Best practice rules for AWS Certificate Manager
Trend Micro Cloud One™ – Conformity monitors AWS Certificate Manager with the following rules:
- ACM Certificate Expired
Ensure expired SSL/TLS certificates are removed from AWS Certificate Manager (ACM).
- AWS ACM Certificates Renewal (30 days before expiration)
Ensure Amazon Certificate Manager (ACM) certificates are renewed before their expiration.
- AWS ACM Certificates Renewal (45 days before expiration)
Ensure Amazon Certificate Manager (ACM) certificates are renewed before their expiration.
- AWS ACM Certificates Renewal (7 days before expiration)
Ensure Amazon Certificate Manager (ACM) certificates are renewed before their expiration.
- AWS ACM Certificates Validity
Ensure expired SSL/TLS certificates are removed from AWS Certificate Manager (ACM).
- AWS ACM Certificates with Wildcard Domain Names
Ensure that wildcard certificates issued by Amazon Certificate Manager (ACM) or imported to ACM are not in use.