Service: AWS Certificate Manager
Short Name:
acm
ARN Format:
arn:aws:acm:${Region}:${Account}:${ArnType}/${ResourceId}ARN Regex:
^arn:aws:acm:.+:[0-9]+:.+CloudFrontFullAccess
…
AWSConfigRoleAction | Access | Reference | Description |
|---|---|---|---|
| acm:ListCertificates | Docs | Grants permission to retrieve a list of the certificate ARNs and the domain name for each ARN | |
| acm:DescribeCertificate | Docs | Grants permission to retreive a certificates and its metadata | |
| acm:ExportCertificate | Docs | Grants permission to export a private certificate issued by a private certificate authority (CA) for use anywhere | |
| acm:GetAccountConfiguration | Docs | Grants permission to retrieve account level configuration from AWS Certificate Manager | |
| acm:GetCertificate | Docs | Grants permission to retrieve a certificate and certificate chain for a certificate ARN | |
| acm:ListTagsForCertificate | Docs | Grants permission to lists the tags that have been associated with a certificate | |
| acm:AddTagsToCertificate | Docs | Grants permission to add one or more tags to a certificate | |
| acm:RemoveTagsFromCertificate | Docs | Grants permission to remove one or more tags from a certificate | |
| acm:DeleteCertificate | Docs | Grants permission to delete a certificate and its associated private key | |
| acm:ImportCertificate | Docs | Grants permission to import a 3rd party certificate into AWS Certificate Manager (ACM) | |
| acm:PutAccountConfiguration | Docs | Grants permission to update account level configuration in AWS Certificate Manager | |
| acm:RenewCertificate | Docs | Grants permission to renew an eligible private certificate | |
| acm:RequestCertificate | Docs | Grants permission to requests a public or private certificate | |
| acm:ResendValidationEmail | Docs | Grants permission to resend an email to request domain ownership validation | |
| acm:UpdateCertificateOptions | Docs | Grants permission to update a certificate configuration. Use this to specify whether to opt in to or out of certificate transparency logging |
acm:CertificateAuthorityacm:CertificateTransparencyLoggingacm:DomainNamesacm:KeyAlgorithmacm:ValidationMethodaws:RequestTag/${TagKey}aws:ResourceTag/${TagKey}aws:TagKeys