Cybersecurity and Compliance Controls

test

TEST

Cloud Platform:

AWS

Standard:

Amazon Foundational Security Best Practice (AFSBP)

Config Rule:

acm-certificate-expiration-check-test

Severity:

High

Resource:

ACM

Control Description

This control checks whether ACM certificates in your account are marked for expiration within 30 days. It checks both imported certificates and certificates provided by AWS Certificate Manager.

Remediation Steps

ACM provides managed renewal for your Amazon-issued SSL/TLS certificates. This means that ACM either renews your certificates automatically (if you use DNS validation), or it sends you email notices when the certificate expiration approaches. These services are provided for both public and private ACM certificates.