For general-purpose connectors. Creates a challenge password for the specified connector. The SCEP protocol uses a challenge password to authenticate a request before issuing a certificate from a certificate authority (CA). Your SCEP clients include the challenge password as part of their certificate request to Connector for SCEP. To retrieve the connector Amazon Resource Names (ARNs) for the connectors in your account, call ListConnectors.
To create additional challenge passwords for the connector, call CreateChallenge again. We recommend frequently rotating your challenge passwords.
Creates a SCEP connector. A SCEP connector links Amazon Web Services Private Certificate Authority to your SCEP-compatible devices and mobile device management (MDM) systems. Before you create a connector, you must complete a set of prerequisites, including creation of a private certificate authority (CA) to use with this connector. For more information, see Connector for SCEP prerequisites.
" }, "DeleteChallenge":{ "name":"DeleteChallenge", "http":{ "method":"DELETE", "requestUri":"/challenges/{ChallengeArn}", "responseCode":202 }, "input":{"shape":"DeleteChallengeRequest"}, "errors":[ {"shape":"ResourceNotFoundException"}, {"shape":"InternalServerException"}, {"shape":"ValidationException"}, {"shape":"ThrottlingException"}, {"shape":"AccessDeniedException"}, {"shape":"ConflictException"} ], "documentation":"Deletes the specified Challenge.
", "idempotent":true }, "DeleteConnector":{ "name":"DeleteConnector", "http":{ "method":"DELETE", "requestUri":"/connectors/{ConnectorArn}", "responseCode":202 }, "input":{"shape":"DeleteConnectorRequest"}, "errors":[ {"shape":"ResourceNotFoundException"}, {"shape":"InternalServerException"}, {"shape":"ValidationException"}, {"shape":"ThrottlingException"}, {"shape":"AccessDeniedException"}, {"shape":"ConflictException"} ], "documentation":"Deletes the specified Connector. This operation also deletes any challenges associated with the connector.
", "idempotent":true }, "GetChallengeMetadata":{ "name":"GetChallengeMetadata", "http":{ "method":"GET", "requestUri":"/challengeMetadata/{ChallengeArn}", "responseCode":200 }, "input":{"shape":"GetChallengeMetadataRequest"}, "output":{"shape":"GetChallengeMetadataResponse"}, "errors":[ {"shape":"ResourceNotFoundException"}, {"shape":"InternalServerException"}, {"shape":"ValidationException"}, {"shape":"ThrottlingException"}, {"shape":"AccessDeniedException"} ], "documentation":"Retrieves the metadata for the specified Challenge.
" }, "GetChallengePassword":{ "name":"GetChallengePassword", "http":{ "method":"GET", "requestUri":"/challengePasswords/{ChallengeArn}", "responseCode":200 }, "input":{"shape":"GetChallengePasswordRequest"}, "output":{"shape":"GetChallengePasswordResponse"}, "errors":[ {"shape":"ResourceNotFoundException"}, {"shape":"InternalServerException"}, {"shape":"ValidationException"}, {"shape":"ThrottlingException"}, {"shape":"AccessDeniedException"} ], "documentation":"Retrieves the challenge password for the specified Challenge.
" }, "GetConnector":{ "name":"GetConnector", "http":{ "method":"GET", "requestUri":"/connectors/{ConnectorArn}", "responseCode":200 }, "input":{"shape":"GetConnectorRequest"}, "output":{"shape":"GetConnectorResponse"}, "errors":[ {"shape":"ResourceNotFoundException"}, {"shape":"InternalServerException"}, {"shape":"ValidationException"}, {"shape":"ThrottlingException"}, {"shape":"AccessDeniedException"} ], "documentation":"Retrieves details about the specified Connector. Calling this action returns important details about the connector, such as the public SCEP URL where your clients can request certificates.
" }, "ListChallengeMetadata":{ "name":"ListChallengeMetadata", "http":{ "method":"GET", "requestUri":"/challengeMetadata", "responseCode":200 }, "input":{"shape":"ListChallengeMetadataRequest"}, "output":{"shape":"ListChallengeMetadataResponse"}, "errors":[ {"shape":"ResourceNotFoundException"}, {"shape":"InternalServerException"}, {"shape":"ValidationException"}, {"shape":"ThrottlingException"}, {"shape":"AccessDeniedException"} ], "documentation":"Retrieves the challenge metadata for the specified ARN.
" }, "ListConnectors":{ "name":"ListConnectors", "http":{ "method":"GET", "requestUri":"/connectors", "responseCode":200 }, "input":{"shape":"ListConnectorsRequest"}, "output":{"shape":"ListConnectorsResponse"}, "errors":[ {"shape":"InternalServerException"}, {"shape":"ValidationException"}, {"shape":"ThrottlingException"}, {"shape":"AccessDeniedException"} ], "documentation":"Lists the connectors belonging to your Amazon Web Services account.
" }, "ListTagsForResource":{ "name":"ListTagsForResource", "http":{ "method":"GET", "requestUri":"/tags/{ResourceArn}", "responseCode":200 }, "input":{"shape":"ListTagsForResourceRequest"}, "output":{"shape":"ListTagsForResourceResponse"}, "errors":[ {"shape":"ResourceNotFoundException"}, {"shape":"InternalServerException"}, {"shape":"ValidationException"}, {"shape":"ThrottlingException"}, {"shape":"AccessDeniedException"} ], "documentation":"Retrieves the tags associated with the specified resource. Tags are key-value pairs that you can use to categorize and manage your resources, for purposes like billing. For example, you might set the tag key to \"customer\" and the value to the customer name or ID. You can specify one or more tags to add to each Amazon Web Services resource, up to 50 tags for a resource.
" }, "TagResource":{ "name":"TagResource", "http":{ "method":"POST", "requestUri":"/tags/{ResourceArn}", "responseCode":204 }, "input":{"shape":"TagResourceRequest"}, "errors":[ {"shape":"ResourceNotFoundException"}, {"shape":"InternalServerException"}, {"shape":"ValidationException"}, {"shape":"ThrottlingException"}, {"shape":"AccessDeniedException"} ], "documentation":"Adds one or more tags to your resource.
" }, "UntagResource":{ "name":"UntagResource", "http":{ "method":"DELETE", "requestUri":"/tags/{ResourceArn}", "responseCode":204 }, "input":{"shape":"UntagResourceRequest"}, "errors":[ {"shape":"ResourceNotFoundException"}, {"shape":"InternalServerException"}, {"shape":"ValidationException"}, {"shape":"ThrottlingException"}, {"shape":"AccessDeniedException"} ], "documentation":"Removes one or more tags from your resource.
", "idempotent":true } }, "shapes":{ "AccessDeniedException":{ "type":"structure", "required":["Message"], "members":{ "Message":{"shape":"String"} }, "documentation":"You can receive this error if you attempt to perform an operation and you don't have the required permissions. This can be caused by insufficient permissions in policies attached to your Amazon Web Services Identity and Access Management (IAM) principal. It can also happen because of restrictions in place from an Amazon Web Services Organizations service control policy (SCP) that affects your Amazon Web Services account.
", "error":{ "httpStatusCode":403, "senderFault":true }, "exception":true }, "AzureApplicationId":{ "type":"string", "max":100, "min":15, "pattern":"[a-zA-Z0-9]{2,15}-[a-zA-Z0-9]{2,15}-[a-zA-Z0-9]{2,15}-[a-zA-Z0-9]{2,15}-[a-zA-Z0-9]{2,15}" }, "AzureDomain":{ "type":"string", "max":256, "min":1, "pattern":"[a-zA-Z0-9._-]+" }, "BadRequestException":{ "type":"structure", "required":["Message"], "members":{ "Message":{"shape":"String"} }, "documentation":"The request is malformed or contains an error such as an invalid parameter value or a missing required parameter.
