This rule ensures that CloudFront distributions are using custom SSL/TLS certificates for enhanced security.
Rule | CloudFront distributions should use custom SSL/TLS certificates |
Framework | AWS Foundational Security Best Practices |
Severity | ✔ Medium |
Rule Description:
This rule ensures that CloudFront distributions use custom SSL/TLS certificates instead of AWS-managed certificates. By using custom certificates, organizations have more control over their security configuration, including the ability to manage their own private keys.
Troubleshooting Steps:
Necessary Codes:
No codes are required for this rule. It is a configuration-based rule.
Remediation Steps:
CLI Command Guide:
There is no specific CLI command required for this configuration. It can be done directly through the AWS Management Console.
Note: Ensure that you have the necessary permissions and credentials to make configuration changes to the CloudFront distribution.
Following these steps will ensure that your CloudFront distribution is using a custom SSL/TLS certificate instead of an AWS-managed certificate, aligning with the AWS Foundational Security Best Practices.