IAM Password Without Symbol
- Query id: 7a70eed6-de3a-4da2-94da-a2bbc8fe2a48
- Query name: IAM Password Without Symbol
- Platform: Terraform
- Severity: Medium
- Category: Best Practices
- URL: Github
Description¶
IAM password should have the required symbols
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Postitive test num. 1 - tf file
resource "aws_iam_account_password_policy" "positive1" {
require_lowercase_characters = true
require_numbers = true
require_uppercase_characters = true
require_symbols = false
allow_users_to_change_password = true
}
resource "aws_iam_account_password_policy" "positive2" {
minimum_password_length = 3
require_lowercase_characters = true
require_numbers = true
require_uppercase_characters = true
allow_users_to_change_password = true
}