Ensure AWS IAM password policy has an uppercase character

Description

Password policies are employed to enforce the adherence to specified password complexity requirements. The IAM password policy should mandate the inclusion of diverse character types within passwords. Specifically, the policy should enforce the presence of at least one uppercase letter, thereby enhancing security, particularly against brute force attack vectors.

Fix - Runtime

AWS Console

To change the password policy in the AWS Console you will need appropriate permissions to View Identity Access Management Account Settings.

To manually set the password policy with a minimum length, follow these steps:

  1. Log in to the AWS Management Console as an IAM user at https://console.aws.amazon.com/iam/.
  2. Navigate to IAM Services.
  3. On the Left Pane click Account Settings.
  4. Select Requires at least one uppercase letter.
  5. Click Apply password policy.
CLI Command

To change the password policy, use the following command:

aws iam update-account-password-policy --require-uppercase-characters
ReLambda