Ensure Alibaba Cloud RAM password policy requires at least one symbol
Error: Alibaba Cloud RAM password policy does not have a symbol
Bridgecrew Policy ID: BC_ALI_IAM_6
Checkov Check ID: CKV_ALI_15
Severity: MEDIUM
Alibaba Cloud RAM password policy does not have a symbol
Description
This policy identifies Alibaba Cloud accounts that do not have a symbol in the password policy. As a security best practice, configure a strong password policy for secure access to the Alibaba Cloud console.
Fix - Runtime
Alibaba Cloud Portal
- Log in to Alibaba Cloud Portal
- Go to Resource Access Management (RAM) service
- In the left-side navigation pane, click on 'Settings'
- In the 'Security Settings' tab, In the 'Password Strength Settings' Section, Click on 'Edit Password Rule'
- In the 'Required Elements in Password' field, select 'Symbols'
- Click on 'OK'
- Click on 'Close'
Fix - Buildtime
Terraform
resource "alicloud_ram_account_password_policy" "pass" {
minimum_password_length = 14
require_lowercase_characters = false
require_uppercase_characters = false
require_numbers = false
require_symbols = true
hard_expiry = true
max_password_age = 14
password_reuse_prevention = 5
max_login_attempts = 3
}
Updated 10 months ago