Amazon Relational Database Service

2023/10/02 - Amazon Relational Database Service - 1 updated api methods

Changes  Adds DefaultCertificateForNewLaunches field in the DescribeCertificates API response.

DescribeCertificates (updated) Link ΒΆ
Changes (response)
{'DefaultCertificateForNewLaunches': 'string'}

Lists the set of certificate authority (CA) certificates provided by Amazon RDS for this Amazon Web Services account.

For more information, see Using SSL/TLS to encrypt a connection to a DB instance in the Amazon RDS User Guide and Using SSL/TLS to encrypt a connection to a DB cluster in the Amazon Aurora User Guide .

See also: AWS API Documentation

Request Syntax

            'Name': 'string',
            'Values': [
type CertificateIdentifier


param CertificateIdentifier

The user-supplied certificate identifier. If this parameter is specified, information for only the identified certificate is returned. This parameter isn't case-sensitive.


  • Must match an existing CertificateIdentifier.

type Filters


param Filters

This parameter isn't currently supported.

  • (dict) --

    A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as IDs. The filters supported by a describe operation are documented with the describe operation.


    Currently, wildcards are not supported in filters.

    The following actions can be filtered:

    • DescribeDBClusterBacktracks

    • DescribeDBClusterEndpoints

    • DescribeDBClusters

    • DescribeDBInstances

    • DescribePendingMaintenanceActions

    • Name (string) -- [REQUIRED]

      The name of the filter. Filter names are case-sensitive.

    • Values (list) -- [REQUIRED]

      One or more filter values. Filter values are case-sensitive.

      • (string) --

type MaxRecords


param MaxRecords

The maximum number of records to include in the response. If more records exist than the specified MaxRecords value, a pagination token called a marker is included in the response so you can retrieve the remaining results.

Default: 100

Constraints: Minimum 20, maximum 100.

type Marker


param Marker

An optional pagination token provided by a previous DescribeCertificates request. If this parameter is specified, the response includes only records beyond the marker, up to the value specified by MaxRecords .




Response Syntax

    'DefaultCertificateForNewLaunches': 'string',
    'Certificates': [
            'CertificateIdentifier': 'string',
            'CertificateType': 'string',
            'Thumbprint': 'string',
            'ValidFrom': datetime(2015, 1, 1),
            'ValidTill': datetime(2015, 1, 1),
            'CertificateArn': 'string',
            'CustomerOverride': True|False,
            'CustomerOverrideValidTill': datetime(2015, 1, 1)
    'Marker': 'string'

Response Structure

  • (dict) --

    Data returned by the DescribeCertificates action.

    • DefaultCertificateForNewLaunches (string) --

      The default root CA for new databases created by your Amazon Web Services account. This is either the root CA override set on your Amazon Web Services account or the system default CA for the Region if no override exists. To override the default CA, use the ModifyCertificates operation.

    • Certificates (list) --

      The list of Certificate objects for the Amazon Web Services account.

      • (dict) --

        A CA certificate for an Amazon Web Services account.

        For more information, see Using SSL/TLS to encrypt a connection to a DB instance in the Amazon RDS User Guide and Using SSL/TLS to encrypt a connection to a DB cluster in the Amazon Aurora User Guide .

        • CertificateIdentifier (string) --

          The unique key that identifies a certificate.

        • CertificateType (string) --

          The type of the certificate.

        • Thumbprint (string) --

          The thumbprint of the certificate.

        • ValidFrom (datetime) --

          The starting date from which the certificate is valid.

        • ValidTill (datetime) --

          The final date that the certificate continues to be valid.

        • CertificateArn (string) --

          The Amazon Resource Name (ARN) for the certificate.

        • CustomerOverride (boolean) --

          Whether there is an override for the default certificate identifier.

        • CustomerOverrideValidTill (datetime) --

          If there is an override for the default certificate identifier, when the override expires.

    • Marker (string) --

      An optional pagination token provided by a previous DescribeCertificates request. If this parameter is specified, the response includes only records beyond the marker, up to the value specified by MaxRecords .