Exécutez n'importe quel Skill dans Manus
en un clic

Exécutez n'importe quel Skill dans Manus en un clic

Commencer

aws-acm-pca

Private CA via AWS CLI v2 (`aws acm-pca`). Certificate authorities, certificates, audit reports, permissions, policies.

Exécuter dans Manus

Aperçu

Private CA via AWS CLI v2 (`aws acm-pca`). Certificate authorities, certificates, audit reports, permissions, policies.

Commande d'installation

npx skills add https://github.com/chrishuffman5/awscliskills --skill aws-acm-pca

Copiez et collez cette commande dans Claude Code pour installer le skill

Source

chrishuffman5/awscliskills

Étoiles0

Forks0

Mis à jour27 mai 2026 à 22:07

Explorateur de fichiers

8 fichiers

SKILL.md

readonly

name	aws-acm-pca
description	Private CA via AWS CLI v2 (`aws acm-pca`). Certificate authorities, certificates, audit reports, permissions, policies.

AWS CLI v2 — Private CA (AWS Private Certificate Authority)

Overview

Complete reference for all aws acm-pca subcommands in AWS CLI v2. Covers private certificate authority lifecycle management, certificate issuance and revocation, CSR generation, audit report creation, CA permission and policy management, and tagging.

Quick Reference — Common Workflows

Create a root CA

aws acm-pca create-certificate-authority \
  --certificate-authority-configuration \
    KeyAlgorithm=RSA_2048,SigningAlgorithm=SHA256WITHRSA,Subject={CommonName="My Root CA",Organization="MyOrg",Country=US} \
  --certificate-authority-type ROOT \
  --tags Key=Environment,Value=production

Get the CA CSR and install the CA certificate

# Get the CSR
aws acm-pca get-certificate-authority-csr \
  --certificate-authority-arn arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012 \
  --output text > ca.csr

# Self-sign for root CA
aws acm-pca issue-certificate \
  --certificate-authority-arn arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012 \
  --csr fileb://ca.csr \
  --signing-algorithm SHA256WITHRSA \
  --template-arn arn:aws:acm-pca:::template/RootCACertificate/V1 \
  --validity Value=3650,Type=DAYS

# Wait for certificate to be issued
aws acm-pca wait certificate-issued \
  --certificate-authority-arn arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012 \
  --certificate-arn "$CERT_ARN"

# Import the CA certificate
aws acm-pca import-certificate-authority-certificate \
  --certificate-authority-arn arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012 \
  --certificate fileb://ca-cert.pem

Issue an end-entity certificate

aws acm-pca issue-certificate \
  --certificate-authority-arn arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012 \
  --csr fileb://server.csr \
  --signing-algorithm SHA256WITHRSA \
  --validity Value=365,Type=DAYS

Retrieve an issued certificate

aws acm-pca get-certificate \
  --certificate-authority-arn "$CA_ARN" \
  --certificate-arn "$CERT_ARN" \
  --output text

Revoke a certificate

aws acm-pca revoke-certificate \
  --certificate-authority-arn "$CA_ARN" \
  --certificate-serial "serial-number" \
  --revocation-reason KEY_COMPROMISE

Create an audit report

aws acm-pca create-certificate-authority-audit-report \
  --certificate-authority-arn "$CA_ARN" \
  --s3-bucket-name my-audit-bucket \
  --audit-report-response-format JSON

Disable and delete a CA

aws acm-pca update-certificate-authority \
  --certificate-authority-arn "$CA_ARN" \
  --status DISABLED

aws acm-pca delete-certificate-authority \
  --certificate-authority-arn "$CA_ARN" \
  --permanent-deletion-time-in-days 7

Command Reference

See index.md for the quick reference table and global options.

Group	File	Commands
Certificate Authorities	`certificate-authorities.md`	create-certificate-authority, delete-certificate-authority, describe-certificate-authority, list-certificate-authorities, update-certificate-authority, restore-certificate-authority, get-certificate-authority-certificate, get-certificate-authority-csr, import-certificate-authority-certificate
Certificates	`certificates.md`	issue-certificate, get-certificate, revoke-certificate
Audit Reports	`audit-reports.md`	create-certificate-authority-audit-report, describe-certificate-authority-audit-report
Permissions & Policies	`permissions-policies.md`	create-permission, delete-permission, list-permissions, get-policy, put-policy, delete-policy
Tags	`tags.md`	tag-certificate-authority, untag-certificate-authority, list-tags
Wait	`wait.md`	wait audit-report-created, wait certificate-authority-csr-created, wait certificate-issued

Plus depuis ce dépôt

même dépôt

aws-accessanalyzer

chrishuffman5/awscliskills

IAM Access Analyzer via AWS CLI v2 (`aws accessanalyzer`). Analyzers, findings, archive rules, access previews, policy tools.

2026-05-270

aws-acm

chrishuffman5/awscliskills

ACM via AWS CLI v2 (`aws acm`). Certificates, import/export, validation, tags, account configuration.

2026-05-270

aws-amp

chrishuffman5/awscliskills

Managed Prometheus via AWS CLI v2 (`aws amp`). Workspaces, alert manager, rule groups, scrapers, logging, resource policies.

2026-05-270

aws-amplify

chrishuffman5/awscliskills

Amplify via AWS CLI v2 (`aws amplify`). Apps, branches, domain associations, jobs, deployments, webhooks.

2026-05-270

aws-apigateway

chrishuffman5/awscliskills

API Gateway via AWS CLI v2 (`aws apigateway`). REST APIs, HTTP APIs, resources, methods, stages, authorizers, API keys, usage plans.

2026-05-270

aws-appconfig

chrishuffman5/awscliskills

AppConfig via AWS CLI v2 (`aws appconfig`). Feature flags, configuration profiles, deployment strategies, environments, extensions, runtime data retrieval.

2026-05-270

Source

chrishuffman5

chrishuffman5/awscliskills

Ouvrir le dépôt GitHub Voir les dépôts du créateur

Commande d'installation

Téléchargement

Exécuter dans Manus

Utile pourSOC

Développeurs de logicielsProfessions informatiques et mathématiques15-1252L4

name	aws-acm-pca
description	Private CA via AWS CLI v2 (`aws acm-pca`). Certificate authorities, certificates, audit reports, permissions, policies.

AWS CLI v2 — Private CA (AWS Private Certificate Authority)

Overview

Quick Reference — Common Workflows

Create a root CA

aws acm-pca create-certificate-authority \
  --certificate-authority-configuration \
    KeyAlgorithm=RSA_2048,SigningAlgorithm=SHA256WITHRSA,Subject={CommonName="My Root CA",Organization="MyOrg",Country=US} \
  --certificate-authority-type ROOT \
  --tags Key=Environment,Value=production

Get the CA CSR and install the CA certificate

# Get the CSR
aws acm-pca get-certificate-authority-csr \
  --certificate-authority-arn arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012 \
  --output text > ca.csr

# Self-sign for root CA
aws acm-pca issue-certificate \
  --certificate-authority-arn arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012 \
  --csr fileb://ca.csr \
  --signing-algorithm SHA256WITHRSA \
  --template-arn arn:aws:acm-pca:::template/RootCACertificate/V1 \
  --validity Value=3650,Type=DAYS

# Wait for certificate to be issued
aws acm-pca wait certificate-issued \
  --certificate-authority-arn arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012 \
  --certificate-arn "$CERT_ARN"

# Import the CA certificate
aws acm-pca import-certificate-authority-certificate \
  --certificate-authority-arn arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012 \
  --certificate fileb://ca-cert.pem

Issue an end-entity certificate

aws acm-pca issue-certificate \
  --certificate-authority-arn arn:aws:acm-pca:us-east-1:123456789012:certificate-authority/12345678-1234-1234-1234-123456789012 \
  --csr fileb://server.csr \
  --signing-algorithm SHA256WITHRSA \
  --validity Value=365,Type=DAYS

Retrieve an issued certificate

aws acm-pca get-certificate \
  --certificate-authority-arn "$CA_ARN" \
  --certificate-arn "$CERT_ARN" \
  --output text

Revoke a certificate

aws acm-pca revoke-certificate \
  --certificate-authority-arn "$CA_ARN" \
  --certificate-serial "serial-number" \
  --revocation-reason KEY_COMPROMISE

Create an audit report

aws acm-pca create-certificate-authority-audit-report \
  --certificate-authority-arn "$CA_ARN" \
  --s3-bucket-name my-audit-bucket \
  --audit-report-response-format JSON

Disable and delete a CA

aws acm-pca update-certificate-authority \
  --certificate-authority-arn "$CA_ARN" \
  --status DISABLED

aws acm-pca delete-certificate-authority \
  --certificate-authority-arn "$CA_ARN" \
  --permanent-deletion-time-in-days 7

Command Reference

See index.md for the quick reference table and global options.

Group	File	Commands
Certificate Authorities	`certificate-authorities.md`	create-certificate-authority, delete-certificate-authority, describe-certificate-authority, list-certificate-authorities, update-certificate-authority, restore-certificate-authority, get-certificate-authority-certificate, get-certificate-authority-csr, import-certificate-authority-certificate
Certificates	`certificates.md`	issue-certificate, get-certificate, revoke-certificate
Audit Reports	`audit-reports.md`	create-certificate-authority-audit-report, describe-certificate-authority-audit-report
Permissions & Policies	`permissions-policies.md`	create-permission, delete-permission, list-permissions, get-policy, put-policy, delete-policy
Tags	`tags.md`	tag-certificate-authority, untag-certificate-authority, list-tags
Wait	`wait.md`	wait audit-report-created, wait certificate-authority-csr-created, wait certificate-issued