ACM PCA Certificate Authority

This table represents the ACM PCA Certificate Authority resource from Amazon Web Services.

aws.acmpca_certificateauthority

Fields

TitleIDTypeData TypeDescription
_keycorestring
account_idcorestring
arncorestringAmazon Resource Name (ARN) for your private certificate authority (CA). The format is <code> <i>12345678-1234-1234-1234-123456789012</i> </code>.
certificate_authority_configurationcorejsonYour private CA configuration.
created_atcoretimestampDate and time at which your private CA was created.
failure_reasoncorestringReason the request to create your private CA failed.
key_storage_security_standardcorestringDefines a cryptographic key management compliance standard used for handling CA keys. Default: FIPS_140_2_LEVEL_3_OR_HIGHER Note: Amazon Web Services Region ap-northeast-3 supports only FIPS_140_2_LEVEL_2_OR_HIGHER. You must explicitly specify this parameter and value when creating a CA in that Region. Specifying a different value (or no value) results in an <code>InvalidArgsException</code> with the message "A certificate authority cannot be created in this region with the specified security standard."
last_state_change_atcoretimestampDate and time at which your private CA was last updated.
not_aftercoretimestampDate and time after which your private CA certificate is not valid.
not_beforecoretimestampDate and time before which your private CA certificate is not valid.
owner_accountcorestringThe Amazon Web Services account ID that owns the certificate authority.
restorable_untilcoretimestampThe period during which a deleted CA can be restored. For more information, see the <code>PermanentDeletionTimeInDays</code> parameter of the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_DeleteCertificateAuthorityRequest.html">DeleteCertificateAuthorityRequest</a> action.
revocation_configurationcorejsonInformation about the Online Certificate Status Protocol (OCSP) configuration or certificate revocation list (CRL) created and maintained by your private CA.
serialcorestringSerial number of your private CA.
statuscorestringStatus of your private CA.
tagscorehstore
typecorestringType of your private CA.
usage_modecorestringSpecifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days. The default value is GENERAL_PURPOSE.