update_signing_certificate ( $certificate_id, $status, $opt )

Changes the status of the specified signing certificate from active to disabled, or vice versa. This action can be used to disable a user’s signing certificate as part of a certificate rotation work flow.

If the UserName field is not specified, the UserName is determined implicitly based on the AWS Access Key ID used to sign the request. Because this action works for access keys under the AWS account, this API can be used to manage root credentials even if the AWS account has no associated users.

For information about rotating certificates, see Managing Keys and Certificates in Using AWS Identity and Access Management.

Access

public

Parameters

Parameter

Type

Required

Description

$certificate_id

string

Required

The ID of the signing certificate you want to update. [Constraints: The value must be between 24 and 128 characters, and must match the following regular expression pattern: [\w]*]

$status

string

Required

The status you want to assign to the certificate. Active means the certificate can be used for API calls to AWS, while Inactive means the certificate cannot be used. [Allowed values: Active, Inactive]

$opt

array

Optional

An associative array of parameters that can have the following keys:

  • UserName - string - Optional - Name of the user the signing certificate belongs to. [Constraints: The value must be between 1 and 128 characters, and must match the following regular expression pattern: [\w+=,.@-]*]
  • curlopts - array - Optional - A set of values to pass directly into curl_setopt(), where the key is a pre-defined CURLOPT_* constant.
  • returnCurlHandle - boolean - Optional - A private toggle specifying that the cURL handle be returned rather than actually completing the request. This toggle is useful for manually managed batch requests.

Returns

Type

Description

CFResponse

A CFResponse object containing a parsed HTTP response.

Examples

Update the status of an X.509 signing certificate.

// Instantiate the class
$iam = new AmazonIAM();

$response = $iam->update_signing_certificate('H76F5K3WMTCK7KW2OTVKONTEYEXAMPLE', 'Inactive', array(
	'UserName' => 'johndoe2'
));

// Success?
var_dump($response->isOK());
Result:
bool(true)

Related Methods

Source

Method defined in services/iam.class.php | Toggle source view (8 lines) | View on GitHub

public function update_signing_certificate($certificate_id, $status, $opt = null)
{
    if (!$opt) $opt = array();
    $opt['CertificateId'] = $certificate_id;
    $opt['Status'] = $status;
    
    return $this->authenticate('UpdateSigningCertificate', $opt);
}

Copyright © 2010–2013 Amazon Web Services, LLC


Feedback