", "error":{ "httpStatusCode":400, "senderFault":true }, "exception":true }, "CertificateAuthorityArn":{ "type":"string", "max":200, "min":5, "pattern":"arn:aws(-[a-z]+)*:acm-pca:[a-z]+(-[a-z]+)+-[1-9]\\d*:\\d{12}:certificate-authority\\/[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}" }, "Challenge":{ "type":"structure", "members":{ "Arn":{ "shape":"ChallengeArn", "documentation":"The Amazon Resource Name (ARN) of the challenge.
" }, "ConnectorArn":{ "shape":"ConnectorArn", "documentation":"The Amazon Resource Name (ARN) of the connector.
" }, "CreatedAt":{ "shape":"Timestamp", "documentation":"The date and time that the challenge was created.
" }, "UpdatedAt":{ "shape":"Timestamp", "documentation":"The date and time that the challenge was updated.
" }, "Password":{ "shape":"SensitiveString", "documentation":"The SCEP challenge password, in UUID format.
" } }, "documentation":"For Connector for SCEP for general-purpose. An object containing information about the specified connector's SCEP challenge passwords.
" }, "ChallengeArn":{ "type":"string", "max":200, "min":5, "pattern":"arn:aws(-[a-z]+)*:pca-connector-scep:[a-z]+(-[a-z]+)+-[1-9]\\d*:\\d{12}:connector\\/[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}\\/challenge\\/[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}" }, "ChallengeMetadata":{ "type":"structure", "members":{ "Arn":{ "shape":"ChallengeArn", "documentation":"The Amazon Resource Name (ARN) of the challenge.
" }, "ConnectorArn":{ "shape":"ConnectorArn", "documentation":"The Amazon Resource Name (ARN) of the connector.
" }, "CreatedAt":{ "shape":"Timestamp", "documentation":"The date and time that the connector was created.
" }, "UpdatedAt":{ "shape":"Timestamp", "documentation":"The date and time that the connector was updated.
" } }, "documentation":"Contains details about the connector's challenge.
" }, "ChallengeMetadataList":{ "type":"list", "member":{"shape":"ChallengeMetadataSummary"} }, "ChallengeMetadataSummary":{ "type":"structure", "members":{ "Arn":{ "shape":"ChallengeArn", "documentation":"The Amazon Resource Name (ARN) of the challenge.
" }, "ConnectorArn":{ "shape":"ConnectorArn", "documentation":"The Amazon Resource Name (ARN) of the connector.
" }, "CreatedAt":{ "shape":"Timestamp", "documentation":"The date and time that the challenge was created.
" }, "UpdatedAt":{ "shape":"Timestamp", "documentation":"The date and time that the challenge was updated.
" } }, "documentation":"Details about the specified challenge, returned by the GetChallengeMetadata action.
" }, "ClientToken":{ "type":"string", "max":64, "min":1, "pattern":"[!-~]+" }, "ConflictException":{ "type":"structure", "required":[ "Message", "ResourceId", "ResourceType" ], "members":{ "Message":{"shape":"String"}, "ResourceId":{ "shape":"String", "documentation":"The identifier of the Amazon Web Services resource.
" }, "ResourceType":{ "shape":"String", "documentation":"The resource type, which can be either Connector or Challenge.
This request can't be completed for one of the following reasons because the requested resource was being concurrently modified by another request.
", "error":{ "httpStatusCode":409, "senderFault":true }, "exception":true }, "Connector":{ "type":"structure", "members":{ "Arn":{ "shape":"ConnectorArn", "documentation":"The Amazon Resource Name (ARN) of the connector.
" }, "CertificateAuthorityArn":{ "shape":"CertificateAuthorityArn", "documentation":"The Amazon Resource Name (ARN) of the certificate authority associated with the connector.
" }, "Type":{ "shape":"ConnectorType", "documentation":"The connector type.
" }, "MobileDeviceManagement":{ "shape":"MobileDeviceManagement", "documentation":"Contains settings relevant to the mobile device management system that you chose for the connector. If you didn't configure MobileDeviceManagement, then the connector is for general-purpose use and this object is empty.
Contains OpenID Connect (OIDC) parameters for use with Connector for SCEP for Microsoft Intune. For more information about using Connector for SCEP for Microsoft Intune, see Using Connector for SCEP for Microsoft Intune.
