ImportCrl - IAM Roles Anywhere
Request SyntaxURI Request ParametersRequest BodyResponse SyntaxResponse ElementsErrorsSee Also

ImportCrl

Imports the certificate revocation list (CRL). A CRL is a list of certificates that have been revoked by the issuing certificate Authority (CA).In order to be properly imported, a CRL must be in PEM format. IAM Roles Anywhere validates against the CRL before issuing credentials.

Required permissions: rolesanywhere:ImportCrl.

Request Syntax

POST /crls HTTP/1.1
Content-type: application/json

{
   "crlData": blob,
   "enabled": boolean,
   "name": "string",
   "tags": [ 
      { 
         "key": "string",
         "value": "string"
      }
   ],
   "trustAnchorArn": "string"
}

URI Request Parameters

The request does not use any URI parameters.

Request Body

The request accepts the following data in JSON format.

crlData

The x509 v3 specified certificate revocation list (CRL).

Type: Base64-encoded binary data object

Length Constraints: Minimum length of 1. Maximum length of 300000.

Required: Yes

enabled

Specifies whether the certificate revocation list (CRL) is enabled.

Type: Boolean

Required: No

name

The name of the certificate revocation list (CRL).

Type: String

Length Constraints: Minimum length of 1. Maximum length of 255.

Pattern: ^[ a-zA-Z0-9-_]*$

Required: Yes

tags

A list of tags to attach to the certificate revocation list (CRL).

Type: Array of Tag objects

Array Members: Minimum number of 0 items. Maximum number of 200 items.

Required: No

trustAnchorArn

The ARN of the TrustAnchor the certificate revocation list (CRL) will provide revocation for.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 1011.

Pattern: ^arn:aws(-[^:]+)?:rolesanywhere(:.*){2}(:trust-anchor.*)$

Required: Yes

Response Syntax

HTTP/1.1 201
Content-type: application/json

{
   "crl": { 
      "createdAt": "string",
      "crlArn": "string",
      "crlData": blob,
      "crlId": "string",
      "enabled": boolean,
      "name": "string",
      "trustAnchorArn": "string",
      "updatedAt": "string"
   }
}

Response Elements

If the action is successful, the service sends back an HTTP 201 response.

The following data is returned in JSON format by the service.

crl

The state of the certificate revocation list (CRL) after a read or write operation.

Type: CrlDetail object

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

You do not have sufficient access to perform this action.

HTTP Status Code: 403

ValidationException

Validation exception error.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: