AWS cli documentation change
Summary
Added support for filtering certificates by key pair origin (AWS_MANAGED, ACME, CUSTOMER_PROVIDED) and updated navigation links. Added note about default exclusion of ACME certificates.
Security assessment
The change introduces filtering capability for certificate origins including ACME certificates, but doesn't address any specific vulnerability or security incident. The added note clarifies default behavior but doesn't document security features or mitigations.
Diff
diff --git a/cli/latest/reference/acm/list-certificates.md b/cli/latest/reference/acm/list-certificates.md index a72cf101a..acedad472 100644 --- a//cli/latest/reference/acm/list-certificates.md +++ b//cli/latest/reference/acm/list-certificates.md @@ -14,2 +14,2 @@ - * [previous](import-certificate.html "import-certificate") | - * [AWS CLI 2.35.11 Command Reference](../../index.html) » + * [previous](list-acme-external-account-bindings.html "list-acme-external-account-bindings") | + * [AWS CLI 2.35.13 Command Reference](../../index.html) » @@ -22 +22 @@ - * [← import-certificate](import-certificate.html "previous chapter \(use the left arrow\)") / + * [← list-acme-external-account-bindings](list-acme-external-account-bindings.html "previous chapter \(use the left arrow\)") / @@ -61,0 +62,4 @@ Retrieves a list of certificate ARNs and domain names. You can request that only +### Note + +By default, this action does not return certificates with a `CertificateKeyPairOrigin` of `ACME` . To include ACME certificates, specify `ACME` in the `CertificateKeyPairOrigins` filter. + @@ -70,0 +75 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/acm-20 + [--certificate-key-pair-origins <value>] @@ -119,0 +125,29 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/acm-20 +Syntax: + + + "string" "string" ... + + +`--certificate-key-pair-origins` (list) + +> Filter the certificate list by certificate key pair origin. Specify one or more `CertificateKeyPairOrigin` values. Default filtering returns only certificates with key pair origin of `AWS_MANAGED` and `CUSTOMER_PROVIDED` . +> +> Constraints: +> +> * min: `1` +> * max: `3` +> + +> +> (string) +> +>> The origin of the certificate’s key pair. +>> +>> Possible values: +>> +>> * `AWS_MANAGED` +>> * `ACME` +>> * `CUSTOMER_PROVIDED` +>> + + @@ -655 +689 @@ CertificateSummaryList -> (list) ->>> Indicates whether the certificate has been exported. This value exists only when the certificate type is `PRIVATE` . +>>> Indicates whether the certificate has been exported. @@ -700,0 +735,12 @@ CertificateSummaryList -> (list) +>> +>> CertificateKeyPairOrigin -> (string) +>> +>>> The origin of the certificate’s key pair. +>>> +>>> Possible values: +>>> +>>> * `AWS_MANAGED` +>>> * `ACME` +>>> * `CUSTOMER_PROVIDED` +>>> + @@ -702 +748 @@ CertificateSummaryList -> (list) - * [← import-certificate](import-certificate.html "previous chapter \(use the left arrow\)") / + * [← list-acme-external-account-bindings](list-acme-external-account-bindings.html "previous chapter \(use the left arrow\)") / @@ -711,2 +757,2 @@ CertificateSummaryList -> (list) - * [previous](import-certificate.html "import-certificate") | - * [AWS CLI 2.35.11 Command Reference](../../index.html) » + * [previous](list-acme-external-account-bindings.html "list-acme-external-account-bindings") | + * [AWS CLI 2.35.13 Command Reference](../../index.html) »