name='string',
    tags=[
        {
            'key': 'string',
            'value': 'string'
        },
    ],
    trustAnchorArn='string'
)
Parameters:
  • crlData (bytes) –

    [REQUIRED]

    The x509 v3 specified certificate revocation list (CRL).

  • enabled (boolean) – Specifies whether the certificate revocation list (CRL) is enabled.

  • name (string) –

    [REQUIRED]

    The name of the certificate revocation list (CRL).

  • tags (list) –

    A list of tags to attach to the certificate revocation list (CRL).

    • (dict) –

      A label that consists of a key and value you define.

      • key (string) – [REQUIRED]

        The tag key.

      • value (string) – [REQUIRED]

        The tag value.

  • trustAnchorArn (string) –

    [REQUIRED]

    The ARN of the TrustAnchor the certificate revocation list (CRL) will provide revocation for.

Return type:

dict

Returns:

Response Syntax

{
    'crl': {
        'createdAt': datetime(2015, 1, 1),
        'crlArn': 'string',
        'crlData': b'bytes',
        'crlId': 'string',
        'enabled': True|False,
        'name': 'string',
        'trustAnchorArn': 'string',
        'updatedAt': datetime(2015, 1, 1)
    }
}

Response Structure

  • (dict) –

    • crl (dict) –

      The state of the certificate revocation list (CRL) after a read or write operation.

      • createdAt (datetime) –

        The ISO-8601 timestamp when the certificate revocation list (CRL) was created.

      • crlArn (string) –

        The ARN of the certificate revocation list (CRL).

      • crlData (bytes) –

        The state of the certificate revocation list (CRL) after a read or write operation.

      • crlId (string) –

        The unique identifier of the certificate revocation list (CRL).

      • enabled (boolean) –

        Indicates whether the certificate revocation list (CRL) is enabled.

      • name (string) –

        The name of the certificate revocation list (CRL).

      • trustAnchorArn (string) –

        The ARN of the TrustAnchor the certificate revocation list (CRL) will provide revocation for.

      • updatedAt (datetime) –

        The ISO-8601 timestamp when the certificate revocation list (CRL) was last updated.

Exceptions

  • IAMRolesAnywhere.Client.exceptions.ValidationException

  • IAMRolesAnywhere.Client.exceptions.AccessDeniedException