Ensure IAM password policy requires at least one uppercase letter

It is recommended that the password policy require at least one uppercase letter. Password policies are, in part, used to enforce password complexity requirements. IAM password policies can be used to ensure passwords consist of different character sets. Setting a password complexity policy increases account resiliency against brute force login attempts.

Risk Level: Low
Cloud Entity: AWS Identity and Access Management (IAM)
CloudGuard Rule ID: D9.TF.AWS.IAM.04
Covered by Spectral: No
Category: Security, Identity, & Compliance


aws_iam_account_password_policy should have require_uppercase_characters=true


  1. Run aws iam update-account-password-policy --require-uppercase-characters

AWS Identity and Access Management (IAM)

AWS Identity and Access Management (IAM) enables you to manage access to AWS services and resources securely. Using IAM, you can create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources.
IAM is a feature of your AWS account offered at no additional charge. You will be charged only for use of other AWS services by your users.

Compliance Frameworks

  • Terraform AWS CIS Foundations