IAM password policy should require user passwords to expire within 90 days

iam
이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Description

IAM password policies enforce rules for user passwords in AWS. One of these rules is defining the password expiration timeframe. Requiring user passwords to expire within 90 days is a best practice to enhance security. This policy reduces the risk of compromised accounts due to prolonged use of the same password, ensuring periodic updates that safeguard against potential threats.

Remediation

From the console

See the Setting an AWS IAM Password Policy doc for console remediation steps to enforce a 90-day expiration policy.