Ensure ACM certificates for specific domain names are used over wildcard certificates to adhere to best security practices, providing unique private keys for each domain/subdomain.
impact:|
Using wildcard certificates can expose your AWS environment to increased risk by potentially allowing unauthorized subdomains to be protected under the same certificate, reducing the granularity of access control and increasing the blast radius in the event of a key compromise.
remediation:|
Replace wildcard ACM certificates with single domain name certificates for each domain/subdomain within your AWS account. This enhances security by ensuring each domain/subdomain has its own unique private key and certificate.