---
names:
  full: "AWS ACM Certificate expires in the next 7 days"
  contextual: "Certificate expires in the next 7 days"
description: >
  Renew your SSL/TLS certificates in AWS ACM that are ineligible for automatic renewal at 
  least 7 days before their expiration date to ensure uninterrupted security coverage 
  and prevent service disruptions. Proactive renewal safeguards your applications 
  and maintains user trust. AWS Certificate Manager simplifies the provisioning, 
  management, and deployment of SSL/TLS certificates for various AWS resources, 
  including Elastic Load Balancers, CloudFront distributions, and APIs on Amazon API Gateway
categories:
  - "SECURITY"
  - "RELIABILITY"
type: "COMPLIANCE_POLICY"
frameworkMappings:
  - "/frameworks/cloudaware/secret-and-certificate-governance/expiration-management"
  - "/frameworks/aws-fsbp-v1.0.0/acm/01"
similarPolicies:
  internal:
    - "dec-x-b24d2338"
  cloudConformity:
    - url: https://www.trendmicro.com/cloudoneconformity/knowledge-base/aws/ACM/certificate-expires-in-7-days.html
      name: AWS ACM Certificates Renewal (7 days before expiration)
  awsSecurityHub:
    - name: "[ACM.1] Imported and ACM-issued certificates should be renewed after a specified time period"
      url: "https://docs.aws.amazon.com/securityhub/latest/userguide/acm-controls.html#acm-1"