interface PasswordPolicy
Language | Type name |
---|---|
![]() | Amazon.CDK.AWS.Cognito.PasswordPolicy |
![]() | github.com/aws/aws-cdk-go/awscdk/v2/awscognito#PasswordPolicy |
![]() | software.amazon.awscdk.services.cognito.PasswordPolicy |
![]() | aws_cdk.aws_cognito.PasswordPolicy |
![]() | aws-cdk-lib » aws_cognito » PasswordPolicy |
Password policy for User Pools.
Example
new cognito.UserPool(this, 'myuserpool', {
// ...
passwordPolicy: {
minLength: 12,
requireLowercase: true,
requireUppercase: true,
requireDigits: true,
requireSymbols: true,
tempPasswordValidity: Duration.days(3),
},
});
Properties
Name | Type | Description |
---|---|---|
min | number | Minimum length required for a user's password. |
password | number | The number of previous passwords that you want Amazon Cognito to restrict each user from reusing. |
require | boolean | Whether the user is required to have digits in their password. |
require | boolean | Whether the user is required to have lowercase characters in their password. |
require | boolean | Whether the user is required to have symbols in their password. |
require | boolean | Whether the user is required to have uppercase characters in their password. |
temp | Duration | The length of time the temporary password generated by an admin is valid. |
minLength?
Type:
number
(optional, default: 8)
Minimum length required for a user's password.
passwordHistorySize?
Type:
number
(optional, default: undefined - Cognito default setting is no restriction)
The number of previous passwords that you want Amazon Cognito to restrict each user from reusing.
passwordHistorySize
can not be set when featurePlan
is FeaturePlan.LITE
.
requireDigits?
Type:
boolean
(optional, default: true)
Whether the user is required to have digits in their password.
requireLowercase?
Type:
boolean
(optional, default: true)
Whether the user is required to have lowercase characters in their password.
requireSymbols?
Type:
boolean
(optional, default: true)
Whether the user is required to have symbols in their password.
requireUppercase?
Type:
boolean
(optional, default: true)
Whether the user is required to have uppercase characters in their password.
tempPasswordValidity?
Type:
Duration
(optional, default: Duration.days(7))
The length of time the temporary password generated by an admin is valid.
This must be provided as whole days, like Duration.days(3) or Duration.hours(48). Fractional days, such as Duration.hours(20), will generate an error.