Managing Passwords for IAM Users (Part 2)

 





To read part 1, please click here




Creating, Changing, or Deleting an IAM User Password (AWS CLI)

The AWS CLI  API can help in managing the passwords for your IAM users.

To Create a Password (AWS CLI)

  1. Firstly, run this command to know about a user's password: aws iam get-login-profile. (optional)
  2. Now, in order to create a password, this command can be run: aws iam create-login-profile.

To Change a User's Password (AWS CLI)

  1. Run this command to know about a user's password: aws iam get-login-profile. (optional)
  2. Now, in order to change a password, this command can be run: aws iam update-login-profile.

To Delete (disable) a User's Password (AWS CLI)

  1. Run this command to know about a user's password: aws iam get-login-profile. (optional)
  2. This command will show the last usage of a password: aws iam get-user. (optional)
  3. Now, in order to delete a password, this command can be run: aws iam delete-login-profile.

Note: The user's access to the AWS Management Console can be easily disabled by simply removing their password. However, if a user have active access keys, they can continue their function and have all the access through the AWS CLI, Tools for Windows PowerShell, or AWS API function calls.

Creating, Changing, or Deleting an IAM User Password (AWS API)

The AWS API can help in managing the passwords for your IAM users.

To Create a Password (AWS API)

  1. Firstly, call this operation to know about a user's password: GetLoginProfile. (optional)
  2. Now, in order to create a password, this operation can be called: CreateLoginProfile.

To Change a User's Password (AWS API)

  1. Call this operation to know about a user's password: GetLoginProfile. (optional)
  2. Now, in order to change a password, this operation can be called: UpdateLoginProfile.

To Delete (disable) a User's Password (AWS API)

  1. Call this command to know about a user's password: GetLoginProfile (optional)
  2. This command will show the last usage of a password: GetUser  (optional)
  3. Now, in order to delete a password, this command can be run: DeleteLoginProfile.

Note: The user cannot sign-in to the AWS Management Console if their password is removed. However, if a user have active access keys, they can continue their function and have all the access through the AWS CLI, Tools for Windows PowerShell, or AWS API function calls.








To read part 1, please click here















































Comments

Popular posts from this blog

Deployment (Part 3)

Project Resourcing (Part 2)

Design Planning (Part 3)