Interpretation of the Columns in Benchmark Compliance Rules:
Rule ID: A unique identifier for the specific security rule or check
Title: A brief description of the security issue or misconfiguration
Severity — Low to High: Determines the risk of being exposed to attacks
Service Type: The AWS service affected or evaluated by the rule
Resource Type: The specific AWS resource being audited
Rule ID | Title | Severity | Service Type | Resource Type |
---|---|---|---|---|
CSPM-AWS-2024-0068 | Passwords Expiration Threshold is not configured or exceeds the specified Limit | Medium | IAM | AccountPasswordPolicy |
CSPM-AWS-2024-0069 | The Minimum Password length for IAM is short | Medium | IAM | AccountPasswordPolicy |
CSPM-AWS-2024-0070 | Password Expiration disabled | Medium | IAM | AccountPasswordPolicy |
CSPM-AWS-2024-0071 | Password Policy does not mandate lowercase characters | Medium | IAM | AccountPasswordPolicy |
CSPM-AWS-2024-0072 | Password Policy does not mandate a number | Medium | IAM | AccountPasswordPolicy |
CSPM-AWS-2024-0073 | Password Policy does not mandate a symbol | Medium | IAM | AccountPasswordPolicy |
CSPM-AWS-2024-0074 | Password Policy does not mandate uppercase characters | Medium | IAM | AccountPasswordPolicy |
CSPM-AWS-2024-0075 | Password Policy allows reuse of Passwords | Medium | IAM | AccountPasswordPolicy |
CSPM-AWS-2024-0091 | User without MFA | Medium | IAM | Users |