Signing certificates can be activated and deactivated. By default, newly-uploaded certifictes are active.
certificate = iam.signing_certificates.upload(cert_body) certificate.status #=> :active certificate.deactivate! certificate.active? #=> false
## Contents
You can access the certificate contents you uploaded:
> puts certificate.contents -----BEGIN CERTIFICATE----- MIICdzCCAeCgAwIBAgIFGS4fY6owDQYJKoZIhvcNAQEFBQAwUzELMAkGA1UEBhMC ...... Glli79yh87PRi0vNDlFEoHXNynkvC/c4TiWruZ4haM9BR9EdWr1DBNNu73ui093K F9TbdXSWdgMl7E0= -----END CERTIFICATE-----
## User
A certificate can also return the user it belongs to. If the certificate belongs to the AWS account, then {#user} will return `nil`.
user = iam.users['someuser'].signing_certificates.first user.name #=> 'someuser'
@attr_reader [String] contents Returns the contents of this
signing certificate.
@attr_reader [Time] upload_date
@attr_reader [Symbol] status The status of this signing
certificate. Status may be `:active` or `:inactive`.
@return [String] Returns the signing certificate's ID.
@return [User,nil] Returns the user this cerficiate belongs to.
Returns `nil` if the cerficiate is a root credential for the account. If the configured credentials belong to an IAM user, then that user is the implied owner.
@param [String] certificate_id The id of the signing certificate. @param [Hash] options @option options [User] :user
# File lib/aws/iam/signing_certificate.rb, line 61 def initialize certificate_id, options = {} @id = certificate_id @user = options[:user] @user ? super(@user, options) : super(options) end
Activates this signing cerificate.
@example
signing_certificate.activate! signing_certificate.status # => :active
@return [nil]
# File lib/aws/iam/signing_certificate.rb, line 121 def activate! self.status = 'Active' nil end
@return [Boolean] Returns true if this signing certificate is active.
# File lib/aws/iam/signing_certificate.rb, line 104 def active? status == :active end
Deactivates this signing cerificate.
@example
signing_certificate.deactivate! signing_certificate.status # => :inactive
@return [nil]
# File lib/aws/iam/signing_certificate.rb, line 134 def deactivate! self.status = 'Inactive' nil end
Deletes the signing certificate.
# File lib/aws/iam/signing_certificate.rb, line 140 def delete client.delete_signing_certificate(resource_options) nil end
@return [Boolean] Returns true if this signing certificate is inactive.
# File lib/aws/iam/signing_certificate.rb, line 109 def inactive? status == :inactive end
@return [String,nil] Returns the name of the user this certificate
belogns to. If the certificate belongs to the account, `nil` is returned.
# File lib/aws/iam/signing_certificate.rb, line 99 def user_name @user ? @user.name : nil end
IAM does not provide a request for “get signing certificate”. Also note, we do not page the response. This is because restrictions on how many certificates an account / user may have is fewer than one page of results. @api private
# File lib/aws/iam/signing_certificate.rb, line 160 def get_resource attribute options = user ? { :user_name => user.name } : {} client.list_signing_certificates(options) end
@api private
# File lib/aws/iam/signing_certificate.rb, line 167 def matches_response_object? obj user_name = obj.respond_to?(:user_name) ? obj.user_name : nil obj.certificate_id == self.id and user_name == self.user_name end
@api private
# File lib/aws/iam/signing_certificate.rb, line 147 def resource_identifiers identifiers = [] identifiers << [:certificate_id, id] identifiers << [:user_name, user.name] if user identifiers end