diff --git a/cmd/admin-handlers-users.go b/cmd/admin-handlers-users.go
index 005847331..e44ba94b1 100644
--- a/cmd/admin-handlers-users.go
+++ b/cmd/admin-handlers-users.go
@@ -1543,6 +1543,7 @@ const (
 	groupPolicyMappingsFile    = "group_mappings.json"
 	stsUserPolicyMappingsFile  = "stsuser_mappings.json"
 	stsGroupPolicyMappingsFile = "stsgroup_mappings.json"
+	iamAssetsDir               = "iam-assets"
 )
 
 // ExportIAMHandler - exports all iam info as a zipped file
@@ -1594,8 +1595,9 @@ func (a adminAPIHandlers) ExportIAM(w http.ResponseWriter, r *http.Request) {
 		stsUserPolicyMappingsFile,
 		stsGroupPolicyMappingsFile,
 	}
-	for _, iamFile := range iamFiles {
-		switch iamFile {
+	for _, f := range iamFiles {
+		iamFile := pathJoin(iamAssetsDir, f)
+		switch f {
 		case allPoliciesFile:
 			allPolicies, err := globalIAMSys.ListPolicies(ctx, "")
 			if err != nil {
@@ -1821,7 +1823,8 @@ func (a adminAPIHandlers) ImportIAM(w http.ResponseWriter, r *http.Request) {
 	}
 	// import policies first
 	{
-		f, err := zr.Open(allPoliciesFile)
+
+		f, err := zr.Open(pathJoin(iamAssetsDir, allPoliciesFile))
 		switch {
 		case errors.Is(err, os.ErrNotExist):
 		case err != nil:
@@ -1856,7 +1859,7 @@ func (a adminAPIHandlers) ImportIAM(w http.ResponseWriter, r *http.Request) {
 
 	// import users
 	{
-		f, err := zr.Open(allUsersFile)
+		f, err := zr.Open(pathJoin(iamAssetsDir, allUsersFile))
 		switch {
 		case errors.Is(err, os.ErrNotExist):
 		case err != nil:
@@ -1933,7 +1936,7 @@ func (a adminAPIHandlers) ImportIAM(w http.ResponseWriter, r *http.Request) {
 
 	// import groups
 	{
-		f, err := zr.Open(allGroupsFile)
+		f, err := zr.Open(pathJoin(iamAssetsDir, allGroupsFile))
 		switch {
 		case errors.Is(err, os.ErrNotExist):
 		case err != nil:
@@ -1971,7 +1974,7 @@ func (a adminAPIHandlers) ImportIAM(w http.ResponseWriter, r *http.Request) {
 
 	// import service accounts
 	{
-		f, err := zr.Open(allSvcAcctsFile)
+		f, err := zr.Open(pathJoin(iamAssetsDir, allSvcAcctsFile))
 		switch {
 		case errors.Is(err, os.ErrNotExist):
 		case err != nil:
@@ -2067,7 +2070,7 @@ func (a adminAPIHandlers) ImportIAM(w http.ResponseWriter, r *http.Request) {
 
 	// import user policy mappings
 	{
-		f, err := zr.Open(userPolicyMappingsFile)
+		f, err := zr.Open(pathJoin(iamAssetsDir, userPolicyMappingsFile))
 		switch {
 		case errors.Is(err, os.ErrNotExist):
 		case err != nil:
@@ -2106,7 +2109,7 @@ func (a adminAPIHandlers) ImportIAM(w http.ResponseWriter, r *http.Request) {
 
 	// import group policy mappings
 	{
-		f, err := zr.Open(groupPolicyMappingsFile)
+		f, err := zr.Open(pathJoin(iamAssetsDir, groupPolicyMappingsFile))
 		switch {
 		case errors.Is(err, os.ErrNotExist):
 		case err != nil:
@@ -2135,7 +2138,7 @@ func (a adminAPIHandlers) ImportIAM(w http.ResponseWriter, r *http.Request) {
 
 	// import sts user policy mappings
 	{
-		f, err := zr.Open(stsUserPolicyMappingsFile)
+		f, err := zr.Open(pathJoin(iamAssetsDir, stsUserPolicyMappingsFile))
 		switch {
 		case errors.Is(err, os.ErrNotExist):
 		case err != nil:
@@ -2174,7 +2177,7 @@ func (a adminAPIHandlers) ImportIAM(w http.ResponseWriter, r *http.Request) {
 
 	// import sts group policy mappings
 	{
-		f, err := zr.Open(stsGroupPolicyMappingsFile)
+		f, err := zr.Open(pathJoin(iamAssetsDir, stsGroupPolicyMappingsFile))
 		switch {
 		case errors.Is(err, os.ErrNotExist):
 		case err != nil: