top of page

IAM.13

Ensure IAM password policy requires at least one symbol

Severity

Cloud Platforms

Resources

Related Standards

Automated

MEDIUM

AWS

AWS Identity and Access Management

AWS CIS Foundations v1.2, AWS Well-Architected, AWS Foundational Technical Review, CDR, ISO27001, SOC2, NIST CSF,

YES

Password policies are, in part, used to enforce password complexity requirements. IAM password policies can be used to ensure passwords are comprised of different character sets. It is recommended that the password policy require at least one symbol.

bottom of page