Difference between revisions of "Iam:ChangePassword (Policy)"
Jump to navigation
Jump to search
(→Errors) |
|||
| (7 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
{{lowercase}} | {{lowercase}} | ||
| − | <code> | + | <code>[[iam]]:ChangePassword</code> |
| − | * | + | == Errors == |
| + | * <code>Either user is not authorized to perform iam:ChangePassword or entered password does not comply with account password [[policy]] set by administrator</code> | ||
| + | Solution: | ||
| + | * Remove [[MFA policy]] https://serverfault.com/questions/992027/aws-iam-wont-let-my-users-change-their-passwords | ||
| − | + | ||
| + | An error occurred ([[AccessDenied]]) when calling the [[ChangePassword]] operation: User: arn:aws:iam::146910341356:user/MY_USERNAME [[is not authorized to perform]]: [[iam:ChangePassword]] on resource: user MY_USERNAME [[with an explicit deny]] | ||
==Examples== | ==Examples== | ||
| Line 26: | Line 30: | ||
== Related == | == Related == | ||
* <code>[[aws iam change-password]]</code> | * <code>[[aws iam change-password]]</code> | ||
| + | * <code>[[iam:GetAccountPasswordPolicy]]</code> | ||
| + | * <code>[[IAMUserChangePassword]]</code> | ||
== See also == | == See also == | ||
Latest revision as of 18:35, 11 September 2023
iam:ChangePassword
Contents
Errors[edit]
Either user is not authorized to perform iam:ChangePassword or entered password does not comply with account password policy set by administrator
Solution:
- Remove MFA policy https://serverfault.com/questions/992027/aws-iam-wont-let-my-users-change-their-passwords
An error occurred (AccessDenied) when calling the ChangePassword operation: User: arn:aws:iam::146910341356:user/MY_USERNAME is not authorized to perform: iam:ChangePassword on resource: user MY_USERNAME with an explicit deny
Examples[edit]
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "iam:GetAccountPasswordPolicy",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "iam:ChangePassword",
"Resource": "arn:aws:iam::account-id-without-hyphens:user/${aws:username}"
}
]
}
Related[edit]
See also[edit]
- IAM: AWS IAM Identity Center, AWS Identity and Access Management, Google Cloud IAM, Azure IAM, SailPoint, CyberArk, CIAM, ForgeRock,
iam:ChangePassword,aws iam,AdministratorAccess, Context keys, IAM Access Analyzer, AWS policy, AWS managed policies,IAMUserChangePassword, AWS Roles, List of AWS policies, Resource-based policy,aws-iam-authenticator, IRSA, RDS Authentication,AccessDenied, AWS Authentication, AWS IAM external access analyzer - AWS, Amazon Managed Services, AWS Management & Governance, computing, security, networking, AWS compliance, AWS Outposts AWS Free Tier, AWS certifications, AWS Trusted Advisor, AWS Systems Manager, AWS Config, IAM Access Analyzer, AWS Cost Explorer, AWS Cost Management, AWS Budgets, AWS Organizations, AWS dev: (CodeStar, Cloud9), AWS Partner Network (APN), AWS Resource Access Manager, AWS Quick Starts, AWS Global Accelerator, AWS Elemental MediaStore, AWS Enterprise support, AWS support, AWS Professional Services Consultants, AWS Cloud Map, AWS Marketplace, AWS CLI, AWS Management Console, AWS acceptable use policy, amazonaws.com, Quotas, AWS Support plans, AWS Resource Explorer, AWS Managed Services (AMS), AWS savings, AWS Nitro System, AWS Activate, Serverless, AWS timeline
Advertising:
