How to Set Password Policy Using Terraform in AWS

How to Set Password Policy Using Terraform in AWS

OverView :-

Ensuring strong passwords for user accounts is an essential part of securing any system. AWS provides a Password Policy feature that allows you to define a set of rules for passwords that must be followed by all IAM users in your account. With #Terraform, an Infrastructure as Code (IaC) tool, you can easily configure the password policy for your AWS account. In this blog post, we will walk you through the steps to set a password policy using #Terraform and explain the important rules you can include in your password policy.

Prerequisites:

  • An AWS account

  • AWS CLI installed and configured

  • #Terraform installed on your machine

Step 1: Configure AWS CLI Make sure that you have configured your AWS CLI with the necessary access keys and secrets. You can check this by running the following command in your terminal:

aws configure

If you haven’t configured AWS CLI yet, you can follow the official AWS documentation to set it up.

Step 2:- create a folder named iam-password-policy in your home directory. Next create a Create a #Terraform file main.tf in the iam-password-policy folder and copy the below content:

provider "aws" {
  region = "us-east-1"
}

resource "aws_iam_account_password_policy" "mahira_password_policy" {
  minimum_password_length = 12
  require_lowercase_character = true
  require_uppercase_character = true
  require_numbers = true
  require_symbols = true
}

In this file, we first define the AWS provider and specify the region we want to use (in this case, us-east-1). Then, we create an AWS IAM account password policy with the name “mahira_password_policy” and set the minimum password length to 12 characters. We also include rules that require at least one lowercase character, one uppercase character, one number, and one symbol in the password.

Step 3: Initialize #Terraform In your terminal, navigate to the directory where you saved the #Terraform file and run the following command:

terraform init

This command will download the necessary #Terraform plugins and modules.

Step 4: Set the Password Policy Run the following command to apply the #Terraform configuration:

terraform apply

This command will show you a summary of the changes that #Terraform is going to make. If everything looks good, type “yes” to confirm and proceed with the changes.

Step 5: Verify the Password Policy After the #Terraform apply completes successfully, you can verify that the password policy was set by running the following command in your terminal:

aws iam get-account-password-policy

This command should show you the details of the password policy that you just created.

Congratulations! You have successfully set a password policy using #Terraform in AWS. By following the rules defined in your password policy, you can ensure that all IAM users in your account use strong passwords. You can modify the password policy rules to suit your specific security requirements. With #Terraform, you can automate the configuration of your AWS account and make it more secure and manageable.