Guardian 0.11.6

The 0.11.6 release of Guardian introduces support for certificates managed in Amazon Certificate Manager (ACM).

Previously, there was no way in guardian to explicitly monitor metrics of ACM certificates, this meant that events such as upcoming expiry or renewal activities were missed.

Guardian now supports the Acm as a resource type which creates an alarm that monitors the DaysToExpiry metric on the certificate an alarms when the default threshold of 31 days is breached.

Resources:
  Acm:
  - Id: abc1234-defg56789

Furthermore, the added ACM support also adds monitoring for the following ACM events

• ACM Certificate Expired

  {
    "detail-type": ["ACM Certificate Expired"],
    "source": ["aws.acm"]
  }
  

• ACM Certificate Renewal Action Required

  {
    "detail-type": ["ACM Certificate Renewal Action Required"],
    "source": ["aws.acm"]
  }
  

• ACM Certificate Approaching Expiration

  {
    "detail-type": ["ACM Certificate Approaching Expiration"],
    "source": ["aws.acm"]
  }
  

This means that even without the certificates being explicitly defined in the alarms.yaml, ACM events are always being monitored so no possible risk is missed.