使用AWS re:Post即您表示您同意 AWS re:Post 使用条款
AWS re:Postre:Post

Verify alert email associated with expiring TLS certificates in ACM

1

We have had some outages due to expired TLS certificates. My understanding is that AWS auto-renews these certificates, and if there is a problem with the auto-renewal then an email alert is sent. My question, is there a way to check which email is receiving these alerts? In our case, the application teams have apparently not received these alerts, and we would like to ensure the appropriate personnel receive alerts for expiring certificates so that they can be renewed before an outage occurs. Any information on other ways to be alerted would be greatly appreciated.

主题
安全、身份和合规性
标签
AWS 证书管理器
语言
English
joeyp
已提问 1 年前281 查看次数
1 回答
1
已接受的回答

It would be better to set up alerts in the manner described in this document.
This setting allows for alert notifications in a set number of days before the expiration date.
https://repost.aws/knowledge-center/acm-certificate-expiration

Alternatively, since ACM publishes metrics to CloudWatch, it is possible to create an alarm with "DaysToExpiry" to be aware of expiry dates.
https://docs.aws.amazon.com/acm/latest/userguide/cloudwatch-metrics.html

profile picture
专家
Riku_Kobayashi
已回答 1 年前
profile picture
专家
Sedat Salman
已审核 1 年前
  • joeyp
    1 年前

    Thank you for the answer! Does this solution work for AWS issued certificates or only imported certificates?

  • Riku_Kobayashi 专家
    5 个月前

    Both of the ones above are also supported. The "DaysToExpiry" metric supports both imported and AWS-issued certificates.

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则

相关内容