Identify the age of your Amazon IAM user passwords and ensure that these credentials are reset before their validity period ends in order to prevent password expiry.
This rule can help you with the following compliance standards:
- PCI
- APRA
- MAS
- NIST4
For further details on compliance standards supported by Conformity, see here.
This rule can help you work with the AWS Well-Architected Framework.
This rule resolution is part of the Conformity Security & Compliance tool for AWS.
Monitoring the age of your IAM user credentials can help you prevent password expiry for less frequent logins and manage the user-based access to your account more efficiently.
Audit
To determine the age of your Amazon IAM user passwords, perform the following:
Remediation / Resolution
To reset any Amazon IAM user passwords that are about to expire soon, perform the following:
References
- AWS Documentation
- AWS IAM FAQs
- IAM Users
- Managing IAM Users
- Getting Credential Reports for Your AWS Account
- Managing Passwords
- Managing Passwords for IAM Users
- AWS Command Line Interface (CLI) Documentation
- iam
- get-credential-report
- update-login-profile
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
IAM User Password Expiry 30 Days
Risk Level: Medium