- Use AWS Certificate Manager (ACM) to provision, manage, and deploy public and private SSL/TLS certificates for use with AWS services and your internal connected resources.
- ACM removes the time-consuming manual process of purchasing, uploading, and renewing SSL/TLS certificates.
| Certificate Type | Automatic Renewable | Notification |
|---|---|---|
| AWS issued certificate | Yes | AWS Config can be used to monitor, notify through SNS if a certificate is about expire. |
| Third-party certificate | No | Monitor days to expiry as a metric for ACM certificates through Amazon CloudWatch. - An Amazon EventBridge expiry event is published for any certificate that is at least 45 days away from expiry by default. |