A Config rule that checks whether the account password policy for IAM users meets the specified requirements.

This config rule supports the following parameters:

  • RequireUppercaseCharacters
    • Required: No
    • Type: boolean
    • Description:Require at least one uppercase character in password.
    • Default Value: true
  • RequireLowercaseCharacters
    • Required: No
    • Type: boolean
    • Description:Require at least one lowercase character in password.
    • Default Value: true
  • RequireSymbols
    • Required: No
    • Type: boolean
    • Description:Require at least one symbol in password.
    • Default Value: true
  • RequireNumbers
    • Required: No
    • Type: boolean
    • Description:Require at least one number in password.
    • Default Value: true
  • MinimumPasswordLength
    • Required: No
    • Type: int
    • Description:Password minimum length.
    • Default Value: 14
  • PasswordReusePrevention
    • Required: No
    • Type: int
    • Description:Number of passwords before allowing reuse.
    • Default Value: 24
  • MaxPasswordAge
    • Required: No
    • Type: int
    • Description:Number of days before password expiration.
    • Default Value: 90

CloudFormation Template

AWSTemplateFormatVersion: '2010-09-09'
Description: Cfn Template by CloudAdvisor
Parameters: {}
Resources: {}
Outputs: {}
Conditions: {}
Mappings: {}
Metadata: {}