Difference between revisions of "AWS SelfManageCredentials"
Jump to navigation
Jump to search
(8 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
+ | * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_examples_aws_my-sec-creds-self-manage-pass-accesskeys-ssh.html | ||
+ | { | ||
+ | "Version": "2012-10-17", | ||
+ | "Statement": [ | ||
+ | { | ||
+ | "Sid": "AllowViewAccountInfo", | ||
+ | "Effect": "Allow", | ||
+ | "Action": [ | ||
+ | "iam:GetAccountPasswordPolicy", | ||
+ | "iam:GetAccountSummary" | ||
+ | ], | ||
+ | "Resource": "*" | ||
+ | }, | ||
+ | { | ||
+ | "Sid": "AllowManageOwnPasswords", | ||
+ | "Effect": "Allow", | ||
+ | "Action": [ | ||
+ | "iam:ChangePassword", | ||
+ | "iam:GetUser" | ||
+ | ], | ||
+ | "Resource": "arn:aws:iam::*:user/${aws:username}" | ||
+ | }, | ||
+ | { | ||
+ | "Sid": "AllowManageOwnAccessKeys", | ||
+ | "Effect": "Allow", | ||
+ | "Action": [ | ||
+ | "iam:CreateAccessKey", | ||
+ | "iam:DeleteAccessKey", | ||
+ | "[[iam:ListAccessKeys]]", | ||
+ | "iam:UpdateAccessKey" | ||
+ | ], | ||
+ | "Resource": "arn:aws:iam::*:user/${aws:username}" | ||
+ | }, | ||
+ | { | ||
+ | "Sid": "AllowManageOwnSSHPublicKeys", | ||
+ | "Effect": "Allow", | ||
+ | "Action": [ | ||
+ | "iam:DeleteSSHPublicKey", | ||
+ | "iam:GetSSHPublicKey", | ||
+ | "iam:ListSSHPublicKeys", | ||
+ | "iam:UpdateSSHPublicKey", | ||
+ | "iam:UploadSSHPublicKey" | ||
+ | ], | ||
+ | "Resource": "arn:aws:iam::*:user/${aws:username}" | ||
+ | } | ||
+ | ] | ||
+ | } | ||
+ | == Related == | ||
+ | * AllowManageOwnAccessKeys | ||
+ | * [[IAMSelfManageServiceSpecificCredentials]] | ||
+ | * <code>[[iam:CreateAccessKey]]</code> | ||
+ | * [[Read only]] | ||
− | * | + | == See also == |
+ | * {{aws iam}} | ||
− | + | [[Category:AWS]] |
Latest revision as of 06:09, 12 July 2022
{ "Version": "2012-10-17", "Statement": [ { "Sid": "AllowViewAccountInfo", "Effect": "Allow", "Action": [ "iam:GetAccountPasswordPolicy", "iam:GetAccountSummary" ], "Resource": "*" }, { "Sid": "AllowManageOwnPasswords", "Effect": "Allow", "Action": [ "iam:ChangePassword", "iam:GetUser" ], "Resource": "arn:aws:iam::*:user/${aws:username}" }, { "Sid": "AllowManageOwnAccessKeys", "Effect": "Allow", "Action": [ "iam:CreateAccessKey", "iam:DeleteAccessKey", "iam:ListAccessKeys", "iam:UpdateAccessKey" ], "Resource": "arn:aws:iam::*:user/${aws:username}" }, { "Sid": "AllowManageOwnSSHPublicKeys", "Effect": "Allow", "Action": [ "iam:DeleteSSHPublicKey", "iam:GetSSHPublicKey", "iam:ListSSHPublicKeys", "iam:UpdateSSHPublicKey", "iam:UploadSSHPublicKey" ], "Resource": "arn:aws:iam::*:user/${aws:username}" } ] }
Related[edit]
- AllowManageOwnAccessKeys
- IAMSelfManageServiceSpecificCredentials
iam:CreateAccessKey
- Read only
See also[edit]
aws iam
[create-user
,create-group, get-user
,list-users
|list-policies
|list-attached-user-policies
|attach-user-policy
|list-attached-user-policies
|list-roles
|get-account-summary
|put-group-policy | put-role-policy | put-user-policy
|create-login-profile
|aws iam delete-virtual-mfa-device
|aws iam list-virtual-mfa-devices
|aws iam create-saml-provider
|aws iam list-account-aliases
|aws iam create-role | aws iam change-password| enable-mfa-device | list-instance-profiles
Advertising: