:doc:`IoT <../../iot>` / Client / update_domain_configuration

***************************
update_domain_configuration
***************************



.. py:method:: IoT.Client.update_domain_configuration(**kwargs)

  

  Updates values stored in the domain configuration. Domain configurations for default endpoints can't be updated.

   

  Requires permission to access the `UpdateDomainConfiguration <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions>`__ action.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/iot-2015-05-28/UpdateDomainConfiguration>`_  


  **Request Syntax**
  ::

    response = client.update_domain_configuration(
        domainConfigurationName='string',
        authorizerConfig={
            'defaultAuthorizerName': 'string',
            'allowAuthorizerOverride': True|False
        },
        domainConfigurationStatus='ENABLED'|'DISABLED',
        removeAuthorizerConfig=True|False,
        tlsConfig={
            'securityPolicy': 'string'
        },
        serverCertificateConfig={
            'enableOCSPCheck': True|False,
            'ocspLambdaArn': 'string',
            'ocspAuthorizedResponderArn': 'string'
        },
        authenticationType='CUSTOM_AUTH_X509'|'CUSTOM_AUTH'|'AWS_X509'|'AWS_SIGV4'|'DEFAULT',
        applicationProtocol='SECURE_MQTT'|'MQTT_WSS'|'HTTPS'|'DEFAULT',
        clientCertificateConfig={
            'clientCertificateCallbackArn': 'string'
        }
    )
    
  :type domainConfigurationName: string
  :param domainConfigurationName: **[REQUIRED]** 

    The name of the domain configuration to be updated.

    

  
  :type authorizerConfig: dict
  :param authorizerConfig: 

    An object that specifies the authorization service for a domain.

    

  
    - **defaultAuthorizerName** *(string) --* 

      The name of the authorization service for a domain configuration.

      

    
    - **allowAuthorizerOverride** *(boolean) --* 

      A Boolean that specifies whether the domain configuration's authorization service can be overridden.

      

    
  
  :type domainConfigurationStatus: string
  :param domainConfigurationStatus: 

    The status to which the domain configuration should be updated.

    

  
  :type removeAuthorizerConfig: boolean
  :param removeAuthorizerConfig: 

    Removes the authorization configuration from a domain.

    

  
  :type tlsConfig: dict
  :param tlsConfig: 

    An object that specifies the TLS configuration for a domain.

    

  
    - **securityPolicy** *(string) --* 

      The security policy for a domain configuration. For more information, see `Security policies <https://docs.aws.amazon.com/iot/latest/developerguide/transport-security.html#tls-policy-table>`__ in the *Amazon Web Services IoT Core developer guide*.

      

    
  
  :type serverCertificateConfig: dict
  :param serverCertificateConfig: 

    The server certificate configuration.

    

  
    - **enableOCSPCheck** *(boolean) --* 

      A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not.

       

      For more information, see `Server certificate configuration for OCSP stapling <https://docs.aws.amazon.com/iot/latest/developerguide/iot-custom-endpoints-cert-config.html>`__ from Amazon Web Services IoT Core Developer Guide.

      

    
    - **ocspLambdaArn** *(string) --* 

      The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same Amazon Web Services account and region as the domain configuration. For more information, see `Configuring server certificate OCSP for private endpoints in Amazon Web Services IoT Core <https://docs.aws.amazon.com/iot/latest/developerguide/iot-custom-endpoints-cert-config.html#iot-custom-endpoints-cert-config-ocsp-private-endpoint.html>`__ from the Amazon Web Services IoT Core developer guide.

      

    
    - **ocspAuthorizedResponderArn** *(string) --* 

      The Amazon Resource Name (ARN) for an X.509 certificate stored in Amazon Web Services Certificate Manager (ACM). If provided, Amazon Web Services IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same Amazon Web Services account and region as the domain configuration.

      

    
  
  :type authenticationType: string
  :param authenticationType: 

    An enumerated string that speciﬁes the authentication type.

     

    
    * ``CUSTOM_AUTH_X509`` - Use custom authentication and authorization with additional details from the X.509 client certificate.
    

     

    
    * ``CUSTOM_AUTH`` - Use custom authentication and authorization. For more information, see `Custom authentication and authorization <https://docs.aws.amazon.com/iot/latest/developerguide/custom-authentication.html>`__.
    

     

    
    * ``AWS_X509`` - Use X.509 client certificates without custom authentication and authorization. For more information, see `X.509 client certificates <https://docs.aws.amazon.com/iot/latest/developerguide/x509-client-certs.html>`__.
    

     

    
    * ``AWS_SIGV4`` - Use Amazon Web Services Signature Version 4. For more information, see `IAM users, groups, and roles <https://docs.aws.amazon.com/iot/latest/developerguide/custom-authentication.html>`__.
    

     

    
    * ``DEFAULT`` - Use a combination of port and Application Layer Protocol Negotiation (ALPN) to specify authentication type. For more information, see `Device communication protocols <https://docs.aws.amazon.com/iot/latest/developerguide/protocols.html>`__.
    

    

  
  :type applicationProtocol: string
  :param applicationProtocol: 

    An enumerated string that speciﬁes the application-layer protocol.

     

    
    * ``SECURE_MQTT`` - MQTT over TLS.
    

     

    
    * ``MQTT_WSS`` - MQTT over WebSocket.
    

     

    
    * ``HTTPS`` - HTTP over TLS.
    

     

    
    * ``DEFAULT`` - Use a combination of port and Application Layer Protocol Negotiation (ALPN) to specify application_layer protocol. For more information, see `Device communication protocols <https://docs.aws.amazon.com/iot/latest/developerguide/protocols.html>`__.
    

    

  
  :type clientCertificateConfig: dict
  :param clientCertificateConfig: 

    An object that speciﬁes the client certificate conﬁguration for a domain.

    

  
    - **clientCertificateCallbackArn** *(string) --* 

      The ARN of the Lambda function that IoT invokes after mutual TLS authentication during the connection.

      

    
  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'domainConfigurationName': 'string',
          'domainConfigurationArn': 'string'
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **domainConfigurationName** *(string) --* 

        The name of the domain configuration that was updated.

        
      

      - **domainConfigurationArn** *(string) --* 

        The ARN of the domain configuration that was updated.

        
  
  **Exceptions**
  
  *   :py:class:`IoT.Client.exceptions.ResourceNotFoundException`

  
  *   :py:class:`IoT.Client.exceptions.CertificateValidationException`

  
  *   :py:class:`IoT.Client.exceptions.InvalidRequestException`

  
  *   :py:class:`IoT.Client.exceptions.ThrottlingException`

  
  *   :py:class:`IoT.Client.exceptions.UnauthorizedException`

  
  *   :py:class:`IoT.Client.exceptions.ServiceUnavailableException`

  
  *   :py:class:`IoT.Client.exceptions.InternalFailureException`

  