standard
turbot/aws_compliance

Trigger: Detect & correct IAM account password policies without requirement for any number

Detects IAM account password policies without requirement for any number and then updates to at least one number.

Query

select
a.account_id as title,
a.account_id,
a.sp_connection_name as conn
from
aws_account as a
left join aws_iam_account_password_policy as pol on a.account_id = pol.account_id
where
require_numbers = false
or require_numbers is null;

Schedule

15m

Tags

category = Compliance
mod = aws
service = AWS/IAM