RAM account password policy max password age not recommended
This product is not supported for your selected
Datadog site. (
).
Id: 2bb13841-7575-439e-8e0a-cccd9ede2fa8
Cloud Provider: Alicloud
Platform: Terraform
Severity: Medium
Category: Secret Management
Learn More
Description
The alicloud_ram_account_password_policy attribute max_password_age must be greater than 0 and less than 91. A missing max_password_age, a value of 0, or any value greater than 90 is noncompliant. Recommended remediation: set max_password_age to 12.
Compliant Code Examples
resource "alicloud_ram_account_password_policy" "corporate" {
minimum_password_length = 9
require_lowercase_characters = false
require_uppercase_characters = false
require_numbers = false
require_symbols = false
hard_expiry = true
max_password_age = 12
password_reuse_prevention = 5
max_login_attempts = 3
}
Non-Compliant Code Examples
resource "alicloud_ram_account_password_policy" "corporate" {
minimum_password_length = 9
require_lowercase_characters = false
require_uppercase_characters = false
require_numbers = false
require_symbols = false
hard_expiry = true
max_password_age = 92
password_reuse_prevention = 5
max_login_attempts = 3
}
resource "alicloud_ram_account_password_policy" "corporate" {
minimum_password_length = 9
require_lowercase_characters = false
require_uppercase_characters = false
require_numbers = false
require_symbols = false
hard_expiry = true
max_password_age = 0
password_reuse_prevention = 5
max_login_attempts = 3
}
resource "alicloud_ram_account_password_policy" "corporate" {
minimum_password_length = 9
require_lowercase_characters = false
require_uppercase_characters = false
require_numbers = false
require_symbols = false
hard_expiry = true
password_reuse_prevention = 5
max_login_attempts = 3
}
