I have provided the user with IAMReadOnlyAccess. When this user logs in to the console and accesses IAM Dashboard an error comes up with the message that the user does not have access to iam:GetAccountSummary. I had to create a separate policy to provide this access as following
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": "iam:GetAccountSummary",
"Resource": "*"
}
]
}
Why this permission is required separately even though a user has been assigned the built-in policy IAMReadOnlyAccess?