AWS SelfManageCredentials
{ "Version": "2012-10-17", "Statement": [ { "Sid": "AllowViewAccountInfo", "Effect": "Allow", "Action": [ "iam:GetAccountPasswordPolicy", "iam:GetAccountSummary" ], "Resource": "*" }, { "Sid": "AllowManageOwnPasswords", "Effect": "Allow", "Action": [ "iam:ChangePassword", "iam:GetUser" ], "Resource": "arn:aws:iam::*:user/${aws:username}" }, { "Sid": "AllowManageOwnAccessKeys", "Effect": "Allow", "Action": [ "iam:CreateAccessKey", "iam:DeleteAccessKey", "iam:ListAccessKeys", "iam:UpdateAccessKey" ], "Resource": "arn:aws:iam::*:user/${aws:username}" }, { "Sid": "AllowManageOwnSSHPublicKeys", "Effect": "Allow", "Action": [ "iam:DeleteSSHPublicKey", "iam:GetSSHPublicKey", "iam:ListSSHPublicKeys", "iam:UpdateSSHPublicKey", "iam:UploadSSHPublicKey" ], "Resource": "arn:aws:iam::*:user/${aws:username}" } ] }
Related[edit]
- AllowManageOwnAccessKeys
- IAMSelfManageServiceSpecificCredentials
iam:CreateAccessKey
- Read only
See also[edit]
aws iam
[create-user
,create-group, get-user
,list-users
|list-policies
|list-attached-user-policies
|attach-user-policy
|list-attached-user-policies
|list-roles
|get-account-summary
|put-group-policy | put-role-policy | put-user-policy
|create-login-profile
|aws iam delete-virtual-mfa-device
|aws iam list-virtual-mfa-devices
|aws iam create-saml-provider
|aws iam list-account-aliases
|aws iam create-role | aws iam change-password| enable-mfa-device | list-instance-profiles
Advertising: