Severity: High
Description: This control ensures that expired ACM certificates are removed. Expired ACM certificates should be removed or if applicable renewed. So, that services integrated with that certificate will run without failures..
Remediation Steps:
Perform following to ensure ACM uses imported certificates:
Login to the AWS Management Console at https://console.aws.amazon.com.
Navigate to Workspaces console.
Within the Workspace Console, in the left pane, click on Workspace
Click on Launch Workspaces
For the Workspaces Configuration step, do the following:
Select the volumes to encrypt: Root Volume and User Volume
For Encryption Key, select a CMK that you created.
Click Next Step
Choose Launch WorkSpaces.
Important:
Root/User Volume encryption cannot be changed once workspace has been created. You'll need to terminate the resource and create a new one
Reference: