Alibaba Cloud RAM password policy does not have a lowercase character

Description

This policy identifies Alibaba Cloud accounts that do not have a lowercase character in the password policy. As a security best practice, configure a strong password policy for secure access to the Alibaba Cloud console.

Code Example

resource "alicloud_ram_account_password_policy" "example" {
  ...
+  require_lowercase_characters = true
}

Remediation

Terraform

Resource: alicloud_ram_account_password_policy
Arguments: require_lowercase_characters

To mitigate this issue, ensure the `require_lowercase_characters` attribute in the `alicloud_ram_account_password_policy` resource is set to `true`.

Example:

Rule Details

Field	Value
ID	IAC-0017
Severity	INFO
IaC Type	Terraform
Frameworks	Terraform
Checkov ID	CKV_ALI_17

References

Checkov Rule

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

Alibaba Cloud RAM password policy does not have a lowercase character

Description

Code Example

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

Alibaba Cloud RAM password policy does not have a lowercase character ​

Description ​

Code Example ​

Remediation ​

Rule Details ​

References ​

Alibaba Cloud RAM password policy does not have a lowercase character

Description

Code Example

Remediation

Rule Details

References