You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A module to create a user and set associated properties. Also adds users to groups.
Inputs
Name
Description
Type
Default
Required
create_iam_access_key
Whether to create IAM access key
string
"true"
no
create_iam_user_login_profile
Whether to create IAM user login profile
string
"true"
no
create_user
Whether to create the IAM user
string
"true"
no
force_destroy
When destroying this user, destroy even if it has non-Terraform-managed IAM access keys, login profile or MFA devices. Without force_destroy a user with non-Terraform-managed access keys and login profile will fail to be destroyed.
string
"true"
no
name
Desired name for the IAM user
string
n/a
yes
password_length
The length of the generated password
string
"15"
no
password_reset_required
Whether the user should be forced to reset the generated password on first login.
string
"true"
no
path
Desired path for the IAM user
string
"/"
no
permissions_boundary
The ARN of the policy that is used to set the permissions boundary for the user.
string
""
no
pgp_key
Either a base-64 encoded PGP public key, or a keybase username in the form keybase:username. Used to encrypt password and access key.
string
""
no
ssh_key_encoding
Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use SSH. To retrieve the public key in PEM format, use PEM
string
"SSH"
no
ssh_public_key
The SSH public key. The public key must be encoded in ssh-rsa format or PEM format
string
""
no
upload_iam_user_ssh_key
Whether to upload a public ssh key to the IAM user
string
"false"
no
user_groups
List of associated groups for the user is a member of
list
n/a
yes
Outputs
Name
Description
keybase_password_decrypt_command
keybase_password_pgp_message
keybase_secret_key_decrypt_command
keybase_secret_key_pgp_message
pgp_key
PGP key used to encrypt sensitive data for this user (if empty - secrets are not encrypted)
this_iam_access_key_encrypted_secret
The encrypted secret, base64 encoded
this_iam_access_key_id
The access key ID
this_iam_access_key_key_fingerprint
The fingerprint of the PGP key used to encrypt the secret
this_iam_access_key_secret
The access key secret
this_iam_access_key_ses_smtp_password
The secret access key converted into an SES SMTP password
this_iam_access_key_status
Active or Inactive. Keys are initially active, but can be made inactive by other means.
this_iam_user_arn
The ARN assigned by AWS for this user
this_iam_user_login_profile_encrypted_password
The encrypted password, base64 encoded
this_iam_user_login_profile_key_fingerprint
The fingerprint of the PGP key used to encrypt the password