From 15be2fa5c1012e2b2f08cf6cad5b47de5fff71f4 Mon Sep 17 00:00:00 2001
From: josefaidt <josef.aidt@gmail.com>
Date: Fri, 11 Oct 2024 10:15:30 -0700
Subject: [PATCH 1/2] update password policy override

---
 .../manage-users/manage-passwords/index.mdx   | 19 ++++++++++++-------
 1 file changed, 12 insertions(+), 7 deletions(-)

diff --git a/src/pages/[platform]/build-a-backend/auth/manage-users/manage-passwords/index.mdx b/src/pages/[platform]/build-a-backend/auth/manage-users/manage-passwords/index.mdx
index a1b96ee8b95..158c44b4c97 100644
--- a/src/pages/[platform]/build-a-backend/auth/manage-users/manage-passwords/index.mdx
+++ b/src/pages/[platform]/build-a-backend/auth/manage-users/manage-passwords/index.mdx
@@ -521,18 +521,23 @@ You can customize the password format acceptable by your auth backend. By defaul
 - `tempPasswordValidity`: 3 days
 
 ```ts title="amplify/backend.ts"
-// amplify/backend.ts
 import { defineBackend } from '@aws-amplify/backend';
 import { auth } from './auth/resource';
-import { data } from './data/resource';
 
 const backend = defineBackend({
   auth,
-  data
 });
-
-// extract L1 UserPool construct
+// extract L1 CfnUserPool resources
 const { cfnUserPool } = backend.auth.resources.cfnResources;
-// from the CDK use `addPropertyOverride` to modify properties directly
-cfnUserPool.addPropertyOverride('Policies.PasswordPolicy.MinimumLength', 32);
+// modify cfnUserPool policies directly
+cfnUserPool.policies = {
+  passwordPolicy: {
+    minimumLength: 32,
+    requireLowercase: true,
+    requireNumbers: true,
+    requireSymbols: true,
+    requireUppercase: true,
+    temporaryPasswordValidityDays: 20,
+  },
+};
 ```

From b1aa2c8d3e96272913d8bdeebc1a8fa59c0c1ea5 Mon Sep 17 00:00:00 2001
From: josefaidt <josef.aidt@gmail.com>
Date: Fri, 11 Oct 2024 10:23:07 -0700
Subject: [PATCH 2/2] adjust prose

---
 .../auth/manage-users/manage-passwords/index.mdx           | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/pages/[platform]/build-a-backend/auth/manage-users/manage-passwords/index.mdx b/src/pages/[platform]/build-a-backend/auth/manage-users/manage-passwords/index.mdx
index 158c44b4c97..6e71540daea 100644
--- a/src/pages/[platform]/build-a-backend/auth/manage-users/manage-passwords/index.mdx
+++ b/src/pages/[platform]/build-a-backend/auth/manage-users/manage-passwords/index.mdx
@@ -512,14 +512,17 @@ export const auth = defineAuth({
 
 ## Override default password policy
 
-You can customize the password format acceptable by your auth backend. By default your password policy is set to the following:
+By default your password policy is set to the following:
 
 - `MinLength`: 8 characters
 - `requireLowercase`: true
 - `requireUppercase`: true
-- `requireDigits`: true
+- `requireNumbers`: true
+- `requireSymbols`: true
 - `tempPasswordValidity`: 3 days
 
+You can customize the password format acceptable by your auth resource by modifying the underlying `cfnUserPool` resource:
+
 ```ts title="amplify/backend.ts"
 import { defineBackend } from '@aws-amplify/backend';
 import { auth } from './auth/resource';