Skip to main content

πŸ›‘οΈ AWS Account Alternate Contact Information is not currentπŸ”΄πŸŸ’βšͺ

Similar Policies​

  • Internal: dec-x-a7b7e35e

Similar Internal Rules​

RulePoliciesFlags
βœ‰οΈ dec-x-a7b7e35e1

TODO πŸ”΄β€‹

Open File

TODO​

Description​

Open File

Description​

AWS provides customers with the option of specifying the contact information for account's security team. It is recommended that this information be provided.

Rationale​

Specifying security-specific contact information will help ensure that security advisories sent by AWS reach the team in your organization that is best equipped to respond to them.

Audit​

Perform the following to determine if security contact information is present:

From Console​
  1. Click on your account name at the top right corner of the console.
  2. From the drop-down menu Click My Account.
  3. Scroll down to the Alternate Contacts section.
  4. Ensure contact information is specified in the Security section.
From Command Line​
  1. Run the following command:
aws account get-alternate-contact --alternate-contact-type SECURITY
  1. Ensure proper contact information is specified for the Security contact.

References​

  1. CCE-79200-2

Remediation​

Open File

Remediation​

Perform the following to establish security contact information:

From Console​

  1. Click on your account name at the top right corner of the console.
  2. From the drop-down menu Click My Account.
  3. Scroll down to the Alternate Contacts section.
  4. Enter contact information in the Security section.

From Command Line​

Run the following command with the following input parameters: --email-address, --name, and --phone-number.

aws account put-alternate-contact --alternate-contact-type SECURITY

Note: Consider specifying an internal email distribution list to ensure emails are regularly monitored by more than one individual.

policy.yaml​

Open File

Linked Framework Sections​

SectionSub SectionsInternal RulesPoliciesFlagsCompliance
πŸ’Ό AWS Foundational Security Best Practices v1.0.0 β†’ πŸ’Ό [Account.1] Security contact information should be provided for an AWS account11no data
πŸ’Ό CIS AWS v1.2.0 β†’ πŸ’Ό 1.18 Ensure security contact information is registered1no data
πŸ’Ό CIS AWS v1.3.0 β†’ πŸ’Ό 1.2 Ensure security contact information is registered1no data
πŸ’Ό CIS AWS v1.4.0 β†’ πŸ’Ό 1.2 Ensure security contact information is registered1no data
πŸ’Ό CIS AWS v1.5.0 β†’ πŸ’Ό 1.2 Ensure security contact information is registered - Level 1 (Manual)1no data
πŸ’Ό CIS AWS v2.0.0 β†’ πŸ’Ό 1.2 Ensure security contact information is registered - Level 1 (Manual)1no data
πŸ’Ό CIS AWS v3.0.0 β†’ πŸ’Ό 1.2 Ensure security contact information is registered - Level 1 (Manual)1no data
πŸ’Ό CIS AWS v4.0.0 β†’ πŸ’Ό 1.2 Ensure security contact information is registered (Manual)1no data
πŸ’Ό CIS AWS v4.0.1 β†’ πŸ’Ό 1.2 Ensure security contact information is registered (Manual)1no data
πŸ’Ό CIS AWS v5.0.0 β†’ πŸ’Ό 1.2 Ensure security contact information is registered (Manual)1no data
πŸ’Ό CIS AWS v6.0.0 β†’ πŸ’Ό 2.2 Ensure security contact information is registered (Manual)1no data
πŸ’Ό Cloudaware Framework β†’ πŸ’Ό Infrastructure Modernization16no data
πŸ’Ό FedRAMP High Security Controls β†’ πŸ’Ό CM-2 Baseline Configuration (L)(M)(H)3130no data
πŸ’Ό FedRAMP High Security Controls β†’ πŸ’Ό CM-2(2) Automation Support for Accuracy and Currency (M)(H)16no data
πŸ’Ό FedRAMP Low Security Controls β†’ πŸ’Ό CM-2 Baseline Configuration (L)(M)(H)29no data
πŸ’Ό FedRAMP Moderate Security Controls β†’ πŸ’Ό CM-2 Baseline Configuration (L)(M)(H)330no data
πŸ’Ό FedRAMP Moderate Security Controls β†’ πŸ’Ό CM-2(2) Automation Support for Accuracy and Currency (M)(H)16no data
πŸ’Ό NIST SP 800-53 Revision 5 β†’ πŸ’Ό CM-2 Baseline Configuration729no data
πŸ’Ό NIST SP 800-53 Revision 5 β†’ πŸ’Ό CM-2(2) Baseline Configuration _ Automation Support for Accuracy and Currency16no data