(Last Updated On: April 15, 2019)

My IAM user password had expired and I couldn’t access the AWS Management Console to reset it. The only way I could change/reset IAM user password on AWS was by using AWS CLI. The update-login-profile command enables IAM users to change their own passwords by calling ChangePassword.

You need to have AWS CLI tools installed and configured for this guide to work. If you don’t have, see our guide below.

How to Install and Use AWS CLI on Linux

After setting up AWS CLI on your Linux system, use your favorite password generator to get a complex password to be used. I often use https://passwordsgenerator.net/ to generate passwords.

Copy password generated and reset your IAM user password using the following command syntax.

aws iam update-login-profile --user-name <username> --password <password>

Where:

  • <username> is the name of the user whose password you want to update.
  • <password> is the new password for the specified IAM user.

Example:

aws iam update-login-profile --user-name computingforgeeks --password 'ThRi2DhfdFPl^oo'

You can also specify if the new password is to be used only once by requiring the specified IAM user to set a new password on next sign-in.

aws iam update-login-profile --user-name computingforgeeks --password 'ThRi2DhfdFPl^oo' --password-reset-required

If the new password violates the account password policy, the command returns a PasswordPolicyViolation error.

Reset / Change Password password based on the JSON string provided

The create-login-profile can be used to first create a password for the specified user, giving the user the ability to access AWS services through the AWS Management Console.

aws iam create-login-profile --generate-cli-skeleton > create-login-profile.json

This command creates a JSON file called create-login-profile.json that you can use to fill in the information for a subsequent create-login-profile command.

Use the –cli-input-json option when running the update-login-profile to perform service operation based on the JSON string saved.

aws iam update-login-profile --cli-input-json file://create-login-profile.json 

You’ll be asked to reset password on first login to Web console.

Also check:

How to Reset RDS Master User Password on AWS

How to extend EBS boot disk on AWS without an instance reboot

Create AWS S3 Upload and List Objects Policy without Delete Action

How to Backup files to Scaleway Object Storage using AWS-CLI