Download PDF
Download page AWS Certificate Manager.
AWS Certificate Manager
AWS Certificate Manager (ACM) handles the complexity of creating, storing, and renewing public and private SSL/TLS X.509 certificates and keys that protect your AWS websites and applications.
You must configure cloud connections to monitor this entity. See Set up Cisco AppDynamics Cloud Collectors to Monitor AWS.
Cisco Cloud Observability displays AWS entities on the Observe page. Metrics are displayed for specific entity instances in the list and detail views.
This document contains references to third-party documentation. Splunk AppDynamics does not own any rights and assumes no responsibility for the accuracy or completeness of such third-party documentation.
List View
To display the list view for an ACM certificate:
- Navigate to the Observe page.
- Under Cloud Governance & Security Management, click AWS ACM Certificates.
The list view now displays. - From the list, you can:
- View the Domain Name and Days to Expiry.
- Click the row for an ACM certificate to display the Properties panel on the right.
Metrics and Key Performance Indicators
Cisco Cloud Observability displays the following metrics and key performance indicators (KPIs) for ACM certificates. For more information, see Supported CloudWatch metrics.
| Display Name | Source Metric Name | Description |
|---|---|---|
| DaysToExpiry (Count) | DaysToExpiry | Number of days until a certificate expires. ACM stops publishing this metric after a certificate expires. |
Properties (Attributes)
Cisco Cloud Observability displays the following properties for ACM certificates.
| Display Name | Property Name | Description |
|---|---|---|
| Certificate Arn | aws.acm_certificate.arn | The Amazon Resource Name (ARN) of the ACM Certificate. |
| Certificate Domain Name | aws.acm_certificate.domain_name | The fully qualified domain name (FQDN) of the domain on which to perform validation. |
| Certificate Status | aws.acm_certificate.status | The status of the certificate:
|
| Certificate Creation Time | aws.acm_certificate.created_at | The time at which the certificate was requested. |
| Certificate Import Time | aws.acm_certificate.imported_at | The date and time at which the certificate was imported. This value exists only when the certificate type is IMPORTED. |
| Certificate Issue Time | aws.acm_certificate.issued_at | The time at which the certificate was issued. This value exists only when the certificate type is AMAZON_ISSUED. |
| Certificate Revocation Time | aws.acm_certificate.revoked_at | The time at which the certificate was revoked. This value exists only when the certificate status is REVOKED. |
| Certificate Revocation Reason | aws.acm_certificate.revoke_reason | The reason the certificate was revoked. This value exists only when the certificate status is REVOKED. |
| Certificate Key Algorithm | aws.acm_certificate.key_algorithm | The algorithm that was used to generate the public-private key pair. |
| Certificate Signature Algorithm | aws.acm_certificate.signature_algorithm | The algorithm that was used to sign the certificate. |
| Certificate Failure Reason | aws.acm_certificate.failure_reason | The reason the certificate request failed. This value exists only when the certificate status is FAILED. |
| Certificate Source | aws.acm_certificate.source | The source of the certificate. For certificates provided by ACM, this value is AMAZON_ISSUED. |
| Certificate Renewal Eligibility | aws.acm_certificate.renewal_eligibility | Specifies whether the certificate is eligible for renewal. At this time, only exported private certificates can be renewed with the RenewCertificate command. |
Retention and Purge Time-To-Live (TTL)
For all cloud and infrastructure entities, the retention TTL is 180 minutes (3 hours) and the purge TTL is 525,600 minutes (365 days).
Amazon Web Services, the AWS logo, AWS, and any other AWS Marks used in these materials are trademarks of Amazon.com, Inc. or its affiliates in the United States and/or other countries.