Creates a password for the specified IAM user. A password allows an IAM user to access Amazon Web Services services through the Amazon Web Services Management Console.

You can use the CLI, the Amazon Web Services API, or the Users page in the IAM console to create a password for any IAM user. Use ChangePassword to update your own existing password in the My Security Credentials page in the Amazon Web Services Management Console.

For more information about managing passwords, see Managing passwords in the IAM User Guide .

See also: AWS API Documentation

Request Syntax

response = client.create_login_profile(
  • UserName (string) --


    The name of the IAM user to create a password for. The user must already exist.

    This parameter allows (through its regex pattern ) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-

  • Password (string) --


    The new password for the user.

    The regex pattern that is used to validate this parameter is a string of characters. That string can include almost any printable ASCII character from the space ( \u0020 ) through the end of the ASCII character range ( \u00FF ). You can also include the tab ( \u0009 ), line feed ( \u000A ), and carriage return ( \u000D ) characters. Any of these characters are valid in a password. However, many tools, such as the Amazon Web Services Management Console, might restrict the ability to type certain characters because they have special meaning within that tool.

  • PasswordResetRequired (boolean) -- Specifies whether the user is required to set a new password on next sign-in.
Return type



Response Syntax

    'LoginProfile': {
        'UserName': 'string',
        'CreateDate': datetime(2015, 1, 1),
        'PasswordResetRequired': True|False

Response Structure

  • (dict) --

    Contains the response to a successful CreateLoginProfile request.

    • LoginProfile (dict) --

      A structure containing the user name and password create date.

      • UserName (string) --

        The name of the user, which can be used for signing in to the Amazon Web Services Management Console.

      • CreateDate (datetime) --

        The date when the password for the user was created.

      • PasswordResetRequired (boolean) --

        Specifies whether the user is required to set a new password on next sign-in.


  • IAM.Client.exceptions.EntityAlreadyExistsException
  • IAM.Client.exceptions.NoSuchEntityException
  • IAM.Client.exceptions.PasswordPolicyViolationException
  • IAM.Client.exceptions.LimitExceededException
  • IAM.Client.exceptions.ServiceFailureException


The following command changes IAM user Bob's password and sets the flag that required Bob to change the password the next time he signs in.

response = client.create_login_profile(


Expected Output:

    'LoginProfile': {
        'CreateDate': datetime(2015, 3, 10, 20, 55, 40, 1, 69, 0),
        'PasswordResetRequired': True,
        'UserName': 'Bob',
    'ResponseMetadata': {
        '...': '...',