http://acm-pca.{region}.amazonaws.com/#X-Amz-Target=ACMPrivateCA.TagCertificateAuthority<p>Adds one or more tags to your private CA. Tags are labels that you can use to identify and organize your Amazon Web Services resources. Each tag consists of a key and an optional value. You specify the private CA on input by its Amazon Resource Name (ARN). You specify the tag by using a key-value pair. You can apply a tag to just one private CA if you want to identify a specific characteristic of that CA, or you can apply the same tag to multiple private CAs if you want to filter for a common relationship among those CAs. To remove one or more tags, use the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_UntagCertificateAuthority.html">UntagCertificateAuthority</a> action. Call the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_ListTags.html">ListTags</a> action to see what tags are associated with your CA. </p> <note> <p>To attach tags to a private CA during the creation procedure, a CA administrator must first associate an inline IAM policy with the <code>CreateCertificateAuthority</code> action and explicitly allow tagging. For more information, see <a href="https://docs.aws.amazon.com/privateca/latest/userguide/auth-InlinePolicies.html#policy-tag-ca">Attaching tags to a CA at the time of creation</a>.</p> </note>
{
"success": true,
"data": {
"id": "abc123",
"created_at": "2025-01-01T00:00:00Z"
}
}{
"success": false,
"error": {
"code": "VALIDATION_ERROR",
"message": "Invalid request parameters"
}
}1curl --request POST \2 --url 'http://acm-pca.{region}.amazonaws.com/#X-Amz-Target=ACMPrivateCA.TagCertificateAuthority' \3 --header 'accept: application/json' \4 --header 'content-type: application/json'1{2 "success": true,3 "data": {4 "id": "abc123",5 "created_at": "2025-01-01T00:00:00Z"6 }7}http://acm-pca.{region}.amazonaws.com/#X-Amz-Target=ACMPrivateCA.TagCertificateAuthority<p>Adds one or more tags to your private CA. Tags are labels that you can use to identify and organize your Amazon Web Services resources. Each tag consists of a key and an optional value. You specify the private CA on input by its Amazon Resource Name (ARN). You specify the tag by using a key-value pair. You can apply a tag to just one private CA if you want to identify a specific characteristic of that CA, or you can apply the same tag to multiple private CAs if you want to filter for a common relationship among those CAs. To remove one or more tags, use the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_UntagCertificateAuthority.html">UntagCertificateAuthority</a> action. Call the <a href="https://docs.aws.amazon.com/privateca/latest/APIReference/API_ListTags.html">ListTags</a> action to see what tags are associated with your CA. </p> <note> <p>To attach tags to a private CA during the creation procedure, a CA administrator must first associate an inline IAM policy with the <code>CreateCertificateAuthority</code> action and explicitly allow tagging. For more information, see <a href="https://docs.aws.amazon.com/privateca/latest/userguide/auth-InlinePolicies.html#policy-tag-ca">Attaching tags to a CA at the time of creation</a>.</p> </note>
{
"success": true,
"data": {
"id": "abc123",
"created_at": "2025-01-01T00:00:00Z"
}
}{
"success": false,
"error": {
"code": "VALIDATION_ERROR",
"message": "Invalid request parameters"
}
}1curl --request POST \2 --url 'http://acm-pca.{region}.amazonaws.com/#X-Amz-Target=ACMPrivateCA.TagCertificateAuthority' \3 --header 'accept: application/json' \4 --header 'content-type: application/json'1{2 "success": true,3 "data": {4 "id": "abc123",5 "created_at": "2025-01-01T00:00:00Z"6 }7}