☁️
AWS Solutions Architect Associate SAA-C03 Study Notes/
πŸ”Ά
AWS Certificate Manager (ACM)
πŸ”Ά

AWS Certificate Manager (ACM)

Overview

  • Manages provisioning, deployment, and renewal of TLS/SSL certificates for AWS services.
  • Provides free public certificates for in-flight encryption over HTTPS.

Key Features

  • Public & Private Certificates
    • Public: Free, issued by Amazon’s CA, trusted by browsers.
    • Private: Used with AWS Private CA (paid service) for internal workloads.
  • Automatic Renewal
    • Certificates are renewed before expiration with no manual intervention.
  • AWS Service Integration
    • Works natively with ALB, NLB, CLB, CloudFront, and API Gateway.

Limitations

  • Certificates cannot be exported for manual installation on EC2 or on-prem servers.
  • Not usable for workloads requiring direct control over private key material.

Example Flow

  1. Request public certificate in ACM.
  1. Attach it to an Application Load Balancer.
  1. Clients connect via HTTPS β†’ ALB terminates TLS β†’ forwards HTTP to backend.
Β 
πŸ”·
ACM – Requesting Public Certificates
πŸ”·
ACM – Importing Public Certificates
πŸ”·
ACM – Expiration Notifications and Compliance
πŸ”·
ACM – Integration with Application Load Balancer (ALB)
πŸ”·
ACM – Integration with API Gateway