Didn't get DefaultAccountPasswordPolicy When Calling "GetAccountPasswordPolicy" API. #7265
Assignees
Labels
iam
p2
This is a standard priority issue
service-api
This issue is due to a problem in a service API, not the SDK implementation.
Comments
tirthrajsinh-fens
added
bug
aBurmeseDev
added
investigating
|
Hi @tirthrajsinh-fens, thanks for reaching out. Which CLI command did you run and receive the Password Policy error? I assumed that you ran Here's docs on for your reference: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_passwords_account-policy.html#PasswordPolicy_CLI If you're still having trouble, please share the debugs logs by adding Best, |
aBurmeseDev
added
response-requested
|
Hi, @aBurmeseDev Thanks for your response.
Thanks, |
github-actions
bot
removed
the
response-requested
|
@tirthrajsinh-fens Thanks for sharing this additional info. Could you try running update-account command As mentioned in the docs from previous comment, you might have to run update-account-policy command to retrieve the default password policy after removing the custom password policy. Please let me know if that helps! |
aBurmeseDev
added
the
response-requested
|
Hi @aBurmeseDev, But it's not a default AWS account password policy, right? , I think when account password policy is not set or updated then, by default AWS account password policy should be set.
|
github-actions
bot
removed
the
response-requested
aBurmeseDev
added
the
investigating
|
Could you check your current password policy by going to AWS IAM console and then click on Account settings on the left navigation menu. You'll see your password policy first thing on the page. That's where the default password policy is pulled from when you run |
aBurmeseDev
added
response-requested
|
Hi @aBurmeseDev,
@aBurmeseDev Can u please check with the above password policy? Thanks, |
github-actions
bot
removed
the
response-requested
aBurmeseDev
added
the
investigating
aBurmeseDev
added
bug
|
Hi @tirthrajsinh-fens - apologies for the delay. I heard back from the team that this error is likely be resolved by doing these steps:
Also I would check on your CLI version and update to recent version if you haven't already. If you the issue persists, please share the full debug logs by appending |
aBurmeseDev
added
response-requested
|
Greetings! It looks like this issue hasn’t been active in longer than five days. We encourage you to check if this is still an issue in the latest release. In the absence of more information, we will be closing this issue soon. If you find that this is still a problem, please feel free to provide a comment or upvote with a reaction on the initial post to prevent automatic closure. If the issue is already closed, please feel free to open a new one. |
github-actions
bot
added
the
closing-soon
|
@aBurmeseDev thanks for your reply, I will surely check in short and Revert Back. |
github-actions
bot
removed
closing-soon
|
Hi @aBurmeseDev , I have checked with latest version 2.9.16 but still getting same error. and I have setup default account-password-policy to the account. |
|
I'm also hitting this bug in the AWS CLI and the SDK. CLI command: $> aws iam get-account-password-policy --debug 2>&1 | tee error.log
2023-12-11 21:29:17,379 - MainThread - awscli.clidriver - DEBUG - CLI version: aws-cli/2.13.37 Python/3.11.6 Linux/6.2.0-1016-azure exe/x86_64.ubuntu.20
2023-12-11 21:29:17,380 - MainThread - awscli.clidriver - DEBUG - Arguments entered to CLI: ['iam', 'get-account-password-policy', '--debug']
2023-12-11 21:29:17,399 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function add_s3 at 0x7ff00e5fc220>
2023-12-11 21:29:17,399 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function add_ddb at 0x7ff00e820ea0>
2023-12-11 21:29:17,399 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <bound method BasicCommand.add_command of <class 'awscli.customizations.configure.configure.ConfigureCommand'>>
2023-12-11 21:29:17,399 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function change_name at 0x7ff00eb831a0>
2023-12-11 21:29:17,399 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function change_name at 0x7ff00e7a8860>
