AWS ACM PCA Certificate Authority Certificate
This page shows how to write Terraform and CloudFormation for ACM PCA Certificate Authority Certificate and write them securely.
aws_acmpca_certificate_authority_certificate (Terraform)
The Certificate Authority Certificate in ACM PCA can be configured in Terraform with the resource name aws_acmpca_certificate_authority_certificate
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
An example could not be found in GitHub.
Parameters
-
certificate
required - string -
certificate_authority_arn
required - string -
certificate_chain
optional - string -
id
optional computed - string
Explanation in Terraform Registry
Associates a certificate with an AWS Certificate Manager Private Certificate Authority (ACM PCA Certificate Authority). An ACM PCA Certificate Authority is unable to issue certificates until it has a certificate associated with it. A root level ACM PCA Certificate Authority is able to self-sign its own root certificate.
AWS::ACMPCA::CertificateAuthority (CloudFormation)
The CertificateAuthority in ACMPCA can be configured in CloudFormation with the resource name AWS::ACMPCA::CertificateAuthority
. The following sections describe 9 examples of how to use the resource and its parameters.
Example Usage from GitHub
Type: AWS::ACMPCA::CertificateAuthority
Properties:
Type: ROOT
KeyAlgorithm: RSA_2048
SigningAlgorithm: SHA256WITHRSA
Subject:
Type: AWS::ACMPCA::CertificateAuthority
Properties:
Type: ROOT
KeyAlgorithm: RSA_2048
SigningAlgorithm: SHA256WITHRSA
Subject:
Type: 'AWS::ACMPCA::CertificateAuthority'
Properties:
Type: ROOT
KeyAlgorithm: RSA_2048
SigningAlgorithm: SHA256WITHRSA
Subject:
Type: AWS::ACMPCA::CertificateAuthority
Properties:
Type: ROOT
KeyAlgorithm: RSA_2048
SigningAlgorithm: SHA256WITHRSA
Subject:
Type: AWS::ACMPCA::CertificateAuthority
Properties:
Type: ROOT
KeyAlgorithm: RSA_2048
SigningAlgorithm: SHA256WITHRSA
Subject:
"Type": "AWS::ACMPCA::CertificateAuthority",
"Properties": {
"KeyAlgorithm": "RSA_2048",
"RevocationConfiguration": {
"CrlConfiguration": {
"Enabled": false
"resourceType": "AWS::ACMPCA::CertificateAuthority",
"filePath": null
},
{
"resourceType": "AWS::ACMPCA::CertificateAuthorityActivation",
"filePath": null
"AWS::ACMPCA::CertificateAuthority.Subject": {
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-subject.html",
"Properties": {
"Country": {
"Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-acmpca-certificateauthority-subject.html#cfn-acmpca-certificateauthority-subject-country",
"UpdateType": "Immutable",
"AWS::ACMPCA::CertificateAuthority": {
"Type": "AWS::ACMPCA::CertificateAuthority",
"Properties": {}
},
"AWS::GlobalAccelerator::Accelerator": {
"Type": "AWS::GlobalAccelerator::Accelerator",
Parameters
-
Type
required - String -
KeyAlgorithm
required - String -
SigningAlgorithm
required - String -
Subject
required - Subject -
RevocationConfiguration
optional - RevocationConfiguration -
Tags
optional - List of Tag -
CsrExtensions
optional - CsrExtensions -
KeyStorageSecurityStandard
optional - String
Explanation in CloudFormation Registry
Use the
AWS::ACMPCA::CertificateAuthority
resource to create a private CA. Once the CA exists, you can use theAWS::ACMPCA::Certificate
resource to issue a new CA certificate. Alternatively, you can issue a CA certificate using an on-premises CA, and then use theAWS::ACMPCA::CertificateAuthorityActivation
resource to import the new CA certificate and activate the CA.Note Before removing a
AWS::ACMPCA::CertificateAuthority
resource from the CloudFormation stack, disable the affected CA. Otherwise, the action will fail. You can disable the CA by removing its associatedAWS::ACMPCA::CertificateAuthorityActivation
resource from CloudFormation.
Frequently asked questions
What is AWS ACM PCA Certificate Authority Certificate?
AWS ACM PCA Certificate Authority Certificate is a resource for ACM PCA of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.
Where can I find the example code for the AWS ACM PCA Certificate Authority Certificate?
For CloudFormation, the saaish/AppMesh, ft20006/aws-app-mesh-examples and gmcorral/acm-tools source code examples are useful. See the CloudFormation Example section for further details.