Skip to content

IAM Password policy should have requirement for at least one symbol in the password.

Default Severity: medium

Explanation

IAM account password policies should ensure that passwords content including a symbol.

Possible Impact

Short, simple passwords are easier to compromise

Suggested Resolution

Enforce longer, more complex passwords in the policy

Insecure Example

The following example will fail the aws-iam-require-symbols-in-passwords check.

 resource "aws_iam_account_password_policy" "bad_example" {
    # ...
    # require_symbols not set
    # ...
 }

Secure Example

The following example will pass the aws-iam-require-symbols-in-passwords check.

 resource "aws_iam_account_password_policy" "good_example" {
    # ...
    require_symbols = true
    # ...
 }