" }, "Status":{ "shape":"ConnectorStatus", "documentation":"The connector's status.
" }, "StatusReason":{ "shape":"ConnectorStatusReason", "documentation":"Information about why connector creation failed, if status is FAILED.
The connector's HTTPS public SCEP URL.
" }, "CreatedAt":{ "shape":"Timestamp", "documentation":"The date and time that the connector was created.
" }, "UpdatedAt":{ "shape":"Timestamp", "documentation":"The date and time that the connector was updated.
" } }, "documentation":"Connector for SCEP is a service that links Amazon Web Services Private Certificate Authority to your SCEP-enabled devices. The connector brokers the exchange of certificates from Amazon Web Services Private CA to your SCEP-enabled devices and mobile device management systems. The connector is a complex type that contains the connector's configuration settings.
" }, "ConnectorArn":{ "type":"string", "max":200, "min":5, "pattern":"arn:aws(-[a-z]+)*:pca-connector-scep:[a-z]+(-[a-z]+)+-[1-9]\\d*:\\d{12}:connector\\/[0-9a-f]{8}(-[0-9a-f]{4}){3}-[0-9a-f]{12}" }, "ConnectorList":{ "type":"list", "member":{"shape":"ConnectorSummary"} }, "ConnectorStatus":{ "type":"string", "enum":[ "CREATING", "ACTIVE", "DELETING", "FAILED" ] }, "ConnectorStatusReason":{ "type":"string", "enum":[ "INTERNAL_FAILURE", "PRIVATECA_ACCESS_DENIED", "PRIVATECA_INVALID_STATE", "PRIVATECA_RESOURCE_NOT_FOUND" ] }, "ConnectorSummary":{ "type":"structure", "members":{ "Arn":{ "shape":"ConnectorArn", "documentation":"The Amazon Resource Name (ARN) of the connector.
" }, "CertificateAuthorityArn":{ "shape":"CertificateAuthorityArn", "documentation":"The Amazon Resource Name (ARN) of the connector's associated certificate authority.
" }, "Type":{ "shape":"ConnectorType", "documentation":"The connector type.
" }, "MobileDeviceManagement":{ "shape":"MobileDeviceManagement", "documentation":"Contains settings relevant to the mobile device management system that you chose for the connector. If you didn't configure MobileDeviceManagement, then the connector is for general-purpose use and this object is empty.
Contains OpenID Connect (OIDC) parameters for use with Microsoft Intune.
" }, "Status":{ "shape":"ConnectorStatus", "documentation":"The connector's status. Status can be creating, active, deleting, or failed.
" }, "StatusReason":{ "shape":"ConnectorStatusReason", "documentation":"Information about why connector creation failed, if status is FAILED.
The connector's HTTPS public SCEP URL.
" }, "CreatedAt":{ "shape":"Timestamp", "documentation":"The date and time that the challenge was created.
" }, "UpdatedAt":{ "shape":"Timestamp", "documentation":"The date and time that the challenge was updated.
" } }, "documentation":"Lists the Amazon Web Services Private CA SCEP connectors belonging to your Amazon Web Services account.
" }, "ConnectorType":{ "type":"string", "enum":[ "GENERAL_PURPOSE", "INTUNE" ] }, "CreateChallengeRequest":{ "type":"structure", "required":["ConnectorArn"], "members":{ "ConnectorArn":{ "shape":"ConnectorArn", "documentation":"The Amazon Resource Name (ARN) of the connector that you want to create a challenge for.
" }, "ClientToken":{ "shape":"ClientToken", "documentation":"Custom string that can be used to distinguish between calls to the CreateChallenge action. Client tokens for CreateChallenge time out after five minutes. Therefore, if you call CreateChallenge multiple times with the same client token within five minutes, Connector for SCEP recognizes that you are requesting only one challenge and will only respond with one. If you change the client token for each call, Connector for SCEP recognizes that you are requesting multiple challenge passwords.
The key-value pairs to associate with the resource.
" } } }, "CreateChallengeResponse":{ "type":"structure", "members":{ "Challenge":{ "shape":"Challenge", "documentation":"Returns the challenge details for the specified connector.
