From 45f98812bb48925257f00e560ed331c983c5e78c Mon Sep 17 00:00:00 2001 From: Don Matsubayashi Date: Fri, 23 Jun 2023 20:08:06 -0700 Subject: [PATCH] implement snyk recommendations --- main.tf | 10 +++++----- modules/cloudtrail/main.tf | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/main.tf b/main.tf index aad8665..82215a9 100644 --- a/main.tf +++ b/main.tf @@ -9,11 +9,11 @@ provider "aws" { } resource "aws_iam_account_password_policy" "strict" { - minimum_password_length = 8 - #require_lowercase_characters = true - #require_numbers = true - #require_uppercase_characters = true - #require_symbols = true + minimum_password_length = 14 + require_lowercase_characters = true + require_numbers = true + require_uppercase_characters = true + require_symbols = true #allow_users_to_change_password = true #password_reuse_prevention = 24 max_password_age = 3 diff --git a/modules/cloudtrail/main.tf b/modules/cloudtrail/main.tf index 5aa88e2..5a81190 100644 --- a/modules/cloudtrail/main.tf +++ b/modules/cloudtrail/main.tf @@ -1,5 +1,5 @@ resource "aws_cloudtrail" "insecure-logging" { name = "cloudtrail-logging" s3_bucket_name = "my-cloudtrail-bucket" - enable_logging = false + enable_logging = true }