Create an AWS private CA of type root. We can set the subject accordingly
cat /path/to/ca_config.json
{
"KeyAlgorithm": "RSA_2048",
"SigningAlgorithm": "SHA256WITHRSA",
"Subject": {
"Country": "IE",
"State": "Dublin",
"Locality": "Dublin",
"Organization": "Oblivious",
"OrganizationalUnit": "Oblivious",
"CommonName": "MyPrivateCA"
}
}
aws acm-pca create-certificate-authority \
--certificate-authority-configuration file://path/to/ca_config.txt \
--certificate-authority-type "ROOT" \
--idempotency-token 98256344
arn:aws:acm-pca:<REGION>:<ACCOUNT_ID>:certificate-authority/xxxxxx-xxxx-xxxx-xxxx-xxxxx