Deleting a certificate authority - AWS Certificate Manager Private Certificate Authority

Deleting a certificate authority

The following CloudTrail example shows the results of a call to the DeleteCertificateAuthority operation. In this example, the certificate authority cannot be deleted because it is in the ACTIVE state.

{ "eventVersion":"1.05", "userIdentity":{ "type":"IAMUser", "principalId":"account", "arn":"arn:aws:iam::account:user/name", "accountId":"account", "accessKeyId":"key_ID" }, "eventTime":"2018-01-26T22:01:11Z", "eventSource":"acm-pca.amazonaws.com", "eventName":"DeleteCertificateAuthority", "awsRegion":"region", "sourceIPAddress":"IP_address", "userAgent":"agent", "errorCode":"InvalidStateException", "errorMessage":"The certificate authority is not in a valid state for deletion.", "requestParameters":{ "certificateAuthorityArn":"arn:aws:acm-pca:region:account:certificate-authority/CA_ID" }, "responseElements":null, "requestID":"request_ID", "eventID":"event_ID", "eventType":"AwsApiCall", "recipientAccountId":"account" }