Ensure AWS account contact details are up-to-date

Error: AWS account contact details are not up-to-date

Bridgecrew Policy ID: BC_AWS_IAM_18
Severity: LOW

AWS account contact details are not up-to-date

Description

Ensure contact email and telephone details for AWS accounts are current and map to more than one individual in your organization. An AWS account supports a number of contact details, and AWS will use these to contact the account owner if activity judged to be in breach of the Acceptable Use Policy or a likely security compromise is observed by the AWS Abuse team. Contact details should not be for a single individual, as circumstances may arise where that individual is unavailable. Email contact details should point to a mail alias which forwards email to multiple individuals within your organization.

If an AWS account is observed to be behaving in a prohibited or suspicious manner, AWS will attempt to contact the account owner by email and phone using the contact details listed. If this is unsuccessful and the account behavior needs urgent mitigation, proactive measures may be taken, including throttling of traffic between the account exhibiting suspicious behavior and the AWS API endpoints and the Internet. This will result in impaired service to and from the account in question.

To establish prompt contact, we recommend you set AWS account contact details to point to resources with multiple individuals as recipients, such as email aliases and PABX hunt groups, or other call-forwarding systems.

Fix - Runtime

AWS Console

This activity can only be performed using the AWS Console, and by a user with permission to read and write Billing information (aws-portal:*Billing).

Procedure:

  1. Log in to the AWS Management Console at https://console.aws.amazon.com/.
  2. Open the Amazon Billing and Cost Management console.
  3. On the navigation bar select your account name, then click My Account.
  4. Navigate to the Account Settings page, next to Account Settings, click Edit.
  5. Next to the field that you need to update, click Edit.
  6. Enter your changes, then click Save changes.
  7. Repeat Steps 5 and 6 until all changes are complete. Click Done.

📘

Updating Contact Information

To edit your contact information, navigate to Contact Information, click Edit.
For the contact information fields that you want to change, enter your updated contact information. When complete, click Update.