IAM password policies should require at least one uppercase character¶
IAM password policies are used to enforce password complexity requirements. Setting a password complexity policy that requires at least one uppercase letter increases account resiliency against brute force login attempts.
Console Remediation Steps¶
Navigate to IAM.
In the left navigation, select Account settings.
Check the Require at least one uppercase letter checkbox.
Click the Apply password policy button.
CLI Remediation Steps¶
Rotate access keys within AWS CLI:
aws iam create-access-key
aws iam get-access-key-last-used
aws iam update-access-key
Validate that the new access key is working and then delete the old key.
aws iam delete-access-key