AWS_IAM_34

Ensure IAM password policy expires passwords within 45 days or less

Description

Identify the age of your Amazon IAM user passwords and ensure that these credentials are reset before their validity period ends in order to prevent password expiry.

Remediation

1. Sign in to the AWS Management Console.

2. Navigate to IAM dashboard.

3. In the left navigation panel, choose Users.

4. Click on the name of the IAM user that you want to update (see Audit section part I to identify the right IAM resource).

5. Under Summary, select Security credentials tab to access the user credentials configuration.

6. Inside Sign-In credentials section, click Manage password next to Console password to access the user password management panel.

7. On the Manage console access panel, check Require password reset checkbox to enforce the selected IAM user to create a new password at the next sign in.

8. Sign in again to the AWS Management Console using existing AWS IAM user credentials.

9. Once logged in, you will be redirected to a dedicated page where you can reset your IAM user password. Provide the old (existing) password and the new password then click Confirm password change to reset your user password.

Service

IAM

Severity

Low

Compliance

Mapping

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!