Merge pull request #223 from roo7break/master

Check-111 Password expiration check
2026-02-10 14:55:00 +00:00 · 2018-06-26 10:39:56 -04:00
parent be9cbf893b 0fd6c9f815
commit d36674a297
1 changed files with 2 additions and 2 deletions
--- a/checks/check111
+++ b/checks/check111
@@ -18,8 +18,8 @@ check111(){
  # "Ensure IAM password policy expires passwords within 90 days or less (Scored)"
  COMMAND111=$($AWSCLI iam get-account-password-policy $PROFILE_OPT --region $REGION --query PasswordPolicy.MaxPasswordAge --output text 2> /dev/null)
  if [[ $COMMAND111 ]];then
-    if [ "$COMMAND111" == "90" ];then
-      textPass "Password Policy includes expiration"
+    if [ "$COMMAND111" -le "90" ];then
+      textPass "Password Policy includes expiration (Value: $COMMAND111)"
    else
      textFail "Password expiration is set greater than 90 days"
    fi