Risk Level: High
Cloud Entity: IAM User
CloudGuard Rule ID: D9.AWS.IAM.98
Covered by Spectral: No
Category: Security, Identity, & Compliance
IamUser where passwordEnabled='true' should have passwordLastChanged after(-90, 'days')
- Login to the AWS Management Console: https://console.aws.amazon.com/
- Click Services
- Click IAM
- Click on Users
- Select on the relevant user
- Click on Security Credentials
- Under 'Sign-in credentials' go to 'Console password' and click on 'Manage'
- select 'Require password reset'
Note : make sure that the user has permission to change his or her password.
- Login to this user account and create new password.
- Repeat steps 5-9 for other relevant IAM users.
From Command Line
- To update password, run:
aws iam update-login-profile --user-name USER_NAME --password NEW_PASSWORD --password-reset-required
An IAM user is an entity that you create in AWS to represent the person or service that uses it to interact with AWS. A user in AWS consists of a name and credentials.
- AWS CSA CCM v.4.0.1
- AWS CloudGuard Best Practices
- AWS CloudGuard SOC2 based on AICPA TSC 2017
- AWS HITRUST v11.0.0
- AWS ISO27001:2022
- AWS MITRE ATT&CK Framework v11.3
- AWS NIST 800-53 Rev 5
- AWS PCI-DSS 4.0
- AWS Security Risk Management
- CloudGuard AWS All Rules Ruleset
Updated 3 months ago