Ensure OCI IAM password policy contains lowercase characters

Error: OCI IAM password policy for local (non-federated) users does not have a lowercase character
Bridgecrew Policy ID: BC_OCI_IAM_1
Checkov Check ID: CKV_OCI_11
Severity: HIGH

OCI IAM password policy for local (non-federated) users does not have a lowercase character

Description

This policy identifies Oracle Cloud Infrastructure(OCI) accounts that do not have a lowercase character in the password policy for local (non-federated) users. As a security best practice, configure a strong password policy for secure access to the OCI console.

Fix - Runtime

OCI Console

  1. Login to the OCI Console Page: https://console.ap-mumbai-1.oraclecloud.com/
  2. Go to Identity in the Services menu.
  3. Select Authentication Settings from the Identity menu.
    4.Click Edit Authentication Settings in the middle of the page.
    5.Ensure the checkbox is selected next to MUST CONTAIN AT LEAST 1 LOWERCASE CHARACTER.
    Note : The console URL is region specific, your tenancy might have a different home region and thus console URL.

Fix - Buildtime

Terraform

  • Resource: oci_identity_authentication_policy
  • Arguments: password_policy.is_lowercase_characters_required
resource "oci_identity_authentication_policy" "pass" {
...

  password_policy {
    is_lowercase_characters_required = true
...
  }
}

Did this page help you?