By Implementation

Service Control PoliciesConfig RulesAuto Remediation RulesConformance PacksAmazon GuardDutyAmazon InspectorAWS Security HubAWS Network FirewallRoute53 Resolver SecurityAmazon MacieS3 Bucket PoliciesCloudWatch Alarms and Event RulesAWS WAFAWS Secrets ManagerAWS Systems ManagerSecurity Groups & NACLsAWS KMSIAM PoliciesAmazon ECRRDS Event Subscriptions

By Service Protected

Configuration Packages

Strategy Guides

Other

AWS Certificate Manager (ACM) Security

A collection of AWS Security controls for AWS (Certificate Authority) ACM and AWS (Certificate Authority-Private Certificate Authority) ACM-PCA. Controls include templates for provisioning ACM-PCA, AWS Config rules for monitoring compliance, and CloudWatch Alarms. Configuration templates are available in AWS CloudFormation, AWS CLI and Terraform

ACM

Configuration for an AWS ACM-PCA (Private Certificate Authority) configured as a Root CA, including activation with a self-signed certificate and permissions for automatically renewing certificates within the account.

CloudFormationTerraformAWS CLI

Configuration template for the expiry event configuration that determines the number of days prior to expiry when ACM starts generating EventBridge events.

CloudFormationAWS CLI
CloudWatch Events

A CloudWatch Event Rule that sends a notification to provide notice of approaching expiration of an ACM certificate. and forwards the events to an SNS topic.

CloudFormationTerraformAWS CLI
Config Rule

Checks whether ACM Certificates in your account are marked for expiration within the specified number of days. Certificates provided by ACM are automatically renewed. ACM does not automatically renew certificates that you import.

CloudFormationTerraformAWS CLI
Filter by source
 
ACM
CloudWatch Events
Config Rule