Posted On: Jun 16, 2020

AWS Certificate Manager (ACM) now supports CloudFormation templates for automating SSL/TLS certificate issuance for DNS-validated certificates with domains managed in Route 53, issuance of private certificates from an ACM Private Certificate Authority, and configuration of certificate transparency (CT) logging.

This enhancement provides three new CloudFormation capabilities for ACM. First, you can now use CloudFormation templates to perform all of the steps to validate your domain with DNS validation and issue your certificate. You no longer need to manually perform any validation steps for DNS-validated certificates for DNS domains managed with Route 53. Second, you can use CloudFormation templates to issue private certificates with ACM. Third, you can disable CT Logging if you do not want your certificates automatically logged in a public CT Log.

AWS Certificate Manager is a service that lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates for use with AWS services and your internal connected resources. SSL/TLS certificates are used to secure network communications and establish the identity of websites over the Internet as well as resources on private networks.

You can use these new CloudFormation enhancements with ACM in 21 commercial AWS Regions and the AWS GovCloud (US-East) and (US-West) Regions. See the AWS Regions Table for details.

To learn more about ACM, see AWS Certificate Manager and the ACM User Guide. See the CloudFormation documentation to learn more about using CloudFormation for certificate issuance.