require-symbols-in-passwords
Default Severity: medium
Explanation
IAM account password policies should ensure that passwords content including a symbol.
Possible Impact
Short, simple passwords are easier to compromise
Suggested Resolution
Enforce longer, more complex passwords in the policy
Insecure Example
The following example will fail the aws-iam-require-symbols-in-passwords check.
resource "aws_iam_account_password_policy" "bad_example" {
# ...
# require_symbols not set
# ...
}
Secure Example
The following example will pass the aws-iam-require-symbols-in-passwords check.
resource "aws_iam_account_password_policy" "good_example" {
# ...
require_symbols = true
# ...
}