Our Blog

ACM now supports automated certificate management for Kubernetes

Published
December 15, 2025
https://aws.amazon.com/about-aws/whats-new/2025/12/acm-automated-certificate-management-kubernetes/

AWS Certificate Manager (ACM) Automated Certificate Management for Kubernetes

AWS Certificate Manager (ACM) now automates certificate provisioning and distribution for Kubernetes workloads through AWS Controllers for Kubernetes (ACK). This integration extends ACM's automation to any Kubernetes workload for both public and private certificates, enabling you to manage certificates using native Kubernetes APIs.

With ACK, you define certificates as Kubernetes resources, and the ACK controller automates the complete certificate lifecycle: requesting certificates from ACM, exporting them after validation, updating Kubernetes Secrets with the certificate and private key, and automatically updating those Secrets at renewal.

What to do

  • Use ACM exportable public certificates for internet-facing workloads or AWS Private CA private certificates for internal services in Amazon EKS or other Kubernetes environments.
  • Terminate TLS in application pods (NGINX, custom applications), secure service mesh communication (Istio, Linkerd), and manage certificates for third-party ingress controllers (NGINX Ingress, Traefik).
  • Distribute certificates to hybrid and edge Kubernetes environments.

This feature is available in all commercial, AWS GovCloud (US), and AWS China regions where ACM is available.

To learn more, visit the GitHub link or read our documentation and our pricing page.




If you need further guidance on AWS, our experts are available at AWS@westloop.io. You may also reach us by submitting the Contact Us form.

Follow our blog

Get the latest insights and advice on AWS services from our experts.

By clicking Sign Up you're confirming that you agree with our Terms and Conditions.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Related posts

Check out other insights from the team at West Loop Strategy.

View all
https://aws.amazon.com/about-aws/whats-new/2025/11/the-aws-api-mcp-server-aws-marketplace

The AWS API MCP Server is now available on AWS Marketplace

AWS announces the availability of the AWS API MCP Server on AWS Marketplace, enabling customers to deploy the Model Context Protocol (MCP) server to Amazon Bedrock AgentCore
Read more
https://aws.amazon.com/about-aws/whats-new/2025/11/amazon-braket-spending-limits-feature-quantum-processing-units

Amazon Braket introduces spending limits feature for quantum processing units

Amazon Braket now supports spending limits, enabling customers to set spending caps on quantum processing units (QPUs) to manage costs
Read more
https://aws.amazon.com/about-aws/whats-new/2025/11/validate-enforce-required-tags-cloudformation-terraform-pulumi/

Validate and enforce required tags in CloudFormation, Terraform and Pulumi with Tag Policies

AWS Organizations Tag Policies announces Reporting for Required Tags, a new validation check that proactively ensures your CloudFormation, Terraform, and Pulumi deployments include the required tags critical to your business
Read more
View all