IAM server certificate should be renewed 30 days before expiration

Docs > Datadog Security > OOTB Rules > IAM server certificate should be renewed 30 days before expiration

This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Description

Ensure that your IAM service SSL/TLS certificates are renewed 30 days prior to their validity period ending.

Rationale

If a certificate becomes invalid, the communication between the client and AWS resource that implements certificates is no longer secure.

Remediation

From the console

Follow the Managed renewal for ACM certificates AWS documentation to set up renewal by validation type (DNS, email, or private PKI).

From the command line

Follow the Managed renewal for ACM certificates AWS documentation to set up renewal by validation type (DNS, email, or private PKI).