AWS-IAM-password-policy-enabled

Severity: High

Description: This control ensures that  IAM Password policy is applied. Password policies are set to enforce password complexity requirements, password reset and expiry methods to all the IAM users. Setting a password complexity, expiry time, password reset policy reduces chances of credentials getting compromised and misused.

Remediation Steps:

Perform following to update IAM policy for IAM user :

1. Login to the AWS Management Console at https://console.aws.amazon.com.

2. Navigate to IAM console.

3. In the navigation pane, click Account Settings.

4. Click on Set Password Policy

5. In the Password Policy section, select the options you want to apply to your password policy.

6. Click Apply Password Policy.

Important:

• Changes in account credentials may take up to 4 hours to get reflected in the AWS IAM evaluations

Reference:

• Set an account password policy for IAM users - AWS Identity and Access Management

• iam-password-policy - Amazon Config

• Set an account password policy for IAM users - AWS Identity and Access Management

• iam-password-policy - Amazon Config