Resource: awsIamAccountPasswordPolicy
-> Note: There is only a single policy allowed per AWS account. An existing policy will be lost when using this resource as an effect of this limitation.
Manages Password Policy for the AWS Account. See more about Account Password Policy in the official AWS docs.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.iamAccountPasswordPolicy.IamAccountPasswordPolicy(this, "strict", {
allowUsersToChangePassword: true,
minimumPasswordLength: 8,
requireLowercaseCharacters: true,
requireNumbers: true,
requireSymbols: true,
requireUppercaseCharacters: true,
});
Argument Reference
The following arguments are supported:
allowUsersToChangePassword
- (Optional) Whether to allow users to change their own passwordhardExpiry
- (Optional) Whether users are prevented from setting a new password after their password has expired (i.e., require administrator reset)maxPasswordAge
- (Optional) The number of days that an user password is valid.minimumPasswordLength
- (Optional) Minimum length to require for user passwords.passwordReusePrevention
- (Optional) The number of previous passwords that users are prevented from reusing.requireLowercaseCharacters
- (Optional) Whether to require lowercase characters for user passwords.requireNumbers
- (Optional) Whether to require numbers for user passwords.requireSymbols
- (Optional) Whether to require symbols for user passwords.requireUppercaseCharacters
- (Optional) Whether to require uppercase characters for user passwords.
Attributes Reference
In addition to all arguments above, the following attributes are exported:
expirePasswords
- Indicates whether passwords in the account expire. Returnstrue
ifmaxPasswordAge
contains a value greater than0
. Returnsfalse
if it is0
or not present.
Import
IAM Account Password Policy can be imported using the word iamAccountPasswordPolicy
, e.g.,