IAM Password policy without lowercase letter
ID |
aws_iam_password_lowercase_letter |
Severity |
low |
Vendor |
AWS |
Resource |
IAM |
Tags |
asvs50-v6.2.1, reachable |
Description
IAM Password policy without lowercase letter. If the password is simple, the chance of the password being compromised is higher.
To fix it, you must configure require_lowercase=true.
Learn more about this topic at AWS IAM password policy.
Examples
---
- name: Example playbook
hosts: localhost
tasks:
- name: Password policy for AWS account
community.aws.iam_password_policy:
state: present
min_pw_length: 8
require_symbols: false
require_numbers: true
require_uppercase: false
require_lowercase: true
allow_pw_change: true
pw_reuse_prevent: 5
pw_expire: falseMitigation / Fix
---
- name: Example playbook
hosts: localhost
tasks:
- name: Password policy for AWS account
community.aws.iam_password_policy:
state: present
min_pw_length: 8
require_symbols: true
require_numbers: true
require_uppercase: true
require_lowercase: true
allow_pw_change: true
pw_max_age: 60
pw_reuse_prevent: 5
pw_expire: false