AWS acm documentation change
Summary
Added tip about ACME protocol alternative for public certificate automation
Security assessment
The change documents an alternative security feature (ACME protocol) for certificate automation that avoids certificate export, improving security posture by reducing credential exposure risk.
Diff
diff --git a/acm/latest/userguide/acm-certificate-automation.md b/acm/latest/userguide/acm-certificate-automation.md index ddb096222..e2d56b494 100644 --- a//acm/latest/userguide/acm-certificate-automation.md +++ b//acm/latest/userguide/acm-certificate-automation.md @@ -12,0 +13,4 @@ The AWS Workload Credentials Provider automates the use of [public](https://docs +###### Tip + +For publicly trusted certificates, you can instead use the ACME protocol to automate issuance and renewal directly on your hosts with industry-standard ACME clients, without exporting certificates from ACM. For more information, see [ACME certificate automation](./acm-acme.html). +