🚀Launch Week 04, May 13th - 17th, 2024!🚀
Powerpipe Hub 
Hub
Mods
turbot/aws_compliance
Overview
26Dashboards
1161Controls
568Queries
2Variables
GitHub
Loading controls...

Control: 1.2 Ensure security contact information is registered

Description

AWS provides customers with the option of specifying the contact information for account's security team. It is recommended that this information be provided.

Specifying security-specific contact information will help ensure that security advisories sent by AWS reach the team in your organization that is best equipped to respond to them.

Remediation

Perform the following to establish security contact information:

From Console:

  1. Click on your account name at the top right corner of the console.
  2. From the drop-down menu Click My Account.
  3. Scroll down to the Alternate Contacts section.
  4. Enter contact information in the Security section.

From Command Line:

Run the following command with the following input parameters: --email-address, --name, and --phone-number.

aws account put-alternate-contact --alternate-contact-type SECURITY

Note: Consider specifying an internal email distribution list to ensure emails are regularly monitored by more than one individual.

Usage

Run the control in your terminal:

powerpipe control run aws_compliance.control.cis_v300_1_2

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run aws_compliance.control.cis_v300_1_2 --share

SQL

This control uses a named query:

account_alternate_contact_security_registered

Tags

category = Compliance
cis = true
cis_item_id = 1.2
cis_level = 1
cis_section_id = 1
cis_type = manual
cis_version = v3.0.0
plugin = aws
service = AWS/IAM