Profile Applicability:
Level 1
Description:
Maintaining accurate and up-to-date contact information in your AWS account is essential for ensuring timely communication with AWS regarding account-related matters, such as security incidents, billing issues, and service notifications. AWS relies on this information to notify account owners of critical events that may require immediate action.
Rationale:
Having current and accessible contact details helps ensure that AWS can promptly notify the correct individuals in case of any security incidents, billing issues, or important updates. Timely responses can prevent service disruptions, improve issue resolution times, and ensure compliance with security policies.
Impact:
Positive Impact: Enables faster issue resolution and proper notifications for critical events such as account suspensions, security breaches, and billing concerns.
Negative Impact: Minimal effort required for configuration, but failure to maintain updated contact information can result in missed notifications and delayed responses to critical issues.
Default Value:
By default, AWS prompts for contact information during account setup, but these details may become outdated if not periodically reviewed and updated.
Pre-Requisite:
AWS Account Access: IAM user with permissions to view and update billing information (aws-portal:*Billing).
Organizational Approval: Verification of which individuals or departments should be contacted for different categories (e.g., security, billing, and operations).
Remediation:
Test Plan
Using AWS Console:
Sign in to the AWS Management Console.
Navigate to the Billing and Cost Management Dashboard at AWS Billing Console
In the top navigation bar, click on your AWS account name and then select My Account.
In the Account Settings section, review the Contact Information and Alternate Contacts sections.
If the contact information is outdated, click the Edit button next to Account Settings, Contact Information, and Alternate Contacts.
Update the email, phone number, and other contact details as necessary, and click Update to save the changes.
Using AWS CLI:
Use the following command to update the contact details for your AWS account:
aws aws-portal update-account-settings --contact-email security@yourcompany.com --contact-phone <security-phone> --category security
Validate the update by describing the account settings:
aws aws-portal describe-account-settings --account-name <Your Account Name>
Implementation Steps:
Using AWS Console:
Sign in to the AWS Management Console.
Navigate to the Billing and Cost Management Dashboard at AWS Billing Console.
In the Account Settings section, click Edit for the Contact Information and Alternate Contacts.
Update the contact information for Security, Billing, and Operations categories and click Save.
Using AWS CLI:
Update the Security contact information:
aws aws-portal update-account-settings --contact-email security@yourcompany.com --contact-phone <security-phone> --category security
Confirm the update using the following command:
aws aws-portal describe-account-settings --account-name <Your Account Name>
Backout Plan:
Using AWS Management Console:
Sign in to the AWS Management Console.
Navigate to the Billing Dashboard > Account Settings.
Review the sections for Security, Billing, and Operations Contact Details.
If you need to revert recent updates to contact details:
Replace the current details with the original or preferred contact information (email and phone).
Save the changes to apply the updates across the respective sections.
Using AWS CLI:
Retrieve the current contact details to verify the changes:
aws organizations describe-account --account-id <account-id> Revert to the original contact details: aws organizations update-account \ --account-id <account-id> \ --email <original-email> \ --phone <original-phone-number>
Confirm the reverted information:
aws organizations describe-account --account-id <account-id>