Pipeline: 1.2 Ensure security contact information is registered
Description
AWS provides customers with the option of specifying the contact information for account's security team. It is recommended that this information be provided.
Specifying security-specific contact information will help ensure that security advisories sent by AWS reach the team in your organization that is best equipped to respond to them.
Remediation
Perform the following to establish security contact information:
From Console:
- Click on your account name at the top right corner of the console.
- From the drop-down menu Click
My Account. - Scroll down to the
Alternate Contactssection. - Enter contact information in the
Securitysection.
From Command Line:
Run the following command with the following input parameters: --email-address, --name, and --phone-number.
aws account put-alternate-contact --alternate-contact-type SECURITYNote: Consider specifying an internal email distribution list to ensure emails are regularly monitored by more than one individual.
Run the pipeline
To run this pipeline from your terminal:
flowpipe pipeline run aws_cis.pipeline.cis_v300_1_2Use this pipeline
To call this pipeline from your pipeline, use a step:
step "pipeline" "step_name" { pipeline = aws_cis.pipeline.cis_v300_1_2 }Params
| Name | Type | Required | Description | Default |
|---|---|---|---|---|
| database | connection.steampipe | Yes | Database connection string. | connection.steampipe.default |
| notifier | notifier | Yes | The name of the notifier to use for sending notification messages. | notifier.default |
| notification_level | string | Yes | The verbosity level of notification messages to send. Valid options are 'verbose', 'info', 'error'. | info |
| approvers | list(notifier) | Yes | List of notifiers to be used for obtaining action/approval decisions. | notifier.default |
Outputs
This pipeline has no outputs.