Knowledge Base

Controlled Password requirements in RefArch

View full discussion in GitHub

Answer

So I'm looking to at our SOC 2 compliance scan results and one of the things I don't see in the be able to set password complexity or password age. Am I just missing where thats get set on the account baseline? --- <ins datetime="2022-05-19T13:42:35Z"> <p><a href="https://support.gruntwork.io/hc/requests/108627">Tracked in ticket #108627</a></p> </ins>

Hi, please see https://github.com/gruntwork-io/knowledge-base/discussions/126, which relates to your question. You can set custom password policy variables, including length, whether or not to require numbers and symbols, and password age here: https://github.com/gruntwork-io/terraform-aws-service-catalog/blob/master/modules/landingzone/account-baseline-app/variables.tf#L278