Delegate who can manage your password policies

You can delegate permissions to manage password policies to specific user accounts you created in your AWS Managed Microsoft AD by adding the accounts to the AWS Delegated Fine Grained Password Policy Administrators security group. When an account becomes a member of this group, the account has permissions to edit and configure any of the password policies listed previously.

To delegate who can manage password policies

Launch Active Directory administrative center (ADAC) from any managed EC2 instance that you joined to your AWS Managed Microsoft AD domain.
Switch to the Tree View and navigate to the AWS Delegated Groups OU. For more information about this OU, see What gets created with your AWS Managed Microsoft AD Active Directory.
Find the AWS Delegated Fine Grained Password Policy Administrators user group. Add any users or groups from your domain to this group.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Supported policy settings

Assign password policies to your users