• Public
  • Public/Protected
  • All

Interface Permission

Permissions designate which private CA actions can be performed by an Amazon Web Services service or entity. In order for ACM to automatically renew private certificates, you must give the ACM service principal all available permissions (IssueCertificate, GetCertificate, and ListPermissions). Permissions can be assigned with the CreatePermission action, removed with the DeletePermission action, and listed with the ListPermissions action.


  • Permission



Optional Actions

Actions: (ActionType | string)[]

The private CA actions that can be performed by the designated Amazon Web Services service.

Optional CertificateAuthorityArn

CertificateAuthorityArn: undefined | string

The Amazon Resource Number (ARN) of the private CA from which the permission was issued.

Optional CreatedAt

CreatedAt: Date

The time at which the permission was created.

Optional Policy

Policy: undefined | string

The name of the policy that is associated with the permission.

Optional Principal

Principal: undefined | string

The Amazon Web Services service or entity that holds the permission. At this time, the only valid principal is acm.amazonaws.com.

Optional SourceAccount

SourceAccount: undefined | string

The ID of the account that assigned the permission.