IAM Password policy should have requirement for at least one uppercase character.
Default Severity: medium
Explanation
, IAM account password policies should ensure that passwords content including at least one uppercase character.
Possible Impact
Short, simple passwords are easier to compromise
Suggested Resolution
Enforce longer, more complex passwords in the policy
Insecure Example
The following example will fail the aws-iam-require-uppercase-in-passwords check.
resource "aws_iam_account_password_policy" "bad_example" {
# ...
# require_uppercase_characters not set
# ...
}
Secure Example
The following example will pass the aws-iam-require-uppercase-in-passwords check.
resource "aws_iam_account_password_policy" "good_example" {
# ...
require_uppercase_characters = true
# ...
}