Pattern: IAM Password policy should have expiry less than or equal to 90 days
Issue: -
IAM account password policies should have a maximum age specified.
The account password policy should be set to expire passwords after 90 days or less.
Resolution: import (.
Example of incorrect code:
resource "aws_iam_account_password_policy" "bad_example" {
# ...
# max_password_age not set
# ...
}Example of correct code:
resource "aws_iam_account_password_policy" "good_example" {
# ...
max_password_age = 90
# ...
}