Loading controls...
Control: 1.13 Ensure RAM password policy expires passwords within 90 days or less
Description
RAM password policies can require passwords to be expired after a given number of days. It is recommended that the password policy expire passwords after 90 days or less.
Remediation
Perform the following to set the password policy as expected:
From Console
- Logon to RAM console.
- Choose
Identities > Settings. - In the
Password Strength Settingssection, clickEdit Password Rule. - In the
Password Validity Periodfield, enter<90>or a smaller number. - Click
OK.
From Command Line
aliyun ram SetPasswordPolicy --MaxPasswordAge 90Usage
Run the control in your terminal:
powerpipe control run alicloud_compliance.control.cis_v100_1_13Snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run alicloud_compliance.control.cis_v100_1_13 --shareSQL
This control uses a named query:
ram_password_policy_expire_90