Your company starts to use AWS Certificate Manager to manage all the existing certificates.
If new certificates are required, they need to be either requested from ACM or imported directly to ACM.
ACM becomes the central place to manage the certificates.
In which of the following services can you install the ACM certificates? (Select TWO.)
Click on the arrows to vote for the correct answer
A. B. C. D. E.Correct Answer - B, D.
Check https://docs.aws.amazon.com/acm/latest/userguide/acm-services.html for the supported services integrated with AWS Certificate Manager.
Option A is incorrect: Because a Lambda function cannot directly install an ACM certificate.
However, you can install one in API Gateway.
Option B is CORRECT: CloudFront integrates with AWS Certificate Manager, and the certificate of ACM can be installed in the CloudFront distribution to serve the SSL/TLS traffic.
Option C is incorrect: Because a record set is used for DNS queries and does not need to install a certificate.
Option D is CORRECT: Because you can configure an HTTPS listener for the load balancer in the Elastic Beanstalk Environment.
The ACM certificate can be installed in the listener.
Option E is incorrect: Because SQS cannot integrate with ACM and install certificates from ACM.
The AWS Certificate Manager (ACM) is a service that simplifies the management of SSL/TLS certificates for AWS resources, and it enables you to deploy, manage, and use SSL/TLS certificates with AWS services and your internal resources. When you use ACM, it becomes the central place for managing certificates for your resources, and you can use the certificates with a variety of AWS services.
To answer the question, we need to identify which services can use ACM certificates. Here are the options:
A. A Lambda function written by Python 3.8. Lambda functions are typically used to process data or respond to events. ACM certificates are not required to run Lambda functions, so this option is incorrect.
B. A CloudFront distribution that needs to serve secure content over SSL/TLS. CloudFront is a content delivery network (CDN) that can be used to distribute content to users around the world. When you configure a CloudFront distribution, you can specify an ACM certificate to be used for secure communication between CloudFront and your viewers. This option is correct.
C. A new record set in Route 53 which uses the Failover routing policy. Route 53 is a DNS service that can be used to route traffic to your resources. ACM certificates are not required to use Route 53, so this option is incorrect.
D. An Elastic Beanstalk Environment's load balancer that needs to terminate HTTPS. Elastic Beanstalk is a service that can be used to deploy and manage applications in the AWS Cloud. When you configure an Elastic Beanstalk environment, you can specify an ACM certificate to be used for secure communication between the load balancer and your application. This option is correct.
E. A FIFO (First-In-First-Out) queue in Simple Queue Service. Simple Queue Service (SQS) is a message queuing service that can be used to decouple and scale microservices, distributed systems, and serverless applications. ACM certificates are not required to use SQS, so this option is incorrect.
Therefore, the correct answers are B and D. You can install ACM certificates in CloudFront distributions and Elastic Beanstalk environment's load balancers.