Posted On: Dec 19, 2019

AWS Certificate Manager (ACM) Private Certificate Authority (CA) now emits Amazon CloudWatch Events. CloudWatch Events delivers a near real-time stream of system events that describe changes in Amazon Web Services (AWS) resources, enabling you to react selectively to events in the cloud. With this feature you can configure alerts, build event-driven workflows, and trigger custom logic based on events that are sent for certificate issuance, revocation, and other CA operations. For example, you can send a CloudWatch Event to notify you that something unexpected occurred, such as if a certificate is issued from a protected root CA with limited access or if your certificate revocation list (CRL) fails to update. With this feature, AWS publishes CloudWatch events for CA creation, certificate issuance, certificate revocation, audit report generation , and CRL generation.

ACM Private CA is a managed private CA service that helps you easily and securely manage the lifecycle of your private certificates. ACM Private CA provides you a highly-available private CA service without the upfront investment and ongoing maintenance costs of operating your own private CA. ACM Private CA extends ACM’s certificate management capabilities to private certificates, enabling you to manage public and private certificates centrally.  

For a list of regions where ACM Private CA is available, see AWS Regions and Endpoints.  

Visit the ACM Private CA documentation to learn more about the new CloudWatch events. To get started, first time ACM Private CA customers can try the service for 30 days with no charge for the operation of their first CA. Visit the ACM Private CA website to learn more about ACM Private CA.