IAM Password Without Lowercase Letter

Query id: bbc7c137-6c7b-4fc4-984a-0c88e91fcaf9
Query name: IAM Password Without Lowercase Letter
Platform: Terraform
Severity: Medium
Category: Best Practices
URL: Github

Description¶

IAM Password should have at least one lowercase letter
Documentation

Code samples¶

Code samples with security vulnerabilities¶

Postitive test num. 1 - tf file

resource "aws_iam_account_password_policy" "positive1" {
  require_lowercase_characters   = false
  require_numbers                = true
  require_uppercase_characters   = true
  require_symbols                = true
  allow_users_to_change_password = true
}

resource "aws_iam_account_password_policy" "positive2" {
  minimum_password_length        = 3
  require_numbers                = true
  require_uppercase_characters   = true
  require_symbols                = true
  allow_users_to_change_password = true
}

Code samples without security vulnerabilities¶

Negative test num. 1 - tf file

resource "aws_iam_account_password_policy" "negative1" {
  minimum_password_length        = 8
  require_lowercase_characters   = true
  require_numbers                = true
  require_uppercase_characters   = true
  require_symbols                = true
  allow_users_to_change_password = true
}