SYSTEM Cited by 1 source
AWS Certificate Manager (ACM)¶
Definition¶
AWS Certificate Manager (ACM) is the managed TLS certificate service for AWS accounts. ACM issues public certificates (free, via Amazon's CA) and imports private/third-party certificates, and integrates natively with ALB, NLB, CloudFront, API Gateway, and several other AWS services — meaning certificate renewal and rotation are handled without ops involvement on the attached services.
Seen in¶
-
— ACM-issued cert (
subject: CN=engineering.zalando.com; issuer: C=US; O=Amazon; OU=Server CA 1B; CN=Amazon) terminates TLS at the ALB fronting Skipper for Zalando's engineering blog. Cert binding to the ALB is done automatically by the Kubernetes Ingress Controller for AWS. -
sources/2026-04-27-aws-deloitte-optimizes-eks-environment-provisioning-with-vcluster — One ACM cert terminates HTTPS for applications running across 50+ vCluster virtual Kubernetes clusters via a shared ALB. Deloitte provisions the cert with DNS validation (
aws acm request-certificate --validation-method DNS), creates the validation CNAME in Route 53, and attaches the cert ARN to the shared ALB. One cert rotation cadence instead of 50 — a load-bearing operational simplification of the patterns/shared-alb-path-based-multi-cluster-routing pattern. Trade-off: one cert-rotation bug affects every vcluster's public HTTPS simultaneously.