ACM resource validation with Arpio


ACM certificates contain secret material. Due to this sensitive nature, Arpio does not replicate certificates for you to the recovery environment. Instead, you must manually provision them. Arpio does validate that an appropriately provisioned certificate exists and it configures other resources to reference them.

An appropriately provisioned certificate meets the following criteria:

  • The certificate status is "ISSUED"
  • The certificate domain name matches the certificate in your primary environment

If multiple certificates are found to meet this criteria, the certificate with the most subject alternative names matching the primary environment's certificate is used.