2023-12-11 21:29:17,399 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function alias_opsworks_cm at 0x7ff00e5feca0>
2023-12-11 21:29:17,399 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function add_history_commands at 0x7ff00e853880>
2023-12-11 21:29:17,399 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <bound method BasicCommand.add_command of <class 'awscli.customizations.devcommands.CLIDevCommand'>>
2023-12-11 21:29:17,399 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <function add_waiters at 0x7ff00e5feb60>
2023-12-11 21:29:17,399 - MainThread - botocore.hooks - DEBUG - Event building-command-table.main: calling handler <bound method AliasSubCommandInjector.on_building_command_table of <awscli.alias.AliasSubCommandInjector object at 0x7ff00e4b5cd0>>
2023-12-11 21:29:17,399 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/aws-cli/v2/2.13.37/dist/awscli/data/cli.json
2023-12-11 21:29:17,401 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <function resolve_types at 0x7ff00e731260>
2023-12-11 21:29:17,401 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <function no_sign_request at 0x7ff00e731580>
2023-12-11 21:29:17,401 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <function resolve_verify_ssl at 0x7ff00e7314e0>
2023-12-11 21:29:17,401 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <function resolve_cli_read_timeout at 0x7ff00e7316c0>
2023-12-11 21:29:17,401 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <function resolve_cli_connect_timeout at 0x7ff00e731620>
2023-12-11 21:29:17,401 - MainThread - botocore.hooks - DEBUG - Event top-level-args-parsed: calling handler <built-in method update of dict object at 0x7ff00e4b3480>
2023-12-11 21:29:17,402 - MainThread - awscli.clidriver - DEBUG - CLI version: aws-cli/2.13.37 Python/3.11.6 Linux/6.2.0-1016-azure exe/x86_64.ubuntu.20 prompt/off
2023-12-11 21:29:17,402 - MainThread - awscli.clidriver - DEBUG - Arguments entered to CLI: ['iam', 'get-account-password-policy', '--debug']
2023-12-11 21:29:17,402 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function add_timestamp_parser at 0x7ff00e5fcb80>
2023-12-11 21:29:17,402 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function register_uri_param_handler at 0x7ff00ebf4c20>
2023-12-11 21:29:17,402 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function add_binary_formatter at 0x7ff00e6804a0>
2023-12-11 21:29:17,402 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function no_pager_handler at 0x7ff00ecef420>
2023-12-11 21:29:17,403 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function inject_assume_role_provider_cache at 0x7ff00ec20540>
2023-12-11 21:29:17,404 - MainThread - botocore.utils - DEBUG - IMDS ENDPOINT: http://169.254.169.254/
2023-12-11 21:29:17,406 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function attach_history_handler at 0x7ff00e8500e0>
2023-12-11 21:29:17,406 - MainThread - botocore.hooks - DEBUG - Event session-initialized: calling handler <function inject_json_file_cache at 0x7ff00e811120>
2023-12-11 21:29:17,426 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/aws-cli/v2/2.13.37/dist/awscli/botocore/data/iam/2010-05-08/service-2.json
2023-12-11 21:29:17,451 - MainThread - botocore.hooks - DEBUG - Event building-command-table.iam: calling handler <function _add_wizard_command at 0x7ff00e66b1a0>
2023-12-11 21:29:17,451 - MainThread - botocore.hooks - DEBUG - Event building-command-table.iam: calling handler <function add_waiters at 0x7ff00e5feb60>
2023-12-11 21:29:17,469 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/aws-cli/v2/2.13.37/dist/awscli/botocore/data/iam/2010-05-08/waiters-2.json
2023-12-11 21:29:17,470 - MainThread - botocore.hooks - DEBUG - Event building-command-table.iam: calling handler <bound method AliasSubCommandInjector.on_building_command_table of <awscli.alias.AliasSubCommandInjector object at 0x7ff00e4b5cd0>>
2023-12-11 21:29:17,470 - MainThread - awscli.clidriver - DEBUG - OrderedDict()
2023-12-11 21:29:17,471 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.iam.get-account-password-policy: calling handler <function add_streaming_output_arg at 0x7ff00e5fd080>
