AWS ACM PCA Certificate

This page shows how to write Terraform for ACM PCA Certificate and write them securely.

aws_acm_certificate (Terraform)

The Certificate in ACM PCA can be configured in Terraform with the resource name aws_acm_certificate. The following sections describe 5 examples of how to use the resource and its parameters.

Example Usage from GitHub

resource "aws_acm_certificate" "blog_carterjones_info" {
  provider          = aws.useast1
  domain_name       = ""
  validation_method = "DNS"

resource "aws_acm_certificate" "haxe-org" {
  domain_name               = ""
  subject_alternative_names = ["*"]
  validation_method         = "DNS"
  lifecycle {
    create_before_destroy = true
resource "aws_acm_certificate" "adventar_org" {
  provider    =
  domain_name = ""

  lifecycle {
    create_before_destroy = true
resource "aws_acm_certificate" "skoleapp_com" {
  domain_name       = ""
  validation_method = "DNS"

  subject_alternative_names = ["*"]

resource "aws_acm_certificate" "ridibooks-com" {
  provider    = aws.virginia
  domain_name = "*"
  subject_alternative_names = [


Explanation in Terraform Registry

The ACM certificate resource allows requesting and management of certificates from the Amazon Certificate Manager. It deals with requesting certificates and managing their attributes and life-cycle. This resource does not deal with validation of a certificate but can provide inputs for other resources implementing the validation. It does not wait for a certificate to be issued. Use a aws_acm_certificate_validation resource for this. Most commonly, this resource is used together with aws_route53_record and aws_acm_certificate_validation to request a DNS validated certificate, deploy the required validation records and wait for validation to complete. Domain validation through email is also supported but should be avoided as it requires a manual step outside of Terraform. It's recommended to specify create_before_destroy = true in a [lifecycle][1] block to replace a certificate which is currently in use (eg, by aws_lb_listener).

CloudFormation Example

CloudFormation code does not have the related resource.

Frequently asked questions

What is AWS ACM PCA Certificate?

AWS ACM PCA Certificate is a resource for ACM PCA of Amazon Web Service. Settings can be wrote in Terraform.

Where can I find the example code for the AWS ACM PCA Certificate?

For Terraform, the carterjones/infrastructure, HaxeFoundation/haxe-terraform and adventar/adventar source code examples are useful. See the Terraform Example section for further details.


Scan your IaC problem in 3 minutes for free

You can keep your IaC security for free. No credit card required.