CA administration
Last updated
Was this helpful?
Last updated
Was this helpful?
Note Your account is charged a monthly price for each private CA starting from the time that you create it. For the latest AWS Private CA pricing information, see . You can also use the to estimate costs.
Note Procedures for creating or obtaining an external trust services provider are outside the scope of this guide.
Note You can customize the columns that you want to display, as well as other settings, by choosing the gear icon in the upper-right corner of the console.
Note
To attach tags to a private CA during the creation procedure, a CA administrator must first associate an inline IAM policy with the CreateCertificateAuthority
action and explicitly allow tagging. For more information, see .
Note
For all status values except DELETED
and FAILED
, you are billed for the CA.
Important
A private CA can be deleted if it is in the PENDING_CERTIFICATE
, CREATING
, EXPIRED
, DISABLED
, or FAILED
state. In order to delete a CA in the ACTIVE
state, you must first disable it, or else the delete request results in an exception. If you are deleting a private CA in the PENDING_CERTIFICATE
or DISABLED
state, you can set the length of its restoration period from 7-30 days, with 30 being the default. During this period, status is set to DELETED
and the CA is restorable. A private CA that is deleted while in the CREATING
or FAILED
state has no assigned restoration period and cannot be restored. For more information, see .
You are not charged for a private CA after it has been deleted. However, if a deleted CA is restored, you are charged for the time between deletion and restoration. For more information, see .
Note You are not charged for a private CA after it has been deleted. However, if a deleted CA is restored, you are charged for the time between deletion and restoration. For more information, see .