2023-12-11 21:29:17,471 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.iam.get-account-password-policy: calling handler <function add_cli_input_json at 0x7ff00ec20ea0>
2023-12-11 21:29:17,471 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.iam.get-account-password-policy: calling handler <function add_cli_input_yaml at 0x7ff00ec20f40>
2023-12-11 21:29:17,471 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.iam.get-account-password-policy: calling handler <function unify_paging_params at 0x7ff00e8214e0>
2023-12-11 21:29:17,489 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/aws-cli/v2/2.13.37/dist/awscli/botocore/data/iam/2010-05-08/paginators-1.json
2023-12-11 21:29:17,490 - MainThread - botocore.hooks - DEBUG - Event building-argument-table.iam.get-account-password-policy: calling handler <function add_generate_skeleton at 0x7ff00e70fa60>
2023-12-11 21:29:17,490 - MainThread - botocore.hooks - DEBUG - Event before-building-argument-table-parser.iam.get-account-password-policy: calling handler <bound method OverrideRequiredArgsArgument.override_required_args of <awscli.customizations.cliinput.CliInputJSONArgument object at 0x7ff00d9f4cd0>>
2023-12-11 21:29:17,490 - MainThread - botocore.hooks - DEBUG - Event before-building-argument-table-parser.iam.get-account-password-policy: calling handler <bound method OverrideRequiredArgsArgument.override_required_args of <awscli.customizations.cliinput.CliInputYAMLArgument object at 0x7ff00db81710>>
2023-12-11 21:29:17,490 - MainThread - botocore.hooks - DEBUG - Event before-building-argument-table-parser.iam.get-account-password-policy: calling handler <bound method GenerateCliSkeletonArgument.override_required_args of <awscli.customizations.generatecliskeleton.GenerateCliSkeletonArgument object at 0x7ff00d8bd490>>
2023-12-11 21:29:17,490 - MainThread - botocore.hooks - DEBUG - Event building-command-table.iam_get-account-password-policy: calling handler <function add_waiters at 0x7ff00e5feb60>
2023-12-11 21:29:17,490 - MainThread - botocore.hooks - DEBUG - Event building-command-table.iam_get-account-password-policy: calling handler <bound method AliasSubCommandInjector.on_building_command_table of <awscli.alias.AliasSubCommandInjector object at 0x7ff00e4b5cd0>>
2023-12-11 21:29:17,491 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.iam.get-account-password-policy.cli-input-json: calling handler <awscli.paramfile.URIArgumentHandler object at 0x7ff00ebe1510>
2023-12-11 21:29:17,491 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.iam.get-account-password-policy.cli-input-yaml: calling handler <awscli.paramfile.URIArgumentHandler object at 0x7ff00ebe1510>
2023-12-11 21:29:17,491 - MainThread - botocore.hooks - DEBUG - Event load-cli-arg.iam.get-account-password-policy.generate-cli-skeleton: calling handler <awscli.paramfile.URIArgumentHandler object at 0x7ff00ebe1510>
2023-12-11 21:29:17,491 - MainThread - botocore.hooks - DEBUG - Event calling-command.iam.get-account-password-policy: calling handler <bound method CliInputArgument.add_to_call_parameters of <awscli.customizations.cliinput.CliInputJSONArgument object at 0x7ff00d9f4cd0>>
2023-12-11 21:29:17,491 - MainThread - botocore.hooks - DEBUG - Event calling-command.iam.get-account-password-policy: calling handler <bound method CliInputArgument.add_to_call_parameters of <awscli.customizations.cliinput.CliInputYAMLArgument object at 0x7ff00db81710>>
2023-12-11 21:29:17,491 - MainThread - botocore.hooks - DEBUG - Event calling-command.iam.get-account-password-policy: calling handler <bound method GenerateCliSkeletonArgument.generate_skeleton of <awscli.customizations.generatecliskeleton.GenerateCliSkeletonArgument object at 0x7ff00d8bd490>>
2023-12-11 21:29:17,492 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: env
2023-12-11 21:29:17,492 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: assume-role
2023-12-11 21:29:17,492 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: assume-role-with-web-identity
2023-12-11 21:29:17,492 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: sso
2023-12-11 21:29:17,492 - MainThread - botocore.credentials - DEBUG - Looking for credentials via: shared-credentials-file
