top of page

IAM.7

Password policies for IAM users should have strong configurations

Severity

Cloud Platforms

Resources

Related Standards

Automated

MEDIUM

AWS

AWS Identity and Access Management

AWS Foundational Best Practice, AWS Foundational Technical Review, CDR, ISO27001, SOC2, NIST.800-53.r5,

YES

This AWS control checks whether the account password policy for IAM users uses the following recommended configurations: RequireUppercaseCharacters: true; RequireLowercaseCharacters: true; RequireSymbols: true; RequireNumbers: true; MinimumPasswordLength: 8.

bottom of page