Ensure OCI IAM password policy contains numeric characters
Error: OCI IAM password policy for local (non-federated) users does not have a number
Bridgecrew Policy ID: BC_OCI_IAM_2
Checkov Check ID: CKV_OCI_12
Severity: HIGH
OCI IAM password policy for local (non-federated) users does not have a number
Description
This policy identifies Oracle Cloud Infrastructure(OCI) accounts that do not have a lowercase character in the password policy for local (non-federated) users. As a security best practice, configure a strong password policy for secure access to the OCI console.
Fix - Runtime
OCI Console
- Login to the OCI Console Page: https://console.ap-mumbai-1.oraclecloud.com/
- Go to Identity in the Services menu.
- Select Authentication Settings from the Identity menu.
4.Click Edit Authentication Settings in the middle of the page.
5.Ensure the checkbox is selected next to MUST CONTAIN AT LEAST 1 LOWERCASE CHARACTER.
Note : The console URL is region specific, your tenancy might have a different home region and thus console URL.
Fix - Buildtime
Terraform
- Resource: oci_identity_authentication_policy
- Arguments: password_policy.is_numeric_characters_required
resource "oci_identity_authentication_policy" "pass" {
...
password_policy {
...
is_numeric_characters_required = true
...
}
}
Updated 12 months ago