Sets the password policy, including the password strength, for RAM users.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes SetPasswordPolicy

The operation that you want to perform. Set the value to SetPasswordPolicy.
HardExpiry Boolean No false

Specifies whether the password has expired.

Valid values: true and false. Default value: false.

  • If the value of this parameter is true , the parent Alibaba Cloud account must reset the password before the RAM user can log on to the console.
  • If the value of this parameter is false, the RAM user can change the password and then log on to the console.
MaxLoginAttemps Integer No 5

The maximum number of permitted logon attempts within one hour. The number of logon attempts is reset to zero if a RAM user changes the password.
MaxPasswordAge Integer No 0

The number of days for which a password is valid. Default value: 0. The default value indicates that the password never expires.
MinimumPasswordLength Integer No 12

The minimum required number of characters in a password.

Valid values: 8 to 32. Default value: 8.
PasswordReusePrevention Integer No 0

The number of previous passwords that the user is prevented from reusing. Default value: 0. The default value indicates that the RAM user is not prevented from reusing previous passwords
RequireLowercaseCharacters Boolean No true

Specifies whether a password must contain one or more lowercase letters.
RequireNumbers Boolean No true

Specifies whether a password must contain one or more digits.
RequireSymbols Boolean No true

Specifies whether a password must contain one or more special characters.
RequireUppercaseCharacters Boolean No true

Specifies whether a password must contain one or more uppercase letters.

Response parameters

Parameter Type Example Description
PasswordPolicy

The policy to manage passwords.
HardExpiry Boolean false

Indicates whether the password has expired.

Valid values: true and false. Default value: false.

  • If the value of this parameter is true, the parent Alibaba Cloud account must reset the password before the RAM user can log on to the console.
  • If the value of this parameter is false, the RAM user can change the password and then log on to the console.
MaxLoginAttemps Integer 5

The maximum number of permitted logon attempts within one hour. The number of logon attempts is reset to zero if a RAM user changes the password.
MaxPasswordAge Integer 0

The number of days for which a password is valid. Default value: 0. The default value indicates that the password never expires.
MinimumPasswordLength Integer 12

The minimum required number of characters in a password.
PasswordReusePrevention Integer 0

The number of previous passwords that the user is prevented from reusing. Default value: 0. The default value indicates that the RAM user is not prevented from reusing previous passwords
RequireLowercaseCharacters Boolean true

Indicates whether a password must contain one or more lowercase letters.
RequireNumbers Boolean true

Indicates whether a password must contain one or more digits.
RequireSymbols Boolean true

Indicates whether a password must contain one or more special characters.
RequireUppercaseCharacters Boolean true

Indicates whether a password must contain one or more uppercase letters.
RequestId String 04F0F334-1335-436C-A1D7-6C044FE73368

The ID of the request.

Examples

Sample requests


https://ram.aliyuncs.com/?Action=SetPasswordPolicy
&MinimumPasswordLength=12
&RequireLowercaseCharacters=true
&RequireUppercaseCharacters=true
&RequireNumbers=true
&RequireSymbols=true
&<Common request parameters>

Sample success responses

XML format

<SetPasswordPolicyResponse>
      <RequestId>04F0F334-1335-436C-A1D7-6C044FE73368</RequestId>
      <PasswordPolicy>
            <HardExpiry>false</HardExpiry>
            <MaxLoginAttemps>5</MaxLoginAttemps>
            <MaxPasswordAge>0</MaxPasswordAge>
            <PasswordReusePrevention>0</PasswordReusePrevention>
            <MinimumPasswordLength>12</MinimumPasswordLength>
            <RequireLowercaseCharacters>true</RequireLowercaseCharacters>
            <RequireUppercaseCharacters>true</RequireUppercaseCharacters>
            <RequireNumbers>true</RequireNumbers>
            <RequireSymbols>true</RequireSymbols>
      </PasswordPolicy>
</SetPasswordPolicyResponse>

JSON format

{
	"RequestId":"04F0F334-1335-436C-A1D7-6C044FE73368",
	"PasswordPolicy":{
		"RequireUppercaseCharacters":true,
		"MaxPasswordAge":0,
		"HardExpiry":false,
		"RequireNumbers":true,
		"RequireSymbols":true,
		"MaxLoginAttemps":5,
		"PasswordReusePrevention":0,
		"RequireLowercaseCharacters":true,
		"MinimumPasswordLength":12
	}
}

Error codes

For a list of error codes, visit the API Error Center.