No Password Policy Enabled
- Query id: b592ffd4-0577-44b6-bd35-8c5ee81b5918
- Query name: No Password Policy Enabled
- Platform: Terraform
- Severity: Medium
- Category: Insecure Configurations
- CWE: 521
- URL: Github
Description¶
IAM password policies should be set through the password minimum length and reset password attributes
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "aws_iam_user_login_profile" "positive2" {
user = aws_iam_user.example.name
pgp_key = "keybase:some_person_that_exists"
password_reset_required = false
password_length = 15
}
resource "aws_iam_user_login_profile" "positive3" {
user = aws_iam_user.example.name
pgp_key = "keybase:some_person_that_exists"
password_reset_required = true
password_length = 13
}
resource "aws_iam_user_login_profile" "positive6" {
user = aws_iam_user.example.name
pgp_key = "keybase:some_person_that_exists"
password_length = 13
}
resource "aws_iam_user_login_profile" "positive7" {
user = aws_iam_user.example.name
pgp_key = "keybase:some_person_that_exists"
password_reset_required = false
password_length = 13
}