iam:ChangePassword (Policy)
(Redirected from Iam:ChangePassword)
Jump to navigation
Jump to search
iam:ChangePassword
Contents
Errors[edit]
Either user is not authorized to perform iam:ChangePassword or entered password does not comply with account password policy set by administrator
Solution:
- Remove MFA policy https://serverfault.com/questions/992027/aws-iam-wont-let-my-users-change-their-passwords
An error occurred (AccessDenied) when calling the ChangePassword operation: User: arn:aws:iam::146910341356:user/MY_USERNAME is not authorized to perform: iam:ChangePassword on resource: user MY_USERNAME with an explicit deny
Examples[edit]
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "iam:GetAccountPasswordPolicy",
"Resource": "*"
},
{
"Effect": "Allow",
"Action": "iam:ChangePassword",
"Resource": "arn:aws:iam::account-id-without-hyphens:user/${aws:username}"
}
]
}
Related[edit]
See also[edit]
- IAM: AWS IAM Identity Center, AWS Identity and Access Management, Google Cloud IAM, Azure IAM, SailPoint, CyberArk, CIAM, ForgeRock,
iam:ChangePassword,aws iam,AdministratorAccess, Context keys, IAM Access Analyzer, AWS policy, AWS managed policies,IAMUserChangePassword, AWS Roles, List of AWS policies, Resource-based policy,aws-iam-authenticator, IRSA, RDS Authentication,AccessDenied, AWS Authentication, AWS IAM external access analyzer - AWS policies: managed policies, Inline, Job functions, reference, AWS trust policy, AWS Service Control Policy (SCP), Resource-based policies, Identity-based policies, permissions boundaries,
"Resource":, Job function, AWS Policy Generator,s3:, lambda:, cloudwatch:, AWSSecretsManagerReadWriteAccess,actions =, resources =
Advertising:
