AWS Certificate Manager introduces Enterprise Controls to help govern certificate issuance

Enterprise, network and security admins can now use AWS Identity and Access Management (IAM) condition context keys with AWS Certificate Manager (ACM) to help ensure that users are issuing certificates that conform to their organization’s public key infrastructure (PKI) guidelines. For example, you can use condition keys to allow only DNS validation. Or, you can authorize which of your users can request certificates for specific domain names such as and/or wildcard names.

Source:: Amazon AWS