Information
AWS provides customers with the option of specifying the contact information for account's security team. It is recommended that this information be provided.
Rationale:
Specifying security-specific contact information will help ensure that security advisories sent by AWS reach the team in your organization that is best equipped to respond to them.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Perform the following to establish security contact information:
From Console:
Click on your account name at the top right corner of the console.
From the drop-down menu Click My Account
Scroll down to the Alternate Contacts section
Enter contact information in the Security section
From Command Line:
Run the following command with the following input parameters:
--email-address, --name, and --phone-number.
aws account put-alternate-contact --alternate-contact-type SECURITY
Note: Consider specifying an internal email distribution list to ensure emails are regularly monitored by more than one individual.