CRUCIBLE
Log in
← Back to Services

ACM

LOW Domain 1: Design Secure Architectures

AWS Certificate Manager (ACM) is a managed service that provisions, manages, and renews public and private TLS certificates. It is designed to secure AWS services by enabling HTTPS at no extra cost, including automatic certificate rotation. (source_page: 9, source_quote: "AWS Certificate Manager (ACM): Purpose: Create, manage, and deploy public and private TLS certificates. ... Cost: Free to use. Features: Managed automatic rotation for certificates issued via DNS validation.")

Learning Objectives

  • Understand the purpose and core functionality of AWS Certificate Manager (ACM) for TLS/HTTPS.
  • Identify supported AWS services that integrate with ACM for certificate deployment.
  • Recognize the limitations and key features of ACM, including its cost and automatic certificate rotation.

Core Concepts and Functionality

AWS Certificate Manager (ACM) simplifies the use of SSL/TLS certificates to secure network communications.

ACM's purpose is to create, manage, and deploy public and private TLS certificates. It also handles the automatic rotation of these certificates.
ACM is free to use.
ACM manages SSL/TLS certificates. It does not manage application data encryption keys.

Integrations with AWS Services

ACM is designed for seamless integration with various AWS services to enable secure HTTPS communication.

ACM is perfect for TLS certificates deployed to supported AWS services. Commonly supported services include Elastic Load Balancers (ELB), CloudFront distributions, and Amazon API Gateway. For ELBs specifically, it is used for X.509 certificates for TLS/HTTPS.
AWS Certificate Manager (ACM) is used for X.509 certificates on ELBs for TLS/HTTPS.

Limitations

While ACM offers significant benefits for certificate management, it has specific limitations regarding service integration.

ACM does not directly associate certificates with EC2 instances.

Exam Focus

  • Use ACM for securing Application Load Balancers or CloudFront distributions with HTTPS or managing TLS certificates with auto-rotation. (source_page: 9)

Glossary

AWS Certificate Manager (ACM)
A service that provisions, manages, and renews public and private TLS certificates.
TLS Certificates
SSL/TLS certificates used to secure communications, managed by ACM.
X.509 Certificates
A specific type of digital certificate used with Elastic Load Balancers (ELBs) for TLS/HTTPS.

Key Takeaways

  • AWS Certificate Manager (ACM) is a free, fully managed service for provisioning, managing, and automatically renewing SSL/TLS certificates. (source_page: 9)
  • ACM integrates with services like Elastic Load Balancers, CloudFront, and API Gateway for deploying certificates. (source_page: 9)
  • A key limitation is that ACM does not directly associate certificates with EC2 instances. (source_page: 9)

Content Sources

AWS Identity and Access Management (IAM) Introduction to AWS Systems Manager f... AWS Systems Manager for Hybrid Enviro... AWS IAM Core Concepts: A Structured Summary IAM Users, Groups, Policies, and Credentials Extracted: 2026-01-26 12:49:02.508419 Model: gemini-2.5-flash