Azure and GCP Perimeter Security, CIS Updates, and Enhanced Plugins →
Powerpipe Hub 
Hub
Mods
turbot/steampipe-mod-aws-compliance
Overview
36Dashboards
1598Benchmarks
674Queries
9Variables
GitHub

Control: 2.1 Maintain current contact details

Description

Ensure contact email and telephone details for AWS accounts are current and map to more than one individual in your organization.

An AWS account supports a number of contact details, and AWS will use these to contact the account owner if activity judged to be in breach of the Acceptable Use Policy or indicative of a likely security compromise is observed by the AWS Abuse team. Contact details should not be for a single individual, as circumstances may arise where that individual is unavailable. Email contact details should point to a mail alias which forwards email to multiple individuals within the organization; where feasible, phone contact details should point to a PABX hunt group or other call-forwarding system.

Remediation

This activity can only be performed via the AWS Console, with a user who has permission to read and write Billing information (aws-portal:*Billing).

From Console:

  1. Sign in to the AWS Management Console and open the Billing and Cost Management console at https://console.aws.amazon.com/billing/home#/.
  2. On the navigation bar, choose your account name, and then choose Account.
  3. On the Account Settings page, next to Account Settings, choose Edit.
  4. Next to the field that you need to update, choose Edit.
  5. After you have entered your changes, choose Save changes.
  6. After you have made your changes, choose Done.
  7. To edit your contact information, under Contact Information, choose Edit.
  8. For the fields that you want to change, type your updated information, and then choose Update.

From Command Line:

  1. Run the following command:
aws account put-contact-information --contact-information '{
  "AddressLine1": "<AddressLine 1>",
  "AddressLine2": "<AddressLine 2>",
  "City": "<City>",
  "CompanyName": "<Company Name>",
  "CountryCode": "<Country Code>",
  "FullName": "<Full Name>",
  "PhoneNumber": "<Phone Number>",
  "PostalCode": "<Postal Code>",
  "StateOrRegion": "<State or Region>"
}'

Default Value:

By default, AWS account contact information (email and telephone) is set to the values provided at account creation. These usually reference a single individual rather than a shared alias or group contact.

Usage

Run the control in your terminal:

powerpipe control run aws_compliance.control.cis_v600_2_1

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run aws_compliance.control.cis_v600_2_1 --share

SQL

This control uses a named query:

select
  'arn:' || partition || ':::' || account_id as resource,
  'info' as status,
  'Manual verification required.' as reason
  , account_id
from
  aws_account;

Tags

category = Compliance
cis = true
cis_item_id = 2.1
cis_level = 1
cis_section_id = 2
cis_type = manual
cis_version = v6.0.0
plugin = aws
service = AWS/IAM