PasswordPolicy

class aws_cdk.aws_cognito.PasswordPolicy(*, min_length=None, require_digits=None, require_lowercase=None, require_symbols=None, require_uppercase=None, temp_password_validity=None)

Bases: object

Password policy for User Pools.

Parameters:
  • min_length (Union[int, float, None]) – Minimum length required for a user’s password. Default: 8

  • require_digits (Optional[bool]) – Whether the user is required to have digits in their password. Default: true

  • require_lowercase (Optional[bool]) – Whether the user is required to have lowercase characters in their password. Default: true

  • require_symbols (Optional[bool]) – Whether the user is required to have symbols in their password. Default: true

  • require_uppercase (Optional[bool]) – Whether the user is required to have uppercase characters in their password. Default: true

  • temp_password_validity (Optional[Duration]) – The length of time the temporary password generated by an admin is valid. This must be provided as whole days, like Duration.days(3) or Duration.hours(48). Fractional days, such as Duration.hours(20), will generate an error. Default: Duration.days(7)

ExampleMetadata:

infused

Example:

cognito.UserPool(self, "myuserpool",
    # ...
    password_policy=cognito.PasswordPolicy(
        min_length=12,
        require_lowercase=True,
        require_uppercase=True,
        require_digits=True,
        require_symbols=True,
        temp_password_validity=Duration.days(3)
    )
)

Attributes

min_length

Minimum length required for a user’s password.

Default:

8

require_digits

Whether the user is required to have digits in their password.

Default:

true

require_lowercase

Whether the user is required to have lowercase characters in their password.

Default:

true

require_symbols

Whether the user is required to have symbols in their password.

Default:

true

require_uppercase

Whether the user is required to have uppercase characters in their password.

Default:

true

temp_password_validity

The length of time the temporary password generated by an admin is valid.

This must be provided as whole days, like Duration.days(3) or Duration.hours(48). Fractional days, such as Duration.hours(20), will generate an error.

Default:

Duration.days(7)