IAM.AccountPasswordPolicy.
hard_expiry
¶(boolean) --
Specifies whether IAM users are prevented from setting a new password via the Amazon Web Services Management Console after their password has expired. The IAM user cannot access the console until an administrator resets the password. IAM users with iam:ChangePassword
permission and active access keys can reset their own expired console password using the CLI or API.