AWS acm documentation change
Summary
Added recommendation for ACME automation with cert-manager in Kubernetes
Security assessment
Recommends industry-standard certificate automation for Kubernetes, reducing manual key handling risks. No vulnerability addressed.
Diff
diff --git a/acm/latest/userguide/exportable-certificates-kubernetes.md b/acm/latest/userguide/exportable-certificates-kubernetes.md index b527555b8..8f10f1da4 100644 --- a//acm/latest/userguide/exportable-certificates-kubernetes.md +++ b//acm/latest/userguide/exportable-certificates-kubernetes.md @@ -12,0 +13,4 @@ You can use AWS Certificate Manager exportable public certificates with AWS Cont +###### Tip + +If you use [cert-manager](https://cert-manager.io/) or another industry-standard ACME client in your Kubernetes cluster, you can automate certificate issuance from ACM through the ACME protocol instead. In this approach, the ACME client generates and holds the private key. For more information, see [ACME certificate automation](./acm-acme.html). +