The configuration file schema documentation is a work in progress. Please use this draft document with caution. The deeper you browse into the hierarchy, the less accurate the definitions are likely to be.
AWS Managed Microsoft AD enables you to define and assign different fine-grained password and account lockout policies (also referred to as fine-grained password policies) for groups of users you manage in your AWS Managed Microsoft AD domain
Title: Complexity Description: Password must meet complexity requirements.
failed-attempts
failed-attempts:number
Title: Failed Attempts Description: Specifies the number of unsuccessful login attempts that are permitted before an account is locked out.
history
history:number
Title: History Description: Enforce password history.
lockout-attempts-reset
lockout-attempts-reset:number
Title: Lockout Attempts Reset Description: Specifies the maximum time interval between two unsuccessful login attempts before the number of unsuccessful login attempts is reset to 0.
lockout-duration
lockout-duration:number
Title: Lockout Duration Description: Specifies the length of time that an account is locked after the number of failed login attempts exceeds the lockout threshold.
max-age
max-age:number
Title: Max Age Description: Maximum password age.
min-age
min-age:number
Title: Min Age Description: Minimum password age.
min-len
min-len:number
Title: Min Len Description: Minimum password length.
reversible
reversible:boolean
Title: Reversible Description: Store passwords using reversible encryption.
AWS Managed Microsoft AD enables you to define and assign different fine-grained password and account lockout policies (also referred to as fine-grained password policies) for groups of users you manage in your AWS Managed Microsoft AD domain