v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Powerpipe Hub 
Hub
Mods
turbot/oci_compliance
Overview
3Dashboards
133Controls
43Queries
2Variables
GitHub

Control: 1.5 Ensure IAM password policy expires passwords within 365 days

Description

IAM password policies can require passwords to be rotated or expired after a given number of days. It is recommended that the password policy expire passwords after 365 and are changed immediately based on events.

Remediation

From Console

OCI Identity Cloud Service (IDCS)

  1. Login to IDCS Admin Console
  2. Expand the Navigation Drawer, click Settings, and then click Password Policy.
  3. Click on Change Your Password Policy button.
  4. Update the number of days configured in Expires after setting to 365.

Usage

Run the control in your terminal:

powerpipe control run oci_compliance.control.cis_v120_1_5

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run oci_compliance.control.cis_v120_1_5 --share

SQL

This control uses a named query:

manual_control

Tags

category = Compliance
cis = true
cis_item_id = 1.5
cis_level = 1
cis_section_id = 1
cis_type = manual
cis_version = v1.2.0
plugin = oci
service = OCI/Identity