You can use certificates from AWS Certificate Manager (ACM) directly with EC2. Sound shocking, right!!!!
It’s very well known that ACM certificates integrate with: Elastic Load Balancing, Amazon CloudFront, Amazon Cognito, AWS Elastic Beanstalk, AWS App Runner or Amazon API Gateway.
-
None of those options supports EC2 Instances directly, the only way is to provide a certificate from 3rd party vendor. Only if you used AWS Nitro Enclaves.
- Let’s get first started with understanding what is AWS Nitro Enclaves: Nitro Enclaves is separated VM, very hardened, extremely with no persistent storage, no interactive access, and no external networking. It uses the Nitro Hypervisor to further isolate the CPU and memory of the enclave from users, applications, and libraries on the parent EC2 instance. Nitro Enclaves are used with applications that process highly sensitive data, personal identifiable information,….
Since AWS Nitro Enclaves enables the creation of an isolated compute environments SSL/TLS private keys can be securely stored, this allows the seamless integration between ACM and Nitro Enclaves without risk of keys exposure since no user/application can view or export those keys.
ACM for Nitro Enclaves supports NGINX servers and Apache HTTP servers.
No cost is associated with using ACM for Nitro Enclaves.
To learn more:
https://lnkd.in/gybjgRTt
https://lnkd.in/g9hmjXbW.
Top comments (0)