💼 [PCA.1] AWS Private CA root certificate authority should be disabled

Contextual name: 💼 [PCA.1] AWS Private CA root certificate authority should be disabled
ID: /frameworks/aws-fsbp-v1.0.0/pca/01
Located in: 💼 Private Certificate Authority (CA)

Description

With AWS Private CA, you can create a CA hierarchy that includes a root CA and subordinate CAs. You should minimize the use of the root CA for daily tasks, especially in production environments. The root CA should only be used to issue certificates for intermediate CAs. This allows the root CA to be stored out of harm's way while the intermediate CAs perform the daily task of issuing end-entity certificates.

Similar

AWS Security Hub
- https://docs.aws.amazon.com/securityhub/latest/userguide/pca-controls.html#pca-1
Internal
- ID: dec-c-26e56508

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST SP 800-53 Revision 5 → 💼 CA-9(1) Internal System Connections _ Compliance Checks			15
💼 NIST SP 800-53 Revision 5 → 💼 CM-2 Baseline Configuration	7		13

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Description​

Similar​

Similar Sections (Give Policies To)​

Sub Sections​

Description

Similar

Similar Sections (Give Policies To)

Sub Sections