Elastic Load Balancing (ELB) Trust Stores now supports a new capability that enables cross-account sharing via AWS RAM (Resource Access Manager). This feature allows customers to centrally manage their ELB Trust Stores across multiple accounts to streamline trust store management and enable consistent Mutual TLS configurations across Application Load Balancers (ALBs).
With this launch, ELB Trust Store owners can now share their trust stores and revocation lists with other AWS accounts, organizational units (OUs), and specific IAM roles and users through AWS RAM. Security Admins can now maintain a single or smaller number of trust stores within AWS. Application developers can ensure that their ALBs are reliably authenticating certificate based identities by simply attaching the trust store(s) managed by their respective security admins while configuring their load balancers. This improves operational efficiency while using Mutual TLS and reduces the potential for human error associated with managing disparate trust stores and revocation lists.
This feature is now available in all commercial AWS Regions and the AWS GovCloud (US) Regions. To learn more, refer to the ELB documentation.
Source:: Amazon AWS