The RAM user password policy is compliant if the maximum login retry attempts meets the configured threshold.
Scenarios
An administrator limits the maximum login retry attempts to 5 in the RAM user password policy to prevent brute-force attacks and unauthorized access.
Risk level
Default risk level: high.
You can change this level as needed.
Detection logic
The rule verifies that the maximum login retry attempts in the RAM user password policy meets the configured threshold. Default maximum: 5 attempts.
Rule details
|
Parameter |
Description |
|
Rule name |
Maximum retry attempts in RAM user password policy meets requirements |
|
Rule identifier |
|
|
Automatic remediation |
Not supported |
|
Trigger type |
Periodic: Every 24 hours |
|
Supported resource types |
ACS::::Account |
|
Input parameters |
maxLoginAttemps (Default value: 5) |
Remediation guidance
To fix non-compliant resources, Set a password policy for RAM users.