standard
turbot/aws_compliance

Trigger: Detect & correct IAM account password policies without requirement for any uppercase letter

Detects IAM account password policies without requirement for any uppercase letter and then updates to at least one uppercase letter.

Query

select
a.account_id as title,
a.account_id,
a.sp_connection_name as conn
from
aws_account as a
left join aws_iam_account_password_policy as pol on a.account_id = pol.account_id
where
require_uppercase_characters = false
or require_uppercase_characters is null;

Schedule

15m

Tags

category = Compliance
mod = aws
service = AWS/IAM