No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

So - you can actually do this "manually" without needing `aws.acm` or anything provider-specific - but it means  passing in raw certificate details, which must then be manually managed and rotated.  

See <https://github.com/pulumi/pulumi-cloud/blob/master/api/api.ts#L277-L295>.  Note that you'll want to use Pulumi's `pulumi config --secret` to store these as encrypted secrets in external configuration.

We're really interested in finding ways to do a higher-level abstraction over managed certificate management services - if you have thoughts on this definitely interested in discussing here or in GitHub issues!