Alibaba Cloud RAM password policy does not have a symbol

Description

This policy identifies Alibaba Cloud accounts that do not have a symbol in the password policy. As a security best practice, configure a strong password policy for secure access to the Alibaba Cloud console.

Code Example

resource "alicloud_ram_account_password_policy" "example" {
  ...
+  require_symbols              = true
}

Remediation

Terraform

• Resource: alicloud_ram_account_password_policy
• Arguments: require_symbols

To mitigate this issue, ensure the `require_symbols` attribute in the `alicloud_ram_account_password_policy` resource is set to `true`.

Example:

Rule Details

Field	Value
ID	IAC-0015
Severity	INFO
IaC Type	Terraform
Frameworks	Terraform
Checkov ID	CKV_ALI_15

References

• Checkov Rule

---