IAM password policies can require passwords to be rotated or expired after a given number of days. It is recommended that the password policy expire passwords after 90 days or less.
Perform the following to set the password policy as prescribed:
Via AWS Console:
1. Login to AWS Console (with appropriate permissions to View Identity Access Management Account Settings)
2. Go to IAM Service on the AWS Console
3. Click on Account Settings on the Left Pane
4. Check Enable password expiration”
5. Set “Password expiration period (in days):” to 90 or less
aws iam update-account-password-policy –max-password-age 90
Note: All commands starting with “aws iam update-account-password-policy” can be
combined into a single command.