DescribeCertificateAuthorityAuditReport - AWS Private Certificate Authority
Request SyntaxRequest ParametersResponse SyntaxResponse ElementsErrorsExamplesSee Also

DescribeCertificateAuthorityAuditReport

Lists information about a specific audit report created by calling the CreateCertificateAuthorityAuditReport action. Audit information is created every time the certificate authority (CA) private key is used. The private key is used when you call the IssueCertificate action or the RevokeCertificate action.

Request Syntax

{
   "AuditReportId": "string",
   "CertificateAuthorityArn": "string"
}

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

AuditReportId

The report ID returned by calling the CreateCertificateAuthorityAuditReport action.

Type: String

Length Constraints: Fixed length of 36.

Pattern: [a-z0-9]{8}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{12}

Required: Yes

CertificateAuthorityArn

The Amazon Resource Name (ARN) of the private CA. This must be of the form:

arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012 .

Type: String

Length Constraints: Minimum length of 5. Maximum length of 200.

Pattern: arn:[\w+=/,.@-]+:acm-pca:[\w+=/,.@-]*:[0-9]*:[\w+=,.@-]+(/[\w+=,.@-]+)*

Required: Yes

Response Syntax

{
   "AuditReportStatus": "string",
   "CreatedAt": number,
   "S3BucketName": "string",
   "S3Key": "string"
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

AuditReportStatus

Specifies whether report creation is in progress, has succeeded, or has failed.

Type: String

Valid Values: CREATING | SUCCESS | FAILED

CreatedAt

The date and time at which the report was created.

Type: Timestamp

S3BucketName

Name of the S3 bucket that contains the report.

Type: String

Length Constraints: Minimum length of 3. Maximum length of 63.

S3Key

S3 key that uniquely identifies the report file in your S3 bucket.

Type: String

Length Constraints: Maximum length of 1024.

Errors

For information about the errors that are common to all actions, see Common Errors.

InvalidArgsException

One or more of the specified arguments was not valid.

HTTP Status Code: 400

InvalidArnException

The requested Amazon Resource Name (ARN) does not refer to an existing resource.

HTTP Status Code: 400

ResourceNotFoundException

A resource such as a private CA, S3 bucket, certificate, audit report, or policy cannot be found.

HTTP Status Code: 400

Examples

Example

This example illustrates one usage of DescribeCertificateAuthorityAuditReport.

Sample Request

POST / HTTP/1.1
Host: acm-pca.amazonaws.com
Accept-Encoding: identity
Content-Length: 185
X-Amz-Target: ACMPrivateCA.DescribeCertificateAuthorityAuditReport
X-Amz-Date: 20180226T185916Z
User-Agent: aws-cli/1.14.28 Python/2.7.9 Windows/8 botocore/1.8.32
Content-Type: application/x-amz-json-1.1
Authorization: AWS4-HMAC-SHA256 Credential=AWS_Access_Key_ID/20180226/AWS_Region/acm-pca/aws4_request, 
SignedHeaders=content-type;host;x-amz-date;x-amz-target, 
Signature=96531073ea22cc7057267543f332911b97a5db830dca85a74a7324c9737cee7a

{
  "AuditReportId": "11111111-2222-3333-4444-555555555555",
  "CertificateAuthorityArn": "arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012"
}

Example

This example illustrates one usage of DescribeCertificateAuthorityAuditReport.

Sample Response

HTTP/1.1 200 OK
Date: Tue, 15 May 2018 16:33:26 GMT
Content-Type: application/xget-amz-json-1.1
Content-Length: 211
x-amzn-RequestId: 3af6a588-856c-48eb-81ab-f2f08fbc618c
Connection: keep-alive

{
  "AuditReportStatus": "SUCCESS",
  "CreatedAt": 1.526401743081E9,
  "S3BucketName": "your-bucket-name",
  "S3Key": "audit-report/PCA_ID/Audit_Report_ID.json"
}

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: