certificate_authority
Gets an individual certificate_authority resource
Overview
| Name | certificate_authority |
| Type | Resource |
| Description | certificate_authority |
| Id | awscc.acmpca.certificate_authority |
Fields
| Name | Datatype | Description |
|---|---|---|
arn | string | The Amazon Resource Name (ARN) of the certificate authority. |
type | string | The type of the certificate authority. |
key_algorithm | string | Public key algorithm and size, in bits, of the key pair that your CA creates when it issues a certificate. |
signing_algorithm | string | Algorithm your CA uses to sign certificate requests. |
subject | object | Structure that contains X.500 distinguished name information for your CA. |
revocation_configuration | object | Certificate revocation information used by the CreateCertificateAuthority and UpdateCertificateAuthority actions. |
tags | array | |
certificate_signing_request | string | The base64 PEM-encoded certificate signing request (CSR) for your certificate authority certificate. |
csr_extensions | object | Structure that contains CSR pass through extension information used by the CreateCertificateAuthority action. |
key_storage_security_standard | string | KeyStorageSecurityStadard defines a cryptographic key management compliance standard used for handling CA keys. |
usage_mode | string | Usage mode of the ceritificate authority. |
region | string | AWS region. |
Methods
Currently only SELECT is supported for this resource resource.
Example
SELECT
region,
arn,
type,
key_algorithm,
signing_algorithm,
subject,
revocation_configuration,
tags,
certificate_signing_request,
csr_extensions,
key_storage_security_standard,
usage_mode
FROM awscc.acmpca.certificate_authority
WHERE data__Identifier = '<Arn>';
Permissions
To operate on the certificate_authority resource, the following permissions are required:
Read
acm-pca:DescribeCertificateAuthority,
acm-pca:GetCertificateAuthorityCsr,
acm-pca:ListTags
Update
acm-pca:ListTags,
acm-pca:TagCertificateAuthority,
acm-pca:UntagCertificateAuthority,
acm-pca:UpdateCertificateAuthority
Delete
acm-pca:DeleteCertificateAuthority,
acm-pca:DescribeCertificateAuthority