Ensure IAM password policy requires at least one uppercase letter

MEDIUM

Description

Password policies are, in part, used to enforce password complexity requirements. IAM password policies can be used to ensure password are comprised of different character sets. It is recommended that the password policy require at least one uppercase letter.

Remediation

In AWS Console:

  1. Login to AWS Console.
  2. Go to IAM Service on the AWS Console
  3. Click on Account Settings on the Left Pane.
  4. Check "Requires at least one uppercase letter". In Terraform - Make sure 'require_uppercase_characters' is set to true.

Policy Details

Rule Reference ID: AC_AWS_0135
CSP: AWS
Remediation Available: Yes
Resource Type: Policy

Frameworks