AWS Private CA metrics

Once you’ve integrated with AWS CloudWatch, you have access to metrics from AWS Private CA, which enables the creation of private certificate authority (CA) hierarchies without the investment and maintenance costs of on-prem solutions.

See all AWS integrations.

To verify metrics are reporting, search for the metrics on the Metric details page in Settings.

The following table shows the Private CA metrics ingested by Cloud Observability.

Metric Name Unit Description
aws.privateca.crl_generated unit A certificate revocation list (CRL) was generated
aws.privateca.misconfigured_crl_bucket unit The S3 bucket for the CRL isn't correctly configured.
aws.privateca.time ms The time in millseconds between issuance request and completion (or failure) of the request.
aws.privateca.success unit The certificate was successfully issued.
aws.privateca.failure unit The operation failed. Only applies to IssueCertificate operation.

See also

Ingest metrics from Amazon

Create and manage dashboards

Create alerts

Updated Dec 2, 2022