Once you’ve integrated with AWS CloudWatch, you have access to metrics from AWS Private CA, which enables the creation of private certificate authority (CA) hierarchies without the investment and maintenance costs of on-prem solutions.
To verify metrics are reporting, search for the metrics on the Metric details page in Project settings.
The following table shows the Private CA metrics ingested by Lightstep.
|aws.privateca.crl_generated||unit||A certificate revocation list (CRL) was generated|
|aws.privateca.misconfigured_crl_bucket||unit||The S3 bucket for the CRL isn't correctly configured.|
|aws.privateca.time||ms||The time in millseconds between issuance request and completion (or failure) of the request.|
|aws.privateca.success||unit||The certificate was successfully issued.|
|aws.privateca.failure||unit||The operation failed. Only applies to IssueCertificate operation.|