From 0c213ce566aec4c54653d4f07dfc71de49f3b5ae Mon Sep 17 00:00:00 2001
From: Nik <roo7break@gmail.com>
Date: Tue, 26 Jun 2018 12:29:54 +0100
Subject: [PATCH] Corrected Password expiration check

The previous check didnt accept lower password expiration time. Updated to accept less than or equal to 90 days. Also edited printed statement to include set value.
---
 checks/check111 | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/checks/check111 b/checks/check111
index 768ff1cc..70becd6a 100644
--- a/checks/check111
+++ b/checks/check111
@@ -18,8 +18,8 @@ check111(){
   # "Ensure IAM password policy expires passwords within 90 days or less (Scored)"
   COMMAND111=$($AWSCLI iam get-account-password-policy $PROFILE_OPT --region $REGION --query PasswordPolicy.MaxPasswordAge --output text 2> /dev/null)
   if [[ $COMMAND111 ]];then
-    if [ "$COMMAND111" == "90" ];then
-      textPass "Password Policy includes expiration"
+    if [ "$COMMAND111" -le "90" ];then
+      textPass "Password Policy includes expiration (Value: $COMMAND111)"
     else
       textFail "Password expiration is set greater than 90 days"
     fi