AWS039

IAM Password policy should have minimum password length of 14 or more characters.

Explanation

IAM account password policies should ensure that passwords have a minimum length.

The account password policy should be set to enforce minimum password length of at least 14 characters.

Insecure Example

The following example will fail the AWS039 check.

resource "aws_iam_account_password_policy" "strict" {
	# ...
	# minimum_password_length not set
	# ...
}

Secure Example

The following example will pass the AWS039 check.

resource "aws_iam_account_password_policy" "strict" {
	# ...
	minimum_password_length = 14
	# ...
}