" } } }, "CreateConnectorRequest":{ "type":"structure", "required":["CertificateAuthorityArn"], "members":{ "CertificateAuthorityArn":{ "shape":"CertificateAuthorityArn", "documentation":"The Amazon Resource Name (ARN) of the Amazon Web Services Private Certificate Authority certificate authority to use with this connector. Due to security vulnerabilities present in the SCEP protocol, we recommend using a private CA that's dedicated for use with the connector.
To retrieve the private CAs associated with your account, you can call ListCertificateAuthorities using the Amazon Web Services Private CA API.
" }, "MobileDeviceManagement":{ "shape":"MobileDeviceManagement", "documentation":"If you don't supply a value, by default Connector for SCEP creates a connector for general-purpose use. A general-purpose connector is designed to work with clients or endpoints that support the SCEP protocol, except Connector for SCEP for Microsoft Intune. With connectors for general-purpose use, you manage SCEP challenge passwords using Connector for SCEP. For information about considerations and limitations with using Connector for SCEP, see Considerations and Limitations.
If you provide an IntuneConfiguration, Connector for SCEP creates a connector for use with Microsoft Intune, and you manage the challenge passwords using Microsoft Intune. For more information, see Using Connector for SCEP for Microsoft Intune.
Custom string that can be used to distinguish between calls to the CreateChallenge action. Client tokens for CreateChallenge time out after five minutes. Therefore, if you call CreateChallenge multiple times with the same client token within five minutes, Connector for SCEP recognizes that you are requesting only one challenge and will only respond with one. If you change the client token for each call, Connector for SCEP recognizes that you are requesting multiple challenge passwords.
The key-value pairs to associate with the resource.
" } } }, "CreateConnectorResponse":{ "type":"structure", "members":{ "ConnectorArn":{ "shape":"ConnectorArn", "documentation":"Returns the Amazon Resource Name (ARN) of the connector.
" } } }, "DeleteChallengeRequest":{ "type":"structure", "required":["ChallengeArn"], "members":{ "ChallengeArn":{ "shape":"ChallengeArn", "documentation":"The Amazon Resource Name (ARN) of the challenge password to delete.
", "location":"uri", "locationName":"ChallengeArn" } } }, "DeleteConnectorRequest":{ "type":"structure", "required":["ConnectorArn"], "members":{ "ConnectorArn":{ "shape":"ConnectorArn", "documentation":"The Amazon Resource Name (ARN) of the connector to delete.
", "location":"uri", "locationName":"ConnectorArn" } } }, "GetChallengeMetadataRequest":{ "type":"structure", "required":["ChallengeArn"], "members":{ "ChallengeArn":{ "shape":"ChallengeArn", "documentation":"The Amazon Resource Name (ARN) of the challenge.
", "location":"uri", "locationName":"ChallengeArn" } } }, "GetChallengeMetadataResponse":{ "type":"structure", "members":{ "ChallengeMetadata":{ "shape":"ChallengeMetadata", "documentation":"The metadata for the challenge.
" } } }, "GetChallengePasswordRequest":{ "type":"structure", "required":["ChallengeArn"], "members":{ "ChallengeArn":{ "shape":"ChallengeArn", "documentation":"The Amazon Resource Name (ARN) of the challenge.
", "location":"uri", "locationName":"ChallengeArn" } } }, "GetChallengePasswordResponse":{ "type":"structure", "members":{ "Password":{ "shape":"SensitiveString", "documentation":"The SCEP challenge password.
" } } }, "GetConnectorRequest":{ "type":"structure", "required":["ConnectorArn"], "members":{ "ConnectorArn":{ "shape":"ConnectorArn", "documentation":"The Amazon Resource Name (ARN) of the connector.
", "location":"uri", "locationName":"ConnectorArn" } } }, "GetConnectorResponse":{ "type":"structure", "members":{ "Connector":{ "shape":"Connector", "documentation":"The properties of the connector.
