Creating a certificate authority
The following CloudTrail example shows the results of a call to the CreateCertificateAuthority operation.
{
"eventVersion":"1.05",
"userIdentity":{
"type":"IAMUser",
"principalId":"account",
"arn":"arn:aws:iam::account:user/nameaccount",
"accessKeyId":"key_ID"
},
"eventTime":"2018-01-26T21:22:33Z",
"eventSource":"acm-pca.amazonaws.com",
"eventName":"CreateCertificateAuthority",
"awsRegion":"region",
"sourceIPAddress":"IP_address",
"userAgent":"agent",
"requestParameters":{
"certificateAuthorityConfiguration":{
"keyType":"RSA2048",
"signingAlgorithm":"SHA256WITHRSA",
"subject":{
"country":"US",
"organization":"Example Company",
"organizationalUnit":"Corp",
"state":"WA",
"commonName":"www.example.com",
"locality":"Seattle"
}
},
"revocationConfiguration":{
"crlConfiguration":{
"enabled":true,
"expirationInDays":3650,
"customCname":"your-custom-name",
"s3BucketName":"your-bucket-name"
}
},
"certificateAuthorityType":"SUBORDINATE",
"idempotencyToken":"98256344"
},
"responseElements":{
"certificateAuthorityArn":"arn:aws:acm-pca:us-east-1:111122223333:certificate-authority/11223344-1234-1122-2233-112233445566"
},
"requestID":"request_ID",
"eventID":"event_ID",
"eventType":"AwsApiCall",
"recipientAccountId":"account"
}