A solutions architect wants all new IAM users to have specific password complexity requirements and mandatory rotation periods. What should the solutions architect do?
Choose an answer
Tap an option to check your answer.
Correct answer: Set an overall password policy for the entire AWS account..
Why this is the answer
Setting an overall password policy for the entire AWS account is the correct approach because AWS IAM allows you to define a single, comprehensive password policy that applies to all new and existing IAM users. This policy can enforce complexity requirements (e.g., minimum length, character types) and mandatory rotation periods. Setting a password policy for each IAM user is impractical and inefficient, as policies are account-wide, not user-specific. Using third-party vendor software is unnecessary because AWS IAM provides native capabilities for this. Attaching an Amazon CloudWatch rule to the Createnewuser event is not how password policies are enforced; CloudWatch monitors events, but it doesn't directly configure IAM password policies.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed