Control: 1.5 Ensure IAM password policy expires passwords within 365 days

Description

IAM password policies can require passwords to be rotated or expired after a given number of days. It is recommended that the password policy expire passwords after 365 and are changed immediately based on events.

Remediation

From Console

OCI Identity Cloud Service (IDCS)

Login to IDCS Admin Console
Expand the Navigation Drawer, click Settings, and then click Password Policy.
Click on Change Your Password Policy button.
Update the number of days configured in Expires after setting to 365.

Usage

Run the control in your terminal:

powerpipe control run oci_compliance.control.cis_v120_1_5

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run oci_compliance.control.cis_v120_1_5 --share

SQL

This control uses a named query:

manual_control

Control: 1.5 Ensure IAM password policy expires passwords within 365 days

Description

Remediation

From Console

Usage

SQL

Tags