v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Powerpipe Hub 
Hub
Mods
turbot/aws_compliance
Overview
32Dashboards
1295Controls
585Queries
4Variables
GitHub

Control: ACM certificates should not use wildcard certificates

Description

Ensure that ACM single domain name certificates are used instead of wildcard certificates within your AWS account in order to follow security best practices and protect each domain/subdomain with its own unique private key.

Usage

Run the control in your terminal:

powerpipe control run aws_compliance.control.acm_certificate_no_wildcard_domain_name

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run aws_compliance.control.acm_certificate_no_wildcard_domain_name --share

SQL

This control uses a named query:

acm_certificate_no_wildcard_domain_name

Tags

category = Compliance
plugin = aws
service = AWS/ACM