Maintain accurate and up-to-date AWS account contact information
Why this matters
Timely communication from AWS is critical during incidents involving security breaches, policy violations, or billing issues. If your contact information is outdated or points to a single individual, you may miss urgent alerts from AWS—leading to service interruptions or delayed incident response.
To mitigate this risk, it’s essential to keep contact details updated and ensure they are connected to shared email addresses and phone lines monitored by multiple team members.
What this check does
This check verifies that the account contact information in AWS is:
Present and filled out correctly
Includes a valid email and phone number
Updated within a reasonable timeframe (e.g., not older than 12 months)
It also ensures contact details are set up in a way that allows AWS to reach your organization reliably.
How to fix it
From the AWS Console
Sign in to the AWS Billing and Cost Management Console using an account with billing permissions
Click on your account name in the top-right corner
Select Account
Under Account Settings, click Edit
Update the email address, phone number, and physical address as needed
Click Save Changes
Optionally, update Contact Information (billing, operations, and security contact types) to distinct addresses or mailing lists
Tip: Use mailing lists like
security@yourcompany.com
orbilling@yourcompany.com
instead of individual emails to avoid single points of failure.
Exceptions
There are no valid exceptions to keeping contact information updated. Even accounts used solely for testing or automation should have reachable contact info to avoid automated suspension due to undeliverable messages or suspicious behavior.
Best Practices
Assign role-based addresses (e.g., aws-abuse@
, infra-ops@
) instead of personal ones
Review contact details at least once every 6–12 months
Ensure phone numbers route to reachable desks or shared lines