AWS - Certificate Manager (ACM) & Private Certificate Authority (PCA)
Basic Information
AWS Certificate Manager (ACM) is provided as a service aimed at streamlining the provisioning, management, and deployment of SSL/TLS certificates for AWS services and internal resources. The necessity for manual processes, such as purchasing, uploading, and certificate renewals, is eliminated by ACM. This allows users to efficiently request and implement certificates on various AWS resources including Elastic Load Balancers, Amazon CloudFront distributions, and APIs on API Gateway.
A key feature of ACM is the automatic renewal of certificates, significantly reducing the management overhead. Furthermore, ACM supports the creation and centralized management of private certificates for internal use. Although SSL/TLS certificates for integrated AWS services like Elastic Load Balancing, Amazon CloudFront, and Amazon API Gateway are provided at no extra cost through ACM, users are responsible for the costs associated with the AWS resources utilized by their applications and a monthly fee for each private Certificate Authority (CA) and private certificates used outside integrated ACM services.
AWS Private Certificate Authority is offered as a managed private CA service, enhancing ACM's capabilities by extending certificate management to include private certificates. These private certificates are instrumental in authenticating resources within an organization.
Enumeration
ACM
PCM
Privesc
TODO
Post Exploitation
TODO
Last updated