Risk Level: Low
Cloud Entity: AWS Certificate Manager
CloudGuard Rule ID: D9.AWS.CRY.55
Category: Security, Identity, & Compliance
AcmCertificate should not have status like 'PENDING_VALIDATION'
To manually check your certificate:
- Open the AWS Certificate Manager console at https://console.aws.amazon.com/acm/home.
- Expand a certificate to view its details.
- Find the Renewal Status in the Details section. If you don't see the status, ACM hasn't started the managed renewal process for this certificate.
Managed renewal process for this certificate:
ACM provides managed renewal for your Amazon-issued SSL/TLS certificates. This means that ACM will either renew your certificates automatically (if you are using DNS validation), or it will send you email notices when expiration is approaching. These services are provided for both public and private ACM certificates.
From Command Line
aws acm describe-certificate --certificate-arn arn:aws:acm:region:123456789012:certificate/97b4deb6-8983-4e39-918e-ef1378924e1e
AWS Certificate Manager is a service that lets you easily provision, manage, and deploy Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates.
- AWS CloudGuard Best Practices
- AWS CloudGuard SOC2 based on AICPA TSC 2017
- AWS HITRUST
- AWS HITRUST v11.0.0
- AWS ITSG-33
- AWS MITRE ATT&CK Framework v10
- AWS MITRE ATT&CK Framework v11.3
- AWS NIST 800-53 Rev 5
Updated 6 months ago