Ensure Alibaba Cloud RAM password policy expires passwords within 90 days or less

Error: Alibaba Cloud RAM password policy does not expire in 90 days

Bridgecrew Policy ID: BC_ALI_IAM_9
Checkov Check ID: CKV_ALI_16
Severity: LOW

Alibaba Cloud RAM password policy does not expire passwords within 90 days or less

Description

This policy identifies Alibaba Cloud accounts for which do not have password expiration set to 90 days or less. As a best practice, change your password every 90 days or sooner to ensure secure access to the Alibaba Cloud console.

Fix - Runtime

Alibaba Cloud Portal

  1. Log in to Alibaba Cloud Portal
  2. Go to Resource Access Management (RAM) service
  3. In the left-side navigation pane, click on 'Settings'
  4. In the 'Security Settings' tab, In the 'Password Strength Settings' Section, Click on 'Edit Password Rule'
  5. In the 'Password Validity Period' field, enter 90 or less based on your requirement.
  6. Click on 'OK'
  7. Click on 'Close'

Fix - Buildtime

Terraform

TBD