Posted On: Nov 19, 2020

AWS Identity and Access Management (IAM) now introduces new policy defaults for passwords of IAM users. This policy improves the default security for all AWS customers by ensuring customers set stronger passwords for IAM users in their AWS accounts. 

You can view the new default password policy in your IAM console under Account settings. When you sign up for a new AWS account this policy will be active by default. To configure your specific password requirements, you can override this policy by setting a custom policy. If you delete the custom password policy, IAM will automatically activate the default password policy in your AWS account. 

This new feature is available in all AWS Regions including the AWS China (Beijing) Region operated by Sinnet, and the AWS China (Ningxia) Region operated by NWCD. To learn more about impact of this change for your IAM users, see IAM documentation.