IAM server certificate should be renewed 30 days before expiration

Description

Ensure that your IAM service SSL/TLS certificates are renewed 30 days prior to their validity period ending.

Rationale

If a certificate becomes invalid, the communication between the client and AWS resource that implements certificates is no longer secure.

Remediation

From the console

Follow the Managed renewal for ACM certificates AWS documentation to set up renewal by validation type (DNS, email, or private PKI).

From the command line

Follow the Managed renewal for ACM certificates AWS documentation to set up renewal by validation type (DNS, email, or private PKI).