" } } }, "InternalServerException":{ "type":"structure", "required":["Message"], "members":{ "Message":{"shape":"String"} }, "documentation":"The request processing has failed because of an unknown error, exception or failure with an internal server.
", "error":{"httpStatusCode":500}, "exception":true, "fault":true, "retryable":{"throttling":false} }, "IntuneConfiguration":{ "type":"structure", "required":[ "AzureApplicationId", "Domain" ], "members":{ "AzureApplicationId":{ "shape":"AzureApplicationId", "documentation":"The directory (tenant) ID from your Microsoft Entra ID app registration.
" }, "Domain":{ "shape":"AzureDomain", "documentation":"The primary domain from your Microsoft Entra ID app registration.
" } }, "documentation":"Contains configuration details for use with Microsoft Intune. For information about using Connector for SCEP for Microsoft Intune, see Using Connector for SCEP for Microsoft Intune.
When you use Connector for SCEP for Microsoft Intune, certain functionalities are enabled by accessing Microsoft Intune through the Microsoft API. Your use of the Connector for SCEP and accompanying Amazon Web Services services doesn't remove your need to have a valid license for your use of the Microsoft Intune service. You should also review the Microsoft IntuneĀ® App Protection Policies.
" }, "ListChallengeMetadataRequest":{ "type":"structure", "required":["ConnectorArn"], "members":{ "MaxResults":{ "shape":"MaxResults", "documentation":"The maximum number of objects that you want Connector for SCEP to return for this request. If more objects are available, in the response, Connector for SCEP provides a NextToken value that you can use in a subsequent call to get the next batch of objects.
When you request a list of objects with a MaxResults setting, if the number of objects that are still available for retrieval exceeds the maximum you requested, Connector for SCEP returns a NextToken value in the response. To retrieve the next batch of objects, use the token returned from the prior request in your next request.
The Amazon Resource Name (ARN) of the connector.
", "location":"querystring", "locationName":"ConnectorArn" } } }, "ListChallengeMetadataResponse":{ "type":"structure", "members":{ "Challenges":{ "shape":"ChallengeMetadataList", "documentation":"The challenge metadata for the challenges belonging to your Amazon Web Services account.
" }, "NextToken":{ "shape":"NextToken", "documentation":"When you request a list of objects with a MaxResults setting, if the number of objects that are still available for retrieval exceeds the maximum you requested, Connector for SCEP returns a NextToken value in the response. To retrieve the next batch of objects, use the token returned from the prior request in your next request.
The maximum number of objects that you want Connector for SCEP to return for this request. If more objects are available, in the response, Connector for SCEP provides a NextToken value that you can use in a subsequent call to get the next batch of objects.
When you request a list of objects with a MaxResults setting, if the number of objects that are still available for retrieval exceeds the maximum you requested, Connector for SCEP returns a NextToken value in the response. To retrieve the next batch of objects, use the token returned from the prior request in your next request.
The connectors belonging to your Amazon Web Services account.
" }, "NextToken":{ "shape":"NextToken", "documentation":"When you request a list of objects with a MaxResults setting, if the number of objects that are still available for retrieval exceeds the maximum you requested, Connector for SCEP returns a NextToken value in the response. To retrieve the next batch of objects, use the token returned from the prior request in your next request.
The Amazon Resource Name (ARN) of the resource.
", "location":"uri", "locationName":"ResourceArn" } } }, "ListTagsForResourceResponse":{ "type":"structure", "members":{ "Tags":{ "shape":"Tags", "documentation":"The key-value pairs to associate with the resource.
" } } }, "MaxResults":{ "type":"integer", "box":true, "max":1000, "min":1 }, "MobileDeviceManagement":{ "type":"structure", "members":{ "Intune":{ "shape":"IntuneConfiguration", "documentation":"Configuration settings for use with Microsoft Intune. For information about using Connector for SCEP for Microsoft Intune, see Using Connector for SCEP for Microsoft Intune.
" } }, "documentation":"If you don't supply a value, by default Connector for SCEP creates a connector for general-purpose use. A general-purpose connector is designed to work with clients or endpoints that support the SCEP protocol, except Connector for SCEP for Microsoft Intune. For information about considerations and limitations with using Connector for SCEP, see Considerations and Limitations.
