standard
turbot/aws_compliance

Trigger: Detect & correct IAM account password policies without requirement for any symbol

Detects IAM account password policies without requirement for any symbol and then updates to at least one symbol.

Query

select
a.account_id as title,
a.account_id,
a.sp_connection_name as conn
from
aws_account as a
left join aws_iam_account_password_policy as pol on a.account_id = pol.account_id
where
require_symbols = false
or require_symbols is null;

Schedule

15m

Tags

category = Compliance
mod = aws
service = AWS/IAM