An error is reported when STS uses Java SDK to generate an on-demand account password. The following error message is returned:
Error message: You are not authorized to do this action. You should be authorized by RAM
This problem occurs because the AliyunSTSAssumeRoleAccess permission is not assigned to the account for authorization.
To resolve the problem, add the system authorization policy AliyunSTSAssumeRoleAccess to the account in the RAM console.