If you provide an IntuneConfiguration, Connector for SCEP creates a connector for use with Microsoft Intune, and you manage the challenge passwords using Microsoft Intune. For more information, see Using Connector for SCEP for Microsoft Intune.
The issuer value to copy into your Microsoft Entra app registration's OIDC.
" }, "Subject":{ "shape":"String", "documentation":"The subject value to copy into your Microsoft Entra app registration's OIDC.
" }, "Audience":{ "shape":"String", "documentation":"The audience value to copy into your Microsoft Entra app registration's OIDC.
" } }, "documentation":"Contains OpenID Connect (OIDC) parameters for use with Microsoft Intune. For more information about using Connector for SCEP for Microsoft Intune, see Using Connector for SCEP for Microsoft Intune.
" }, "ResourceNotFoundException":{ "type":"structure", "required":[ "Message", "ResourceId", "ResourceType" ], "members":{ "Message":{"shape":"String"}, "ResourceId":{ "shape":"String", "documentation":"The identifier of the Amazon Web Services resource.
" }, "ResourceType":{ "shape":"String", "documentation":"The resource type, which can be either Connector or Challenge.
The operation tried to access a nonexistent resource. The resource might be incorrectly specified, or it might have a status other than ACTIVE.
The resource type, which can be either Connector or Challenge.
Identifies the originating service.
" }, "QuotaCode":{ "shape":"String", "documentation":"The quota identifier.
" } }, "documentation":"The request would cause a service quota to be exceeded.
", "error":{ "httpStatusCode":402, "senderFault":true }, "exception":true }, "String":{"type":"string"}, "TagKeyList":{ "type":"list", "member":{"shape":"String"} }, "TagResourceRequest":{ "type":"structure", "required":[ "ResourceArn", "Tags" ], "members":{ "ResourceArn":{ "shape":"String", "documentation":"The Amazon Resource Name (ARN) of the resource.
", "location":"uri", "locationName":"ResourceArn" }, "Tags":{ "shape":"Tags", "documentation":"The key-value pairs to associate with the resource.
" } } }, "Tags":{ "type":"map", "key":{"shape":"String"}, "value":{"shape":"String"} }, "ThrottlingException":{ "type":"structure", "required":["Message"], "members":{ "Message":{"shape":"String"} }, "documentation":"The limit on the number of requests per second was exceeded.
", "error":{ "httpStatusCode":429, "senderFault":true }, "exception":true, "retryable":{"throttling":true} }, "Timestamp":{"type":"timestamp"}, "UntagResourceRequest":{ "type":"structure", "required":[ "ResourceArn", "TagKeys" ], "members":{ "ResourceArn":{ "shape":"String", "documentation":"The Amazon Resource Name (ARN) of the resource.
", "location":"uri", "locationName":"ResourceArn" }, "TagKeys":{ "shape":"TagKeyList", "documentation":"Specifies a list of tag keys that you want to remove from the specified resources.
", "location":"querystring", "locationName":"tagKeys" } } }, "ValidationException":{ "type":"structure", "required":["Message"], "members":{ "Message":{"shape":"String"}, "Reason":{ "shape":"ValidationExceptionReason", "documentation":"The reason for the validation error, if available. The service doesn't return a reason for every validation exception.
" } }, "documentation":"An input validation error occurred. For example, invalid characters in a name tag, or an invalid pagination token.
", "error":{ "httpStatusCode":400, "senderFault":true }, "exception":true }, "ValidationExceptionReason":{ "type":"string", "enum":[ "CA_CERT_VALIDITY_TOO_SHORT", "INVALID_CA_USAGE_MODE", "INVALID_CONNECTOR_TYPE", "INVALID_STATE", "NO_CLIENT_TOKEN", "UNKNOWN_OPERATION", "OTHER" ] } }, "documentation":"Connector for SCEP creates a connector between Amazon Web Services Private CA and your SCEP-enabled clients and devices. For more information, see Connector for SCEP in the Amazon Web Services Private CA User Guide.
" }