The RAM user password policy is considered compliant when its password complexity settings meet the specified parameter requirements.
Scenarios
Enforcing password complexity in the RAM user password policy helps prevent account intrusion and data breaches caused by weak passwords.
Risk level
Default risk level: high.
You can change the risk level as needed.
Detection logic
The account is considered compliant when the password complexity settings in the RAM user password policy meet the specified parameter requirements. By default, the password must contain uppercase letters, lowercase letters, numbers, and special characters.
Rule details
|
Parameter |
Description |
|
Rule name |
Password complexity requirements in RAM user password policy |
|
Rule identifier |
|
|
Automatic remediation |
Not supported |
|
Trigger frequency |
Periodic: Every 24 hours |
|
Supported resource types |
ACS::::Account |
|
Input parameters |
requireSymbols (Default value: true) requireLowercaseCharacters (Default value: true) requireNumbers (Default value: true) requireUppercaseCharacters (Default value: true) |
Remediation guidance
For more information, see Configure a password policy for RAM users.