:doc:`DatabaseMigrationService <../../dms>` / Client / import_certificate

******************
import_certificate
******************



.. py:method:: DatabaseMigrationService.Client.import_certificate(**kwargs)

  

  Uploads the specified certificate.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/dms-2016-01-01/ImportCertificate>`_  


  **Request Syntax**
  ::

    response = client.import_certificate(
        CertificateIdentifier='string',
        CertificatePem='string',
        CertificateWallet=b'bytes',
        Tags=[
            {
                'Key': 'string',
                'Value': 'string',
                'ResourceArn': 'string'
            },
        ],
        KmsKeyId='string'
    )
    
  :type CertificateIdentifier: string
  :param CertificateIdentifier: **[REQUIRED]** 

    A customer-assigned name for the certificate. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen or contain two consecutive hyphens.

    

  
  :type CertificatePem: string
  :param CertificatePem: 

    The contents of a ``.pem`` file, which contains an X.509 certificate.

    

  
  :type CertificateWallet: bytes
  :param CertificateWallet: 

    The location of an imported Oracle Wallet certificate for use with SSL. Provide the name of a ``.sso`` file using the ``fileb://`` prefix. You can't provide the certificate inline.

     

    Example: ``filebase64("${path.root}/rds-ca-2019-root.sso")``

    

  
  :type Tags: list
  :param Tags: 

    The tags associated with the certificate.

    

  
    - *(dict) --* 

      A user-defined key-value pair that describes metadata added to an DMS resource and that is used by operations such as the following:

       

      
      * ``AddTagsToResource``
       
      * ``ListTagsForResource``
       
      * ``RemoveTagsFromResource``
      

      

    
      - **Key** *(string) --* 

        A key is the required name of the tag. The string value can be 1-128 Unicode characters in length and can't be prefixed with "aws:" or "dms:". The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-' (Java regular expressions: "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-]*)$").

        

      
      - **Value** *(string) --* 

        A value is the optional value of the tag. The string value can be 1-256 Unicode characters in length and can't be prefixed with "aws:" or "dms:". The string can only contain only the set of Unicode letters, digits, white-space, '_', '.', '/', '=', '+', '-' (Java regular expressions: "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-]*)$").

        

      
      - **ResourceArn** *(string) --* 

        The Amazon Resource Name (ARN) string that uniquely identifies the resource for which the tag is created.

        

      
    

  :type KmsKeyId: string
  :param KmsKeyId: 

    An KMS key identifier that is used to encrypt the certificate.

     

    If you don't specify a value for the ``KmsKeyId`` parameter, then DMS uses your default encryption key.

     

    KMS creates the default encryption key for your Amazon Web Services account. Your Amazon Web Services account has a different default encryption key for each Amazon Web Services Region.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'Certificate': {
              'CertificateIdentifier': 'string',
              'CertificateCreationDate': datetime(2015, 1, 1),
              'CertificatePem': 'string',
              'CertificateWallet': b'bytes',
              'CertificateArn': 'string',
              'CertificateOwner': 'string',
              'ValidFromDate': datetime(2015, 1, 1),
              'ValidToDate': datetime(2015, 1, 1),
              'SigningAlgorithm': 'string',
              'KeyLength': 123,
              'KmsKeyId': 'string'
          }
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **Certificate** *(dict) --* 

        The certificate to be uploaded.

        
        

        - **CertificateIdentifier** *(string) --* 

          A customer-assigned name for the certificate. Identifiers must begin with a letter and must contain only ASCII letters, digits, and hyphens. They can't end with a hyphen or contain two consecutive hyphens.

          
        

        - **CertificateCreationDate** *(datetime) --* 

          The date that the certificate was created.

          
        

        - **CertificatePem** *(string) --* 

          The contents of a ``.pem`` file, which contains an X.509 certificate.

          
        

        - **CertificateWallet** *(bytes) --* 

          The location of an imported Oracle Wallet certificate for use with SSL. Example: ``filebase64("${path.root}/rds-ca-2019-root.sso")``

          
        

        - **CertificateArn** *(string) --* 

          The Amazon Resource Name (ARN) for the certificate.

          
        

        - **CertificateOwner** *(string) --* 

          The owner of the certificate.

          
        

        - **ValidFromDate** *(datetime) --* 

          The beginning date that the certificate is valid.

          
        

        - **ValidToDate** *(datetime) --* 

          The final date that the certificate is valid.

          
        

        - **SigningAlgorithm** *(string) --* 

          The signing algorithm for the certificate.

          
        

        - **KeyLength** *(integer) --* 

          The key length of the cryptographic algorithm being used.

          
        

        - **KmsKeyId** *(string) --* 

          An KMS key identifier that is used to encrypt the certificate.

           

          If you don't specify a value for the ``KmsKeyId`` parameter, then DMS uses your default encryption key.

           

          KMS creates the default encryption key for your Amazon Web Services account. Your Amazon Web Services account has a different default encryption key for each Amazon Web Services Region.

          
    
  
  **Exceptions**
  
  *   :py:class:`DatabaseMigrationService.Client.exceptions.ResourceAlreadyExistsFault`

  
  *   :py:class:`DatabaseMigrationService.Client.exceptions.InvalidCertificateFault`

  
  *   :py:class:`DatabaseMigrationService.Client.exceptions.ResourceQuotaExceededFault`

  
  *   :py:class:`DatabaseMigrationService.Client.exceptions.KMSKeyNotAccessibleFault`

  

  **Examples**

  Uploads the specified certificate.
  ::

    response = client.import_certificate(
        CertificateIdentifier='',
        CertificatePem='',
    )
    
    print(response)

  
  Expected Output:
  ::

    {
        'Certificate': {
        },
        'ResponseMetadata': {
            '...': '...',
        },
    }

  