Guides
  1. aws policies
  2. IAM User

Ensure AWS Identity and Access Management (IAM) user passwords are reset before expiration (45 Days)

Risk Level: Low
Cloud Entity: IAM User
CloudGuard Rule ID: D9.AWS.LOG.26
Covered by Spectral: No
Category: Security, Identity, & Compliance

GSL LOGIC

IamUser should have passwordNextRotation <= 45

REMEDIATION

From Portal

  1. Navigate to your AWS Identity and Access Management (IAM) dashboard.\
  2. Within the navigation panel, select 'Credential Report'\
  3. Click the 'Download Report' option to access a comprehensive list of all your AWS account users along with the status of their various credentials.\
  4. Open the downloaded file\
  5. Examine the 'password_next_rotation' column value for each listed AWS IAM user.\
  6. Verify if the 'password_next_rotation' value indicates a timeframe of fewer than 45 days, ensuring
    that password rotations are scheduled within the recommended security threshold.

From Command Line

To Retrieve the IAM Credential Report:

aws iam get-credential-report

To Decode and Save the Report as a CSV File:

echo -n 'YOUR_CONTENT'| base64 -d >> aws-iam-credentials-report.csv

To Set a Valid Password Policy:

aws iam update-account-password-policy --allow-users-to-change-password --max-password-age 30

References

  1. https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users.html
  2. https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_account-policy.html

IAM User

An IAM user is an entity that you create in AWS to represent the person or service that uses it to interact with AWS. A user in AWS consists of a name and credentials.

Compliance Frameworks

  • CloudGuard AWS All Rules Ruleset

Updated 7 months ago