When enabling Enforce Password Policy, it states that:
How can I get the values that AWS RDS set for those (see above image - highlighted in red)?
- I've enabled Enforce Password Policy and Enforce Password Expiration by default
Note that I'm using SSMS to create logins
The AWS RDS instance is SQL Server Express. I'm connecting to the RDS using SSMS in a Windows RDP.
Windows RDP has a Local Security Policy for "Account Lockout Threshold", "Account Lockout Duration", and "Reset Account Lock After":
but these values seem to get overwritten by what AWS RDS has set by default, because when I use the configuration above, logging in to AWS RDS using SSMS with correct Username but wrong password for N times does not lock me out.
This is related to PCI-DSS 8.1.6
