Security

AWS ACM

AWS Certificate Manager (ACM) provisions, manages, and deploys public and private SSL/TLS certificates for use with AWS services. Certificates renew automatically.

What is ACM? (Simple Explanation)

Think of ACM like an auto-renewing passport for your website. It provides the SSL certificate that makes your site show the padlock icon, and renews it before it expires.

When Would You Use This?

TLS/SSL for web applications
API endpoint encryption
Enterprise PKI with private certificates
Compliance-mandated encryption in transit

Who Uses ACM?

From startups to enterprises, ACM powers:

StartupsMid-size CompaniesLarge EnterprisesGovernmentNonprofits

What Makes ACM Powerful

Free public certificates for ALB, CloudFront, API Gateway

Automatic renewal and deployment

Private CA for enterprise internal PKI

Wildcard and multi-domain certificates

Imported certificates for existing PKI investments

Services That Work with ACM

ACM is rarely used alone. It's typically combined with:

CloudFront ELB API Gateway EC2 Route 53

Compliance & Security

How AWS ACM fits into major compliance standards:

CIS AWS Foundations

ACM configuration is audited by CIS Benchmarks 1.5–3.0 for secure cloud defaults.

NIST 800-53

ACM access controls, encryption, and audit logging map to NIST 800-53 AC, SC, and AU control families.

PCI DSS 4.0

ACM encryption, access control, and logging support PCI DSS for cardholder data environments.

SOC 2

ACM security, availability, and confidentiality controls evaluated under SOC 2 Trust Services Criteria.

ISO 27001

ACM configuration and monitoring controls map to ISO 27001 Annex A information security management.

Ready to secure your ACM configuration?

Pavora continuously monitors your AWS ACM for misconfigurations, compliance violations, and security risks.

Get Started Browse All Services