AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.
Transfers the specified certificate to the specified Amazon Web Services account.
Requires permission to access the TransferCertificate action.
You can cancel the transfer until it is acknowledged by the recipient.
No notification is sent to the transfer destination's account. It's up to the caller to notify the transfer target.
The certificate being transferred must not be in the ACTIVE state. You can
use the UpdateCertificate action to deactivate it.
The certificate must not have any policies attached to it. You can use the DetachPolicy action to detach them.
Customer managed key behavior: When you use a customer managed key to secure your data and then transfer the key to a customer in a different account using the TransferCertificate operation, the certificates will no longer be protected by their customer managed key configuration. During the transfer process, certificates are encrypted using IoT owned keys.
While a certificate is in the PENDING_TRANSFER state, it's always protected by IoT owned keys, regardless of the customer managed key configuration of either the source or destination account.
Once the transfer is completed through AcceptCertificateTransfer, RejectCertificateTransfer, or CancelCertificateTransfer, the certificate will be protected by the customer managed key configuration of the account that owns the certificate after the transfer operation:
If the transfer is accepted: The certificate is protected by the destination account's customer managed key configuration.
If the transfer is rejected or cancelled: The certificate is protected by the source account's customer managed key configuration.
This is an asynchronous operation using the standard naming convention for .NET 4.7.2 or higher.
Namespace: Amazon.IoT
Assembly: AWSSDK.IoT.dll
Version: 3.x.y.z
public virtual Task<TransferCertificateResponse> TransferCertificateAsync( String certificateId, String targetAwsAccount, CancellationToken cancellationToken )
The ID of the certificate. (The last part of the certificate ARN contains the certificate ID.)
The Amazon Web Services account.
A cancellation token that can be used by other objects or threads to receive notice of cancellation.
| Exception | Condition |
|---|---|
| CertificateStateException | The certificate operation is not allowed. |
| InternalFailureException | An unexpected error has occurred. |
| InvalidRequestException | The request is not valid. |
| ResourceNotFoundException | The specified resource does not exist. |
| ServiceUnavailableException | The service is temporarily unavailable. |
| ThrottlingException | The rate exceeds the limit. |
| TransferConflictException | You can't transfer the certificate because authorization policies are still attached. |
| UnauthorizedException | You are not authorized to perform this operation. |
.NET:
Supported in: 8.0 and newer, Core 3.1
.NET Standard:
Supported in: 2.0
.NET Framework:
Supported in: 4.7.2 and newer