Free and Fast. These are the key selling features of AWS ACM.

Historically provisioning an SSL/TLS certificate for your web application has been expensive, painful and slow. AWS ACM changes this by giving you the ability to provision quickly (via scripts or mouse clicks) an SSL certificate for your domain for no cost. Once you have manually verified the certificate request (the domain owner will be emailed) then the certificate will be ready to be used.

Yes, you can import your own pre purchased certificates however, this process is so painless I personally wouldn’t bother unless you have compelling reasons to do so.

All is not perfect, of course so here are some caveats:

• Once the certificate is verified it still may take hours to be usable, even if it is visible in some drop downs in the console of cert lists.  This caused me some frustrations when I was getting started
• The SSL certificate are available for use with AWS managed services such as AWS ELB, API Gateway and CloudFront. You can not install these certificates on your own server, even if it is an EC2 instance.

So if you are looking at spinning up some applications using API Gateway or CloudFront and you want to use your custom domain, go get your free SSL certificate with ACM!

ACM is not to be confused with KMS which can be used to mange encryption keys.