Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Bicep resource definition
The iamPasswordPolicies resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.AwsConnector/iamPasswordPolicies resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.AwsConnector/iamPasswordPolicies@2024-12-01' = {
location: 'string'
name: 'string'
properties: {
arn: 'string'
awsAccountId: 'string'
awsProperties: {
allowUsersToChangePassword: bool
expirePasswords: bool
hardExpiry: bool
maxPasswordAge: int
minimumPasswordLength: int
passwordReusePrevention: int
requireLowercaseCharacters: bool
requireNumbers: bool
requireSymbols: bool
requireUppercaseCharacters: bool
}
awsRegion: 'string'
awsSourceSchema: 'string'
awsTags: {
{customized property}: 'string'
}
publicCloudConnectorsResourceId: 'string'
publicCloudResourceName: 'string'
}
tags: {
{customized property}: 'string'
}
}
Property Values
Microsoft.AwsConnector/iamPasswordPolicies
| Name | Description | Value |
|---|---|---|
| location | The geo-location where the resource lives | string (required) |
| name | The resource name | string Constraints: Pattern = ^(?=.{0,259}[^\s.]$)(?!.*[<>%&\?/#]) (required) |
| properties | The resource-specific properties for this resource. | IamPasswordPolicyProperties |
| tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
AwsIamPasswordPolicyProperties
| Name | Description | Value |
|---|---|---|
| allowUsersToChangePassword | <p>Specifies whether IAM users are allowed to change their own password. Gives IAM users permissions to <code>iam:ChangePassword</code> for only their user and to the <code>iam:GetAccountPasswordPolicy</code> action. This option does not attach a permissions policy to each user, rather the permissions are applied at the account-level for all users by IAM.</p> | bool |
| expirePasswords | <p>Indicates whether passwords in the account expire. Returns true if <code>MaxPasswordAge</code> contains a value greater than 0. Returns false if MaxPasswordAge is 0 or not present.</p> | bool |
| hardExpiry | <p>Specifies whether IAM users are prevented from setting a new password via the Amazon Web Services Management Console after their password has expired. The IAM user cannot access the console until an administrator resets the password. IAM users with <code>iam:ChangePassword</code> permission and active access keys can reset their own expired console password using the CLI or API.</p> | bool |
| maxPasswordAge | <p>The number of days that an IAM user password is valid.</p> | int |
| minimumPasswordLength | <p>Minimum length to require for IAM user passwords.</p> | int |
| passwordReusePrevention | <p>Specifies the number of previous passwords that IAM users are prevented from reusing.</p> | int |
| requireLowercaseCharacters | <p>Specifies whether IAM user passwords must contain at least one lowercase character (a to z).</p> | bool |
| requireNumbers | <p>Specifies whether IAM user passwords must contain at least one numeric character (0 to 9).</p> | bool |
| requireSymbols | <p>Specifies whether IAM user passwords must contain at least one of the following symbols:</p> <p>! @ # $ % ^ & * ( ) _ + - = [ ] { } | '</p> | bool |
| requireUppercaseCharacters | <p>Specifies whether IAM user passwords must contain at least one uppercase character (A to Z).</p> | bool |
IamPasswordPolicyProperties
| Name | Description | Value |
|---|---|---|
| arn | Amazon Resource Name (ARN) | string |
| awsAccountId | AWS Account ID | string |
| awsProperties | AWS Properties | AwsIamPasswordPolicyProperties |
| awsRegion | AWS Region | string |
| awsSourceSchema | AWS Source Schema | string |
| awsTags | AWS Tags | IamPasswordPolicyPropertiesAwsTags |
| publicCloudConnectorsResourceId | Public Cloud Connectors Resource ID | string |
| publicCloudResourceName | Public Cloud Resource Name | string |
IamPasswordPolicyPropertiesAwsTags
| Name | Description | Value |
|---|
TrackedResourceTags
| Name | Description | Value |
|---|
ARM template resource definition
The iamPasswordPolicies resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.AwsConnector/iamPasswordPolicies resource, add the following JSON to your template.
