interface PasswordPolicy
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.Cognito.PasswordPolicy |
 Go | github.com/aws/aws-cdk-go/awscdk/v2/awscognito#PasswordPolicy |
 Java | software.amazon.awscdk.services.cognito.PasswordPolicy |
 Python | aws_cdk.aws_cognito.PasswordPolicy |
 TypeScript (source) | aws-cdk-lib » aws_cognito » PasswordPolicy |
Password policy for User Pools.
Example
new cognito.UserPool(this, 'myuserpool', {
// ...
passwordPolicy: {
minLength: 12,
requireLowercase: true,
requireUppercase: true,
requireDigits: true,
requireSymbols: true,
tempPasswordValidity: Duration.days(3),
},
});
Properties
| Name | Type | Description |
|---|---|---|
| min | number | Minimum length required for a user's password. |
| password | number | The number of previous passwords that you want Amazon Cognito to restrict each user from reusing. |
| require | boolean | Whether the user is required to have digits in their password. |
| require | boolean | Whether the user is required to have lowercase characters in their password. |
| require | boolean | Whether the user is required to have symbols in their password. |
| require | boolean | Whether the user is required to have uppercase characters in their password. |
| temp | Duration | The length of time the temporary password generated by an admin is valid. |
minLength?
Type:
number
(optional, default: 8)
Minimum length required for a user's password.
passwordHistorySize?
Type:
number
(optional, default: undefined - Cognito default setting is no restriction)
The number of previous passwords that you want Amazon Cognito to restrict each user from reusing.
passwordHistorySize can not be set when featurePlan is FeaturePlan.LITE.
requireDigits?
Type:
boolean
(optional, default: true)
Whether the user is required to have digits in their password.
requireLowercase?
Type:
boolean
(optional, default: true)
Whether the user is required to have lowercase characters in their password.
requireSymbols?
Type:
boolean
(optional, default: true)
Whether the user is required to have symbols in their password.
requireUppercase?
Type:
boolean
(optional, default: true)
Whether the user is required to have uppercase characters in their password.
tempPasswordValidity?
Type:
Duration
(optional, default: Duration.days(7))
The length of time the temporary password generated by an admin is valid.
This must be provided as whole days, like Duration.days(3) or Duration.hours(48). Fractional days, such as Duration.hours(20), will generate an error.