AWS_IAM_9 - Cloudlytics

AWS_IAM_9

Ensure IAM password policy requires minimum length of 14 or greater

Description

Password policies are, in part, used to enforce password complexity requirements. IAM password policies can be used to ensure password are at least a given length. It is recommended that the password policy require a minimum password length 14.

Remediation

Perform the following to ensure the password policy is configured as prescribed:

Via AWS Console

Login to AWS Console (with appropriate permissions to View Identity Access
Management Account Settings)
Go to IAM Service on the AWS Console
Click on Account Settings on the Left Pane
Set Minimum password length” to 14 or greater.
Click “Apply password policy”

Via CLI

aws iam update-account-password-policy –minimum-password-length 14

Note: All commands starting with “aws iam update-account-password-policy” can be
combined into a single command.

References:
1. CCE-78907-3
2. CIS CSC v6.0 #5.7, #16.12

“

Service

IAM

Severity

Medium

Ensure IAM password policy requires minimum length of 14 or greater

Description

Remediation

Service

Severity

Compliance

Mapping

Cloudlytics

CLOSE

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!

Ensure IAM password policy requires minimum length of 14 or greater

Description

Remediation

Service

Severity

Compliance

Mapping

CLOSE

We are now live on AWS Marketplace. The integrated view of your cloud infrastructure is now easier than ever!

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!