Keep your security contact details up to date

Allow AWS Security teams to contact you if we detected a security issue in your infrastructure

Ensure that the security contacts are up to date, and that the mail address is monitored regularly, so that we can communicate with you to alert you about abuse or potential security incidents in your infrastructure that AWS detected.

If AWS detects an access key unintended disclosure on the web (such as a public code repository) we will notify you using the Security contacts.

The contact should not be assigned to a particular person’s email but to a distribution list of two or three people so that if one employee is out of the office (eg vacation), there is another person who receives the alert.

Consider the “Forgot My Password” process

Ensure that you are configuring a secure mail server as the mail address can be used to restore the root password using the “Forgot my password” process.

Restrict access to the phone configured as with the mail and the phone MFA can be bypassed through the “Sign In Using Alternative Factors of Authentication”. Learn more on this subject here: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_lost-or-broken.html

Updating Contacts in AWS Organizations

The update of the security contacts can now be done through AWS Organizations ( Announcement ) to avoid accessing each account, and you can also Programmatically manage alternate contacts on member accounts with AWS Organizations . Security contacts

How to check

Risk Mitigation

  • AWS contacts you through these contacts if we detect a security issue with your account such as having an access key of yours exposed in a public code repository.

Guidance for assessments

  • Are security contacts defined for all accounts in your organization ?
  • Is the information is current and correct ? (i.e.: not pointing to an ex-employee contact information)
  • Are you using a distribution list as the email address to ensure it’s getting to more than one person ?

Pricing

No cost.