{
"type": "Microsoft.AwsConnector/iamPasswordPolicies",
"apiVersion": "2024-12-01",
"name": "string",
"location": "string",
"properties": {
"arn": "string",
"awsAccountId": "string",
"awsProperties": {
"allowUsersToChangePassword": "bool",
"expirePasswords": "bool",
"hardExpiry": "bool",
"maxPasswordAge": "int",
"minimumPasswordLength": "int",
"passwordReusePrevention": "int",
"requireLowercaseCharacters": "bool",
"requireNumbers": "bool",
"requireSymbols": "bool",
"requireUppercaseCharacters": "bool"
},
"awsRegion": "string",
"awsSourceSchema": "string",
"awsTags": {
"{customized property}": "string"
},
"publicCloudConnectorsResourceId": "string",
"publicCloudResourceName": "string"
},
"tags": {
"{customized property}": "string"
}
}
Property Values
Microsoft.AwsConnector/iamPasswordPolicies
| Name | Description | Value |
|---|---|---|
| apiVersion | The api version | '2024-12-01' |
| location | The geo-location where the resource lives | string (required) |
| name | The resource name | string Constraints: Pattern = ^(?=.{0,259}[^\s.]$)(?!.*[<>%&\?/#]) (required) |
| properties | The resource-specific properties for this resource. | IamPasswordPolicyProperties |
| tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
| type | The resource type | 'Microsoft.AwsConnector/iamPasswordPolicies' |
AwsIamPasswordPolicyProperties
| Name | Description | Value |
|---|---|---|
| allowUsersToChangePassword | <p>Specifies whether IAM users are allowed to change their own password. Gives IAM users permissions to <code>iam:ChangePassword</code> for only their user and to the <code>iam:GetAccountPasswordPolicy</code> action. This option does not attach a permissions policy to each user, rather the permissions are applied at the account-level for all users by IAM.</p> | bool |
| expirePasswords | <p>Indicates whether passwords in the account expire. Returns true if <code>MaxPasswordAge</code> contains a value greater than 0. Returns false if MaxPasswordAge is 0 or not present.</p> | bool |
| hardExpiry | <p>Specifies whether IAM users are prevented from setting a new password via the Amazon Web Services Management Console after their password has expired. The IAM user cannot access the console until an administrator resets the password. IAM users with <code>iam:ChangePassword</code> permission and active access keys can reset their own expired console password using the CLI or API.</p> | bool |
| maxPasswordAge | <p>The number of days that an IAM user password is valid.</p> | int |
| minimumPasswordLength | <p>Minimum length to require for IAM user passwords.</p> | int |
| passwordReusePrevention | <p>Specifies the number of previous passwords that IAM users are prevented from reusing.</p> | int |
| requireLowercaseCharacters | <p>Specifies whether IAM user passwords must contain at least one lowercase character (a to z).</p> | bool |
| requireNumbers | <p>Specifies whether IAM user passwords must contain at least one numeric character (0 to 9).</p> | bool |
| requireSymbols | <p>Specifies whether IAM user passwords must contain at least one of the following symbols:</p> <p>! @ # $ % ^ & * ( ) _ + - = [ ] { } | '</p> | bool |
| requireUppercaseCharacters | <p>Specifies whether IAM user passwords must contain at least one uppercase character (A to Z).</p> | bool |
IamPasswordPolicyProperties
| Name | Description | Value |
|---|---|---|
| arn | Amazon Resource Name (ARN) | string |
| awsAccountId | AWS Account ID | string |
| awsProperties | AWS Properties | AwsIamPasswordPolicyProperties |
| awsRegion | AWS Region | string |
| awsSourceSchema | AWS Source Schema | string |
| awsTags | AWS Tags | IamPasswordPolicyPropertiesAwsTags |
| publicCloudConnectorsResourceId | Public Cloud Connectors Resource ID | string |
| publicCloudResourceName | Public Cloud Resource Name | string |
IamPasswordPolicyPropertiesAwsTags
| Name | Description | Value |
|---|
TrackedResourceTags
| Name | Description | Value |
|---|
Usage Examples
Terraform (AzAPI provider) resource definition
The iamPasswordPolicies resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.AwsConnector/iamPasswordPolicies resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.AwsConnector/iamPasswordPolicies@2024-12-01"
name = "string"
parent_id = "string"
location = "string"
tags = {
{customized property} = "string"
}
body = {
properties = {
arn = "string"
awsAccountId = "string"
awsProperties = {
allowUsersToChangePassword = bool
expirePasswords = bool
hardExpiry = bool
maxPasswordAge = int
minimumPasswordLength = int
passwordReusePrevention = int
requireLowercaseCharacters = bool
requireNumbers = bool
requireSymbols = bool
requireUppercaseCharacters = bool
}
awsRegion = "string"
awsSourceSchema = "string"
awsTags = {
{customized property} = "string"
}
publicCloudConnectorsResourceId = "string"
publicCloudResourceName = "string"
}
}
}
Property Values
Microsoft.AwsConnector/iamPasswordPolicies
| Name | Description | Value |
|---|---|---|
| location | The geo-location where the resource lives | string (required) |
| name | The resource name | string Constraints: Pattern = ^(?=.{0,259}[^\s.]$)(?!.*[<>%&\?/#]) (required) |
| properties | The resource-specific properties for this resource. | IamPasswordPolicyProperties |
| tags | Resource tags | Dictionary of tag names and values. |
| type | The resource type | "Microsoft.AwsConnector/iamPasswordPolicies@2024-12-01" |
AwsIamPasswordPolicyProperties
| Name | Description | Value |
|---|---|---|
| allowUsersToChangePassword | <p>Specifies whether IAM users are allowed to change their own password. Gives IAM users permissions to <code>iam:ChangePassword</code> for only their user and to the <code>iam:GetAccountPasswordPolicy</code> action. This option does not attach a permissions policy to each user, rather the permissions are applied at the account-level for all users by IAM.</p> | bool |
| expirePasswords | <p>Indicates whether passwords in the account expire. Returns true if <code>MaxPasswordAge</code> contains a value greater than 0. Returns false if MaxPasswordAge is 0 or not present.</p> | bool |
| hardExpiry | <p>Specifies whether IAM users are prevented from setting a new password via the Amazon Web Services Management Console after their password has expired. The IAM user cannot access the console until an administrator resets the password. IAM users with <code>iam:ChangePassword</code> permission and active access keys can reset their own expired console password using the CLI or API.</p> | bool |
| maxPasswordAge | <p>The number of days that an IAM user password is valid.</p> | int |
| minimumPasswordLength | <p>Minimum length to require for IAM user passwords.</p> | int |
| passwordReusePrevention | <p>Specifies the number of previous passwords that IAM users are prevented from reusing.</p> | int |
| requireLowercaseCharacters | <p>Specifies whether IAM user passwords must contain at least one lowercase character (a to z).</p> | bool |
| requireNumbers | <p>Specifies whether IAM user passwords must contain at least one numeric character (0 to 9).</p> | bool |
| requireSymbols | <p>Specifies whether IAM user passwords must contain at least one of the following symbols:</p> <p>! @ # $ % ^ & * ( ) _ + - = [ ] { } | '</p> | bool |
| requireUppercaseCharacters | <p>Specifies whether IAM user passwords must contain at least one uppercase character (A to Z).</p> | bool |
IamPasswordPolicyProperties
| Name | Description | Value |
|---|---|---|
| arn | Amazon Resource Name (ARN) | string |
| awsAccountId | AWS Account ID | string |
| awsProperties | AWS Properties | AwsIamPasswordPolicyProperties |
| awsRegion | AWS Region | string |
| awsSourceSchema | AWS Source Schema | string |
| awsTags | AWS Tags | IamPasswordPolicyPropertiesAwsTags |
| publicCloudConnectorsResourceId | Public Cloud Connectors Resource ID | string |
| publicCloudResourceName | Public Cloud Resource Name | string |
IamPasswordPolicyPropertiesAwsTags
| Name | Description | Value |
|---|
TrackedResourceTags
| Name | Description | Value |
|---|