2023-12-11 21:29:17,492 - MainThread - botocore.credentials - INFO - Found credentials in shared credentials file: ~/.aws/credentials
2023-12-11 21:29:17,493 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/aws-cli/v2/2.13.37/dist/awscli/botocore/data/endpoints.json
2023-12-11 21:29:17,507 - MainThread - botocore.hooks - DEBUG - Event choose-service-name: calling handler <function handle_service_name_alias at 0x7ff0109fcae0>
2023-12-11 21:29:17,526 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/aws-cli/v2/2.13.37/dist/awscli/botocore/data/iam/2010-05-08/endpoint-rule-set-1.json
2023-12-11 21:29:17,526 - MainThread - botocore.loaders - DEBUG - Loading JSON file: /usr/local/aws-cli/v2/2.13.37/dist/awscli/botocore/data/partitions.json
2023-12-11 21:29:17,531 - MainThread - botocore.hooks - DEBUG - Event creating-client-class.iam: calling handler <function add_generate_presigned_url at 0x7ff0111eec00>
2023-12-11 21:29:17,531 - MainThread - botocore.configprovider - DEBUG - Looking for endpoint for iam via: environment_service
2023-12-11 21:29:17,531 - MainThread - botocore.configprovider - DEBUG - Looking for endpoint for iam via: environment_global
2023-12-11 21:29:17,531 - MainThread - botocore.configprovider - DEBUG - Looking for endpoint for iam via: config_service
2023-12-11 21:29:17,532 - MainThread - botocore.configprovider - DEBUG - Looking for endpoint for iam via: config_global
2023-12-11 21:29:17,532 - MainThread - botocore.configprovider - DEBUG - No configured endpoint found.
2023-12-11 21:29:17,532 - MainThread - botocore.regions - DEBUG - Using partition endpoint for iam, us-gov-east-1: aws-us-gov-global
2023-12-11 21:29:17,535 - MainThread - botocore.endpoint - DEBUG - Setting iam timeout as (60, 60)
2023-12-11 21:29:17,537 - MainThread - botocore.regions - DEBUG - Calling endpoint provider with parameters: {'Region': 'us-gov-east-1', 'UseDualStack': False, 'UseFIPS': False}
2023-12-11 21:29:17,537 - MainThread - botocore.regions - DEBUG - Endpoint provider result: https://iam.us-gov.amazonaws.com
2023-12-11 21:29:17,537 - MainThread - botocore.regions - DEBUG - Selecting from endpoint provider's list of auth schemes: "sigv4". User selected auth scheme is: "None"
2023-12-11 21:29:17,537 - MainThread - botocore.regions - DEBUG - Selected auth type "v4" as "v4" with signing context params: {'region': 'us-gov-west-1', 'signing_name': 'iam'}
2023-12-11 21:29:17,537 - MainThread - botocore.hooks - DEBUG - Event provide-client-params.iam.GetAccountPasswordPolicy: calling handler <function base64_decode_input_blobs at 0x7ff00e680540>
2023-12-11 21:29:17,537 - MainThread - botocore.hooks - DEBUG - Event before-parameter-build.iam.GetAccountPasswordPolicy: calling handler <function generate_idempotent_uuid at 0x7ff0109fed40>
2023-12-11 21:29:17,538 - MainThread - botocore.hooks - DEBUG - Event before-call.iam.GetAccountPasswordPolicy: calling handler <function inject_api_version_header_if_needed at 0x7ff010a14860>
2023-12-11 21:29:17,538 - MainThread - botocore.endpoint - DEBUG - Making request for OperationModel(name=GetAccountPasswordPolicy) with params: {'url_path': '/', 'query_string': '', 'method': 'POST', 'headers': {'Content-Type': 'application/x-www-form-urlencoded; charset=utf-8', 'User-Agent': 'aws-cli/2.13.37 Python/3.11.6 Linux/6.2.0-1016-azure exe/x86_64.ubuntu.20 prompt/off command/iam.get-account-password-policy'}, 'body': {'Action': 'GetAccountPasswordPolicy', 'Version': '2010-05-08'}, 'url': 'https://iam.us-gov.amazonaws.com/', 'context': {'client_region': 'aws-us-gov-global', 'client_config': <botocore.config.Config object at 0x7ff00d9789d0>, 'has_streaming_input': False, 'auth_type': 'v4', 'signing': {'region': 'us-gov-west-1', 'signing_name': 'iam'}}}
2023-12-11 21:29:17,538 - MainThread - botocore.hooks - DEBUG - Event request-created.iam.GetAccountPasswordPolicy: calling handler <bound method RequestSigner.handler of <botocore.signers.RequestSigner object at 0x7ff00d37bc90>>
2023-12-11 21:29:17,538 - MainThread - botocore.hooks - DEBUG - Event choose-signer.iam.GetAccountPasswordPolicy: calling handler <function set_operation_specific_signer at 0x7ff0109fec00>
2023-12-11 21:29:17,538 - MainThread - botocore.auth - DEBUG - Calculating signature using v4 auth.
2023-12-11 21:29:17,538 - MainThread - botocore.auth - DEBUG - CanonicalRequest:
POST
/
content-type:application/x-www-form-urlencoded; charset=utf-8
host:iam.us-gov.amazonaws.com
x-amz-date:20231211T212917Z
content-type;host;x-amz-date
ea932dc167ba62f61056ffd881499668d7cf04f9c4ed7883675e860d28fff1e9
2023-12-11 21:29:17,538 - MainThread - botocore.auth - DEBUG - StringToSign:
AWS4-HMAC-SHA256
20231211T212917Z
20231211/us-gov-west-1/iam/aws4_request
a5f0391ad8658c55c22f737fb0d8dc6ae7e3eeea2591fba1dab8221fc80bca70
2023-12-11 21:29:17,538 - MainThread - botocore.auth - DEBUG - Signature:
1fbca2ed9685ee62b0b83d3981ba45863e0e6f544b735b6409af2bfb179e3092
2023-12-11 21:29:17,539 - MainThread - botocore.endpoint - DEBUG - Sending http request: <AWSPreparedRequest stream_output=False, method=POST, url=https://iam.us-gov.amazonaws.com/, headers={'Content-Type': b'application/x-www-form-urlencoded; charset=utf-8', 'User-Agent': b'aws-cli/2.13.37 Python/3.11.6 Linux/6.2.0-1016-azure exe/x86_64.ubuntu.20 prompt/off command/iam.get-account-password-policy', 'X-Amz-Date': b'20231211T212917Z', 'Authorization': b'AWS4-HMAC-SHA256 Credential=<crederntial>, SignedHeaders=content-type;host;x-amz-date, Signature=1fbca2ed9685ee62b0b83d3981ba45863e0e6f544b735b6409af2bfb179e3092', 'Content-Length': '50'}>
2023-12-11 21:29:17,539 - MainThread - botocore.httpsession - DEBUG - Certificate path: /usr/local/aws-cli/v2/2.13.37/dist/awscli/botocore/cacert.pem
2023-12-11 21:29:17,540 - MainThread - urllib3.connectionpool - DEBUG - Starting new HTTPS connection (1): iam.us-gov.amazonaws.com:443
2023-12-11 21:29:17,914 - MainThread - urllib3.connectionpool - DEBUG - https://iam.us-gov.amazonaws.com:443 "POST / HTTP/1.1" 404 310
2023-12-11 21:29:17,914 - MainThread - botocore.parsers - DEBUG - Response headers: {'x-amzn-RequestId': '3eae9747-1d01-4f04-979d-fafd7a1dafd7', 'Content-Type': 'text/xml', 'Content-Length': '310', 'Date': 'Mon, 11 Dec 2023 21:29:17 GMT'}
2023-12-11 21:29:17,915 - MainThread - botocore.parsers - DEBUG - Response body:
b'<ErrorResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">\n <Error>\n <Type>Sender</Type>\n <Code>NoSuchEntity</Code>\n <Message>The Password Policy with domain name <acct> cannot be found.</Message>\n </Error>\n <RequestId>3eae9747-1d01-4f04-979d-fafd7a1dafd7</RequestId>\n</ErrorResponse>\n'
2023-12-11 21:29:17,917 - MainThread - botocore.parsers - DEBUG - Response headers: {'x-amzn-RequestId': '3eae9747-1d01-4f04-979d-fafd7a1dafd7', 'Content-Type': 'text/xml', 'Content-Length': '310', 'Date': 'Mon, 11 Dec 2023 21:29:17 GMT'}
2023-12-11 21:29:17,917 - MainThread - botocore.parsers - DEBUG - Response body:
b'<ErrorResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">\n <Error>\n <Type>Sender</Type>\n <Code>NoSuchEntity</Code>\n <Message>The Password Policy with domain name <acct> cannot be found.</Message>\n </Error>\n <RequestId>3eae9747-1d01-4f04-979d-fafd7a1dafd7</RequestId>\n</ErrorResponse>\n'
2023-12-11 21:29:17,917 - MainThread - botocore.hooks - DEBUG - Event needs-retry.iam.GetAccountPasswordPolicy: calling handler <bound method RetryHandler.needs_retry of <botocore.retries.standard.RetryHandler object at 0x7ff00d3c3190>>
2023-12-11 21:29:17,918 - MainThread - botocore.retries.standard - DEBUG - Not retrying request.
