Configuration for an AWS ACM-PCA (Private Certificate Authority) configured as a Root CA, including activation with a self-signed certificate and permissions for automatically renewing certificates within the account.
A collection of AWS Security controls for AWS (Certificate Authority) ACM and AWS (Certificate Authority-Private Certificate Authority) ACM-PCA. Controls include templates for provisioning ACM-PCA, AWS Config rules for monitoring compliance, and CloudWatch Alarms. Configuration templates are available in AWS CloudFormation, AWS CLI and Terraform
Configuration template for the expiry event configuration that determines the number of days prior to expiry when ACM starts generating EventBridge events.
A CloudWatch Event Rule that sends a notification to provide notice of approaching expiration of an ACM certificate. and forwards the events to an SNS topic.