Properties
The following properties are present in windows_password_policy Resource-
change_password_at_next_logon
It strictly instructs the users in the local user group to change the value of the password at the next logon.
group_name_for_expired_passwords
The group whose passwords have to get changed at the next login
group_name_for_password_never_expires
password_never_expires rules apply to these groups. Its default is Admins.
maximum_password_age
It defines the maximum age in days before which the user must alter a password. The default value for the same is set to 365 days.
minimum_password_length
It specifies the minimum password length. The default value for the same is 12 characters.
password_never_expires
It sets the value to true and false to never expire the passwords. The value is true by default.
require_complex_passwords
It sets the value to true or false depending on the requirement of special characters, lower or upper in passwords.
Common Resource Functionality
Common properties
These properties are common to every resource that is running.
compile_time
This property comes to play when the resource is being run. The value is true when the resource is being built. When the chef infra client configures the node, the value is false.
ignore_failure
As the name suggests, it allows running a recipe regardless of resource failures.
retries
This property specifies the number of attempts made to retry when an exception occurs.
retry_delay
The gap of seconds between the trial and retrial attempts is retry_delay.
sensitive
This property ensures that sensitive information is not exposed to the chef infra client.
Notifications
notifies
In this case, a resource notifies another resource to perform a specific action on state change. The: timer governs if you want to tell more than one resource; use the ‘notifies’ statement for each resource to be informed.
If the mentioned resource is not available, an error arises. The following: timers are present -
: before
It instructs that before the processing of the resource block. the system should act on the resource
: delayed
Delayed is the default timer. It instructs to queue up and perform the execution at the end of the chef infra client run.
:immediate
It directs the resource to implement urgently.
The syntax for notifies is-
notifies :action, 'resource[name]', :timer
subscribes
A resource usually listens to another resource. The action is taken if the resource's state is exposed to changes. First, the resource name is given, and then the action and timer are in that order.
The following: timers are present -
: before
It instructs the user to act on the resource before processing the resource block.
: delayed
This is the default timer. It instructs to queue up and perform the execution at the end of the chef infra client run.
: immediate
It directs the resource to implement urgently.
The syntax of subscribes is-
subscribes :action, 'resource[name]', :timer
Guards
A guard's property determines whether the execution should be continued or stopped. It examines the node's state during the execution phase of the chef-client run. This property accepts string and ruby block values.
- A string is considered a shell command. If the return value is 0, the guard is applied. In case the value is other than 0, the guard is not used.
- A block is a ruby code that returns either true or false. If the return value is actual, the guard is applied, and in the case of false, the guard value is not used.
The Guard property is vitally important as it ensures that the resource is tested for the desired state. If the required conditions are fulfilled, the chef infra client does nothing.
Properties
The following properties are the basis of defining guard during the execution of chef infra client.
not_if
When the condition returns true, it prevents the resource from execution.
only_if
Only if the condition returns true it permits the resource for execution.
Examples
The following code snippet is an instance of how windows_password_policy Resource works when put into action.
This code snippet shows how we configure the local password policy.
windows_password_policy 'Settings for password complexity, length, and duration' do
require_complex_passwords true
minimum_password_length 12
maximum_password_age 365
action :set
end
Frequently Asked Questions
What do you mean by Action?
Action decides the set of activities that Chef Client Run will perform to bring the node to its desired state.
What is the default password length?
The default minimum password length is 12 characters.
What is the default notification?
: delayed is the default notification.
What is the default value for group_name_for_expired_passwords?
“Users” is the default value for group_name_for_expired_passwords.
What are the properties that define the guard?
not_if and only_if properties define the guard.
Conclusion
In this article, we studied CHEF- RESOURCES -windows_password_policy Resource. The reader can carry out a thorough understanding of the topic by referring to the Official Documentation. For more information on Chef and DevOps, Refer-
Refer to our guided paths on Coding Ninjas Studio to learn more about DSA, Competitive Programming, JavaScript, System Design, etc. Enroll in our courses and refer to the mock test and problems available. Take a look at the interview experiences and interview bundle for placement preparations.
Happy Coding!
34+ registered 
