You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description : It is recommended that the password policy prevent the reuse of passwords.Preventing password reuse increases account resiliency against brute force login attempts
File : iam-account-password-policy.tf
Module Name : root
Plan Root : ./
Line : 2
Severity : LOW
Rule Name : passwordReuseNotAllowed
Rule ID : AC_AWS_0472
Resource Name : example
Resource Type : aws_iam_account_password_policy
Category : Compliance Validation
However, if we disablepassword_reuse_prevention (effectively allowing users to reuse their passwords):
Description
Having
password_reuse_prevention=24
triggers Terrascan to report a compliance violation, when it is not.What I Did
The following block of code creates a violation:
Terrascan result:
However, if we disable
password_reuse_prevention
(effectively allowing users to reuse their passwords):Then Terrascan is happy about it, which is not the expected behaviour.
The text was updated successfully, but these errors were encountered: