AWS Certificate Manager Private Certificate Authority
AWS Certificate Manager Private Certificate Authority provides you a highly-available private CA service without the upfront investment and ongoing maintenance costs of operating your own private CA. AWS Certificate Manager (ACM) Private Certificate Authority (CA) is a private CA service that extends ACM’s certificate management capabilities to both public and private certificates. ACM Private CA allows developers to be more agile by providing them APIs to create and deploy private certificates programmatically. You also have the flexibility to create private certificates for applications that require custom certificate lifetimes or resource names. With ACM Private CA, you can create and manage private certificates for your connected resources in one place with a secure, pay as you go, managed private CA service.
CA administrators can use ACM Private CA to create a complete CA hierarchy, including online root and subordinate CAs, with no need for external CAs. ACM Private CA also allows a hybrid hierarchy with offline and online CAs. A CA hierarchy provides strong security and restrictive access controls for the most-trusted root CA at the top of the trust chain, while allowing more permissive access and bulk certificate issuance for subordinate CAs lower in the chain. You can create secure and highly available CAs without building and maintaining your own on-premises CA infrastructure. You can share a CA across AWS accounts, or across your organization, to enable central management of your CAs with certificate issuance via ACM or directly from the CA. This reduces the number of CAs you need to manage and pay for, and it allows you to separate CA administration duties from certificate issuance.
Below are the cmdlets which are available with AWS Certificate Manager Private Certificate Authority
| CmdletName | ServiceOperation |
| Add-PCACertificateAuthorityTag | TagCertificateAuthority |
| Get-PCACertificate | GetCertificate |
| Get-PCACertificateAuthority | DescribeCertificateAuthority |
| Get-PCACertificateAuthorityAuditReport | DescribeCertificateAuthorityAuditReport |
| Get-PCACertificateAuthorityCertificate | GetCertificateAuthorityCertificate |
| Get-PCACertificateAuthorityCsr | GetCertificateAuthorityCsr |
| Get-PCACertificateAuthorityList | ListCertificateAuthorities |
| Get-PCACertificateAuthorityTagList | ListTags |
| Get-PCAPermissionList | ListPermissions |
| Import-PCACertificateAuthorityCertificate | ImportCertificateAuthorityCertificate |
| New-PCACertificate | IssueCertificate |
| New-PCACertificateAuthority | CreateCertificateAuthority |
| New-PCACertificateAuthorityAuditReport | CreateCertificateAuthorityAuditReport |
| New-PCAPermission | CreatePermission |
| Remove-PCACertificateAuthority | DeleteCertificateAuthority |
| Remove-PCACertificateAuthorityTag | UntagCertificateAuthority |
| Remove-PCAPermission | DeletePermission |
| Restore-PCACertificateAuthority | RestoreCertificateAuthority |
| Revoke-PCACertificate | RevokeCertificate |
| Update-PCACertificateAuthority | UpdateCertificateAuthority |
You can also check other AWS Services, and each services cmdlets we are providing.
