AWS_IAM_11
IAM password policies can require passwords to be rotated or expired after a given number of days. It is recommended that the password policy expire passwords after 90 days or less.
Perform the following to set the password policy as prescribed:
Via AWS Console:
1. Login to AWS Console (with appropriate permissions to View Identity Access Management Account Settings)
2. Go to IAM Service on the AWS Console
3. Click on Account Settings on the Left Pane
4. Check Enable password expiration”
5. Set “Password expiration period (in days):” to 90 or less
Via CLI
aws iam update-account-password-policy –max-password-age 90
Note: All commands starting with “aws iam update-account-password-policy” can be
combined into a single command.
References:
1. CCE-78909-9
Want to Know More?
Learn how our partners are managing their cloud security and compliance with Cloudlytics.
I hereby accept the GDPR and Privacy Policy, by subscribing to the newsletters.
