Alibaba Cloud RAM password policy does not have an uppercase character

Description

This policy identifies Alibaba Cloud accounts that do not have an uppercase character in the password policy. As a security best practice, configure a strong password policy for secure access to the Alibaba Cloud console.

Code Example

resource "alicloud_ram_account_password_policy" "example" {
  ...
+  require_uppercase_characters = true
}

Remediation

Terraform

Resource: alicloud_ram_account_password_policy
Arguments: require_uppercase_characters

To mitigate this issue, ensure the `require_uppercase_characters` attribute in the `alicloud_ram_account_password_policy` resource is set to `true`.

Example:

Rule Details

Field	Value
ID	IAC-0019
Severity	MEDIUM
IaC Type	Terraform
Frameworks	Terraform
Checkov ID	CKV_ALI_19

References

Checkov Rule

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

Alibaba Cloud RAM password policy does not have an uppercase character

Description

Code Example

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

Alibaba Cloud RAM password policy does not have an uppercase character ​

Description ​

Code Example ​

Remediation ​

Rule Details ​

References ​

Alibaba Cloud RAM password policy does not have an uppercase character

Description

Code Example

Remediation

Rule Details

References