Configuration for an AWS ACM-PCA (Private Certificate Authority) configured as a Root CA, including activation with a self-signed certificate and permissions for automatically renewing certificates within the account.

Configuration template for the expiry event configuration that determines the number of days prior to expiry when ACM starts generating EventBridge events.

This template sets up a CA hierarchy and permission. It creates a root CA using the AWS::ACMPCA::CertificateAuthority resource, issues a CA certificate using the AWS::ACMPCA::Certificate resource, activates the root CA using the AWS::ACMPCA::CertificateAuthorityActivation resource, and sets permissions using the AWS::ACMPCA::Permission resource. It also creates a subordinate CA, issues a CA certificate for the subordinate CA, activates the subordinate CA, and sets permissions for the subordinate CA.

This template creates an AWS Certificate Manager (ACM) certificate that can be used to enable secure connections. The example shows how to declare an `AWS::CertificateManager::Certificate` resource with the properties `DomainName` set to `example.com` and `ValidationMethod` set to `DNS`.

Imports an existing certificate along with a private key, creating a self-signed certificate for demonstration.

Retrieve information about a specific certificate issued by an AWS Certificate Manager Private Certificate Authority.

This template issues a certificate using AWS Certificate Manager Private Certificate Authority (ACM PCA) with a validity of one year.

Creates a self-signed root certificate authority in AWS ACM PCA, including the necessary resources and configurations.

A CloudWatch Event Rule that sends a notification to provide notice of approaching expiration of an ACM certificate. and forwards the events to an SNS topic.

A CloudWatch Event Rule that detects changes to AWS Organizations and publishes change events to an SNS topic for notification.

Checks whether ACM Certificates in your account are marked for expiration within the specified number of days. Certificates provided by ACM are automatically renewed. ACM does not automatically renew certificates that you import.

Checks if RSA certificates managed by AWS Certificate Manager (ACM) have a key length of at least '2048' bits.The rule is NON_COMPLIANT if the minimum key length is less than 2048 bits.