IAM Password policy should have requirement for at least one symbol in the password.

Explanation

IAM account password policies should ensure that passwords content including a symbol.

Possible Impact

Short, simple passwords are easier to compromise

Suggested Resolution

Enforce longer, more complex passwords in the policy

Insecure Example

The following example will fail the aws-iam-require-symbols-in-passwords check.

resource "aws_iam_account_password_policy" "bad_example" {
	# ...
	# require_symbols not set
	# ...
}

Secure Example

The following example will pass the aws-iam-require-symbols-in-passwords check.

resource "aws_iam_account_password_policy" "good_example" {
	# ...
	require_symbols = true
	# ...
}

Getting Started
Provider Checks
Config
GitHub Actions