🔥 3-day streak
AWS Certified DevOps Engineer - Professional1 / 204
Question 1 of 204

A company uses AWS Certificate Manager (ACM) to issue public TLS certificates for several externally imported certificates that ACM cannot auto-renew (they were imported from a third-party CA). The security team was recently caught off guard when one imported certificate expired, causing a production outage. They need an automated, low-maintenance solution that proactively alerts the operations team at least 30 days before ANY imported certificate expires, across all accounts in the organization. Which approach BEST meets this requirement?

Reviewed for accuracy · Report an issueNext question