IAM Password policy should have requirement for at least one symbol in the password.
Explanation
IAM account password policies should ensure that passwords content including a symbol.
Insecure Example
The following example will fail the AWS040 check.
resource "aws_iam_account_password_policy" "strict" {
# ...
# require_symbols not set
# ...
}
Secure Example
The following example will pass the AWS040 check.
resource "aws_iam_account_password_policy" "strict" {
# ...
require_symbols = true
# ...
}