I am fairly new to AWS and is wondering if there is a way to set password expiry for specific IAM accounts only. I know the default password policy has a feature where we can set to expire password in X number of days and I dont want that. I was hoping to see a much more granular way of setting password expiry for just specific users. I hope someone can share their thoughts. Thanks,
AWS password policy for specific users
655 Views Asked by Maze At
2
There are 2 best solutions below
0
On
Let me answer you with this analogy
Your Aws account - say this is FATHER(root Owner), he is the sole responsibility of your account.
Now,IAM Users - They are his(FATHER's) CHILDREN,FATHER is very kind so whenever he allows a child to enter(password permissions) exact permissions are applicable to all children.However, the roles and responsibility of child can be different (policies and permissions)
An IAM password policy is an account wide configuraiton which applies to all IAM users in an AWS account and this excludes the AWS account root user. This means you cannot apply an IAM password policy (in this case password expiry) to only specific IAM users within an AWS account.
See: Setting an account password policy for IAM users - AWS Identity and Access Management