DescribeCertificateAuthorityAuditReport
Lists information about a specific audit report created by calling the CreateCertificateAuthorityAuditReport action. Audit information is created every time the certificate authority (CA) private key is used. The private key is used when you call the IssueCertificate action or the RevokeCertificate action.
Request Syntax
{
"AuditReportId": "string
",
"CertificateAuthorityArn": "string
"
}
Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- AuditReportId
-
The report ID returned by calling the CreateCertificateAuthorityAuditReport action.
Type: String
Length Constraints: Fixed length of 36.
Pattern:
[a-z0-9]{8}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{4}-[a-z0-9]{12}
Required: Yes
- CertificateAuthorityArn
-
The Amazon Resource Name (ARN) of the private CA. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
.Type: String
Length Constraints: Minimum length of 5. Maximum length of 200.
Pattern:
arn:[\w+=/,.@-]+:acm-pca:[\w+=/,.@-]*:[0-9]*:[\w+=,.@-]+(/[\w+=,.@-]+)*
Required: Yes
Response Syntax
{
"AuditReportStatus": "string",
"CreatedAt": number,
"S3BucketName": "string",
"S3Key": "string"
}
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- AuditReportStatus
-
Specifies whether report creation is in progress, has succeeded, or has failed.
Type: String
Valid Values:
CREATING | SUCCESS | FAILED
- CreatedAt
-
The date and time at which the report was created.
Type: Timestamp
- S3BucketName
-
Name of the S3 bucket that contains the report.
Type: String
Length Constraints: Minimum length of 3. Maximum length of 63.
- S3Key
-
S3 key that uniquely identifies the report file in your S3 bucket.
Type: String
Length Constraints: Minimum length of 0. Maximum length of 1024.
Errors
For information about the errors that are common to all actions, see Common Errors.
- InvalidArgsException
-
One or more of the specified arguments was not valid.
HTTP Status Code: 400
- InvalidArnException
-
The requested Amazon Resource Name (ARN) does not refer to an existing resource.
HTTP Status Code: 400
- ResourceNotFoundException
-
A resource such as a private CA, S3 bucket, certificate, audit report, or policy cannot be found.
HTTP Status Code: 400
Examples
Example
This example illustrates one usage of DescribeCertificateAuthorityAuditReport.
Sample Request
POST / HTTP/1.1
Host: acm-pca.amazonaws.com
Accept-Encoding: identity
Content-Length: 185
X-Amz-Target: ACMPrivateCA.DescribeCertificateAuthorityAuditReport
X-Amz-Date: 20180226T185916Z
User-Agent: aws-cli/1.14.28 Python/2.7.9 Windows/8 botocore/1.8.32
Content-Type: application/x-amz-json-1.1
Authorization: AWS4-HMAC-SHA256 Credential=AWS_Access_Key_ID/20180226/AWS_Region/acm-pca/aws4_request,
SignedHeaders=content-type;host;x-amz-date;x-amz-target,
Signature=96531073ea22cc7057267543f332911b97a5db830dca85a74a7324c9737cee7a
{
"AuditReportId": "11111111-2222-3333-4444-555555555555",
"CertificateAuthorityArn": "arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012"
}
Example
This example illustrates one usage of DescribeCertificateAuthorityAuditReport.
Sample Response
HTTP/1.1 200 OK
Date: Tue, 15 May 2018 16:33:26 GMT
Content-Type: application/xget-amz-json-1.1
Content-Length: 211
x-amzn-RequestId: 3af6a588-856c-48eb-81ab-f2f08fbc618c
Connection: keep-alive
{
"AuditReportStatus": "SUCCESS",
"CreatedAt": 1.526401743081E9,
"S3BucketName": "your-bucket-name",
"S3Key": "audit-report/PCA_ID/Audit_Report_ID.json"
}
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: