Automatic logout + lockout accounts for some time after failed logins

Hello,

Our organization is targeting HIPAA compliance. Part of the policy is enforcing an automatic logout policy, and also a lockout policy for a specified amount of time after a specified amount of login failures. We want to achieve this for the AWS Console. I can't find these options in the IAM settings. Is this possible to adjust?

I'm aware that AWS already does an automatic logout after a certain period of inactivity. I can't find the documentation regarding how much time that is.

I'm not aware of AWS enforcing lockout after a number of failed login attempts. Is this possible to enforce?