Users not able to change password

[wonko]

Description

The change made in https://github.com/terraform-aws-modules/terraform-aws-iam/commit/eb5b21840bdb1e5549c24200920250692844bcee breaks the signup-flow for new users.

• [X] ✋ I have searched the open/closed issues and my issue is not listed.

Versions

• Module version [Required]: latest

• Terraform version: latest tofu

• Provider version(s): latest

Reproduction Code [Required]

module "iam_user" {
  source = "terraform-aws-modules/iam/aws//modules/iam-user"

  for_each = local.users

  name = each.key

  password_reset_required = true
  create_iam_access_key   = false
}

module "iam-group-with-policies" {
  source = "terraform-aws-modules/iam/aws//modules/iam-group-with-policies"

  name = "all-users-basic-policy"

  attach_iam_self_management_policy = true

  group_users = [for u in module.iam_user : u.iam_user_name]
}

Expected behavior

Users can sign in with the generated password, and are asked and allowed to change their password upon first login.

Actual behavior

Error on the change-password signin screen in the console

"Either user is not authorized to perform iam:ChangePassword or entered password does not comply with account password policy set by administrator"

Additional context

Mistake was made on commit https://github.com/terraform-aws-modules/terraform-aws-iam/commit/eb5b21840bdb1e5549c24200920250692844bcee, I already prepped a PR to revert here: https://github.com/terraform-aws-modules/terraform-aws-iam/pull/470

[antonbabenko]

This issue has been resolved in version 5.37.2 :tada:

[github-actions[bot]]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.