Risk Level: Medium (should be achieved)
Rule ID: AlibabaCloud-RAM-012
Ensure that your Resource Access Management (RAM) users are using a strong password policy that enforces password expiration with a defined threshold of 90 days or less.
Enforcing RAM user passwords strength, pattern, and rotation is vital when it comes to maintaining the security of your Alibaba Cloud account. Having a strong password policy in use will significantly reduce the risk of password-guessing methods and brute-force attacks.
Audit
To determine if your RAM user password policy policy enforces password expiration, perform the following operations:
Remediation / Resolution
To enforce password expiration with a threshold of 90 days or less for your RAM user passwords, perform the following operations:
References
- Alibaba Cloud Documentation
- Overview of security settings
- Configure a password policy for RAM users
- Alibaba Cloud CLI Documentation
- GetPasswordPolicy
- SetPasswordPolicy
Publication date Feb 26, 2024