acm-certificate-rsa-check

Checks if RSA certificates managed by AWS Certificate Manager (ACM) have a key length of at least '2048' bits.The rule is NON_COMPLIANT if the minimum key length is less than 2048 bits.

Identifier: ACM_CERTIFICATE_RSA_CHECK

Resource Types: AWS::ACM::Certificate

Trigger type: Configuration changes

AWS Region: All supported AWS regions except US ISO West (Northern California), China (Beijing), US ISO East, Asia Pacific (Malaysia), US ISOB East (Ohio), AWS GovCloud (US-East), AWS GovCloud (US-West), Canada West (Calgary), China (Ningxia) Region

Parameters:

None

AWS CloudFormation template

To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

acm-certificate-expiration-check

acm-pca-root-ca-disabled