Difference between revisions of "AWS SelfManageCredentials"
Jump to navigation
Jump to search
| (5 intermediate revisions by 3 users not shown) | |||
| Line 1: | Line 1: | ||
* https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_examples_aws_my-sec-creds-self-manage-pass-accesskeys-ssh.html | * https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_examples_aws_my-sec-creds-self-manage-pass-accesskeys-ssh.html | ||
| − | + | ||
| − | { | + | { |
| − | + | "Version": "2012-10-17", | |
| − | + | "Statement": [ | |
| − | + | { | |
| − | + | "Sid": "AllowViewAccountInfo", | |
| − | + | "Effect": "Allow", | |
| − | + | "Action": [ | |
| − | + | "iam:GetAccountPasswordPolicy", | |
| − | + | "iam:GetAccountSummary" | |
| − | + | ], | |
| − | + | "Resource": "*" | |
| − | + | }, | |
| − | + | { | |
| − | + | "Sid": "AllowManageOwnPasswords", | |
| − | + | "Effect": "Allow", | |
| − | + | "Action": [ | |
| − | + | "iam:ChangePassword", | |
| − | + | "iam:GetUser" | |
| − | + | ], | |
| − | + | "Resource": "arn:aws:iam::*:user/${aws:username}" | |
| − | + | }, | |
| − | + | { | |
| − | + | "Sid": "AllowManageOwnAccessKeys", | |
| − | + | "Effect": "Allow", | |
| − | + | "Action": [ | |
| − | + | "iam:CreateAccessKey", | |
| − | + | "iam:DeleteAccessKey", | |
| − | + | "[[iam:ListAccessKeys]]", | |
| − | + | "iam:UpdateAccessKey" | |
| − | + | ], | |
| − | + | "Resource": "arn:aws:iam::*:user/${aws:username}" | |
| − | + | }, | |
| − | + | { | |
| − | + | "Sid": "AllowManageOwnSSHPublicKeys", | |
| − | + | "Effect": "Allow", | |
| − | + | "Action": [ | |
| − | + | "iam:DeleteSSHPublicKey", | |
| − | + | "iam:GetSSHPublicKey", | |
| − | + | "iam:ListSSHPublicKeys", | |
| − | + | "iam:UpdateSSHPublicKey", | |
| − | + | "iam:UploadSSHPublicKey" | |
| − | + | ], | |
| − | + | "Resource": "arn:aws:iam::*:user/${aws:username}" | |
| − | + | } | |
| − | + | ] | |
| − | } | + | } |
| − | |||
| Line 53: | Line 52: | ||
* AllowManageOwnAccessKeys | * AllowManageOwnAccessKeys | ||
* [[IAMSelfManageServiceSpecificCredentials]] | * [[IAMSelfManageServiceSpecificCredentials]] | ||
| + | * <code>[[iam:CreateAccessKey]]</code> | ||
| + | * [[Read only]] | ||
== See also == | == See also == | ||
* {{aws iam}} | * {{aws iam}} | ||
| + | |||
| + | [[Category:AWS]] | ||
Latest revision as of 06:09, 12 July 2022
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowViewAccountInfo",
"Effect": "Allow",
"Action": [
"iam:GetAccountPasswordPolicy",
"iam:GetAccountSummary"
],
"Resource": "*"
},
{
"Sid": "AllowManageOwnPasswords",
"Effect": "Allow",
"Action": [
"iam:ChangePassword",
"iam:GetUser"
],
"Resource": "arn:aws:iam::*:user/${aws:username}"
},
{
"Sid": "AllowManageOwnAccessKeys",
"Effect": "Allow",
"Action": [
"iam:CreateAccessKey",
"iam:DeleteAccessKey",
"iam:ListAccessKeys",
"iam:UpdateAccessKey"
],
"Resource": "arn:aws:iam::*:user/${aws:username}"
},
{
"Sid": "AllowManageOwnSSHPublicKeys",
"Effect": "Allow",
"Action": [
"iam:DeleteSSHPublicKey",
"iam:GetSSHPublicKey",
"iam:ListSSHPublicKeys",
"iam:UpdateSSHPublicKey",
"iam:UploadSSHPublicKey"
],
"Resource": "arn:aws:iam::*:user/${aws:username}"
}
]
}
Related[edit]
- AllowManageOwnAccessKeys
- IAMSelfManageServiceSpecificCredentials
iam:CreateAccessKey- Read only
See also[edit]
aws iam[create-user,create-group, get-user,list-users|list-policies|list-attached-user-policies|attach-user-policy|list-attached-user-policies|list-roles|get-account-summary|put-group-policy | put-role-policy | put-user-policy|create-login-profile|aws iam delete-virtual-mfa-device|aws iam list-virtual-mfa-devices|aws iam create-saml-provider|aws iam list-account-aliases|aws iam create-role | aws iam change-password| enable-mfa-device | list-instance-profiles
Advertising:
