Simply speaking ACM (AWS Certificate Manager) uses KMS (Key Management Service) to protects the private key. What drew my attention into this topic is that a user get denied (no permission to describe kms key) when trying to request a ACM certificate in a region where KMS is explicitly denied. This diagrams explains how ACM … Continue reading How ACM protects the private key?
In case you are not familiar with AWS abbreviation, SES stands for Simple Email Service, ACM is short for AWS Certificate Manager. These two are independent services, each can work without the other. But in some scenarios, you may need to make them work together to solve your problem. For example: The domain does not … Continue reading Use AWS SES to validate ACM certificate request