2023-12-11 21:29:17,918 - MainThread - botocore.hooks - DEBUG - Event after-call.iam.GetAccountPasswordPolicy: calling handler <function json_decode_policies at 0x7ff0109ff9c0>
2023-12-11 21:29:17,918 - MainThread - botocore.hooks - DEBUG - Event after-call.iam.GetAccountPasswordPolicy: calling handler <bound method RetryQuotaChecker.release_retry_quota of <botocore.retries.standard.RetryQuotaChecker object at 0x7ff00d3c2d90>>
2023-12-11 21:29:17,918 - MainThread - awscli.clidriver - DEBUG - Exception caught in main()
Traceback (most recent call last):
File "awscli/clidriver.py", line 460, in main
File "awscli/clidriver.py", line 595, in __call__
File "awscli/clidriver.py", line 798, in __call__
File "awscli/clidriver.py", line 929, in invoke
File "awscli/clidriver.py", line 941, in _make_client_call
File "awscli/botocore/client.py", line 342, in _api_call
File "awscli/botocore/client.py", line 701, in _make_api_call
botocore.errorfactory.NoSuchEntityException: An error occurred (NoSuchEntity) when calling the GetAccountPasswordPolicy operation: The Password Policy with domain name <acct> cannot be found.
An error occurred (NoSuchEntity) when calling the GetAccountPasswordPolicy operation: The Password Policy with domain name <acct> cannot be found.Examining the AWS console shows that I do in fact have an account password policy: If I edit the default password policy, like so: Then suddenly the CLI command works as expected: $> aws iam get-account-password-policy
{
"PasswordPolicy": {
"MinimumPasswordLength": 16,
"RequireSymbols": false,
"RequireNumbers": false,
"RequireUppercaseCharacters": false,
"RequireLowercaseCharacters": false,
"AllowUsersToChangePassword": false,
"ExpirePasswords": false,
"HardExpiry": false
}
}So it looks like the AWS API thinks that having the default password policy in place is equivalent to having no password policy set at all. This is incorrect. |
3 tasks
aBurmeseDev
changed the title
|
Apologies for the long silence here. I've reached out to IAM team to get their insight on this and will report back. (ref: V1439088932) |
aBurmeseDev
added
the
service-api
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
Hi Team, In my AWS Account after creating a custom password policy, called GetAccountPasswordPolicy API, it returns a proper response But when I delete the custom password policy and then hit the GetAccountPasswordPolicy API, the response shows
The Password Policy with domain name 12345678912 cannot be found.Expected Behavior
default password policy
Default Policy
Expected Response
Current Behavior
Default Policy
Current Response
Reproduction Steps
Possible Solution
Additional Information/Context
This is not specific to the aws-cli bug, it's problem with the AWS API. I just didn't know where else to report the bug.
CLI version used
NA
Environment details (OS name and version, etc.)
Windows 10, Postman
The text was updated successfully, but these errors were encountered: