CreateCertificateProvider
Creates an Amazon IoT Core certificate provider. You can use Amazon IoT Core certificate provider to customize how to sign a certificate signing request (CSR) in Amazon IoT fleet provisioning. For more information, see Customizing certificate signing using Amazon IoT Core certificate provider from Amazon IoT Core Developer Guide.
Requires permission to access the CreateCertificateProvider action.
Important
After you create a certificate provider, the behavior of CreateCertificateFromCsr API for fleet provisioning will
change and all API calls to CreateCertificateFromCsr will invoke the
certificate provider to create the certificates. It can take up to a few minutes for
this behavior to change after a certificate provider is created.
Request Syntax
POST /certificate-providers/certificateProviderName HTTP/1.1
Content-type: application/json
{
"accountDefaultForOperations": [ "string" ],
"clientToken": "string",
"lambdaFunctionArn": "string",
"tags": [
{
"Key": "string",
"Value": "string"
}
]
}URI Request Parameters
The request uses the following URI parameters.
- certificateProviderName
-
The name of the certificate provider.
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern:
[\w=,@-]+Required: Yes
Request Body
The request accepts the following data in JSON format.
- accountDefaultForOperations
-
A list of the operations that the certificate provider will use to generate certificates. Valid value:
CreateCertificateFromCsr.Type: Array of strings
Array Members: Fixed number of 1 item.
Valid Values:
CreateCertificateFromCsrRequired: Yes
- clientToken
-
A string that you can optionally pass in the
CreateCertificateProviderrequest to make sure the request is idempotent.Type: String
Length Constraints: Minimum length of 36. Maximum length of 64.
Pattern:
\S{36,64}Required: No
- lambdaFunctionArn
-
The ARN of the Lambda function that defines the authentication logic.
Type: String
Length Constraints: Maximum length of 2048.
Pattern:
[\s\S]*Required: Yes
-
Metadata which can be used to manage the certificate provider.
Type: Array of Tag objects
Required: No
Response Syntax
HTTP/1.1 200
Content-type: application/json
{
"certificateProviderArn": "string",
"certificateProviderName": "string"
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- certificateProviderArn
-
The ARN of the certificate provider.
Type: String
Length Constraints: Maximum length of 2048.
- certificateProviderName
-
The name of the certificate provider.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern:
[\w=,@-]+
Errors
- InternalFailureException
-
An unexpected error has occurred.
- message
-
The message for the exception.
HTTP Status Code: 500
- InvalidRequestException
-
The request is not valid.
- message
-
The message for the exception.
HTTP Status Code: 400
- LimitExceededException
-
A limit has been exceeded.
- message
-
The message for the exception.
HTTP Status Code: 410
- ResourceAlreadyExistsException
-
The resource already exists.
- message
-
The message for the exception.
- resourceArn
-
The ARN of the resource that caused the exception.
- resourceId
-
The ID of the resource that caused the exception.
HTTP Status Code: 409
- ServiceUnavailableException
-
The service is temporarily unavailable.
- message
-
The message for the exception.
HTTP Status Code: 503
- ThrottlingException
-
The rate exceeds the limit.
- message
-
The message for the exception.
HTTP Status Code: 400
- UnauthorizedException
-
You are not authorized to perform this operation.
- message
-
The message for the exception.
HTTP Status Code: 401
See Also
For more information about using this API in one of the language-specific Amazon SDKs, see the following: