Skip to main content

Navigation Guide
You are on a Command (operation) page with structural examples. Use the navigation breadcrumb if you would like to return to the Client landing page.

ChangePasswordCommand

Suggest an Edit

Changes the password of the IAM user who is calling this operation. This operation can be performed using the CLI, the Amazon Web Services API, or the My Security Credentials page in the Amazon Web Services Management Console. The Amazon Web Services account root user password is not affected by this operation.

Use UpdateLoginProfile to use the CLI, the Amazon Web Services API, or the Users page in the IAM console to change the password for any IAM user. For more information about modifying passwords, see Managing passwords in the IAM User Guide.

Example Syntax

Use a bare-bones client and the command you need to make an API call.

import { IAMClient, ChangePasswordCommand } from "@aws-sdk/client-iam"; // ES Modules import
// const { IAMClient, ChangePasswordCommand } = require("@aws-sdk/client-iam"); // CommonJS import
const client = new IAMClient(config);
const input = { // ChangePasswordRequest
  OldPassword: "STRING_VALUE", // required
  NewPassword: "STRING_VALUE", // required
};
const command = new ChangePasswordCommand(input);
const response = await client.send(command);
// {};

Example Usage

Loading code editor

ChangePasswordCommand Input

See ChangePasswordCommandInput for more details

Parameter	Type	Description
`NewPassword` Required	`string \| undefined`	The new password. The new password must conform to the Amazon Web Services account's password policy, if one exists. The regex pattern that is used to validate this parameter is a string of characters. That string can include almost any printable ASCII character from the space (`u0020`) through the end of the ASCII character range (`u00FF`). You can also include the tab (`u0009`), line feed (`u000A`), and carriage return (`u000D`) characters. Any of these characters are valid in a password. However, many tools, such as the Amazon Web Services Management Console, might restrict the ability to type certain characters because they have special meaning within that tool.
`OldPassword` Required	`string \| undefined`	The IAM user's current password.

ChangePasswordCommand Output

See ChangePasswordCommandOutput for details

Parameter	Type	Description
`$metadata` Required	`ResponseMetadata`	Metadata pertaining to this request.

Throws

Name	Fault	Details
EntityTemporarilyUnmodifiableException	client	The request was rejected because it referenced an entity that is temporarily unmodifiable, such as a user name that was deleted and then recreated. The error indicates that the request is likely to succeed if you try again after waiting several minutes. The error message describes the entity.
InvalidUserTypeException	client	The request was rejected because the type of user for the transaction was incorrect.
LimitExceededException	client	The request was rejected because it attempted to create resources beyond the current Amazon Web Services account limits. The error message describes the limit exceeded.
NoSuchEntityException	client	The request was rejected because it referenced a resource entity that does not exist. The error message describes the resource.
PasswordPolicyViolationException	client	The request was rejected because the provided password did not meet the requirements imposed by the account password policy.
ServiceFailureException	server	The request processing has failed because of an unknown error, exception or failure.
IAMServiceException		Base exception class for all service exceptions from IAM service.