在禁用IAM控制台访问的情况下创建的Terraform预配置IAM用户 [英] Terraform provisioned IAM user created with IAM Console access disabled

问题描述

我正在Terraform配置中通过keybase.io PGP生成凭据.我可以确认通过aws-cli可以成功访问新用户.

I'm generating credentials via keybase.io PGP in my Terraform config. I can confirm access via aws-cli is successful for the new user.

但是，控制台访问保持禁用状态.是否可以使用启用了控制台访问权限的Terraform创建用户?

However, Console access remains disabled. Is there a way to create a user with Terraform with the console access enabled?

我很欣赏Terraform的反模式，但是我希望我的新用户能够登录控制台UI进行验证/调试.

I appreciate that's a bit of an anti-pattern for Terraform, but I'd like my new user to be able to log in to the Console UI to validate/debug.

更新1

Terraform模块:

Terraform module:

https://registry.terraform.io/modules/terraform-aws-modules/iam/aws/0.0.4

https://github .com/terraform-aws-modules/terraform-aws-iam/tree/master/modules/iam-user

user.tf:

module "user" {
  source = "terraform-aws-modules/iam/aws//modules/iam-user"
  name = "user"
  pgp_key = "keybase:foo"
}

推荐答案

您需要使用aws_iam_user_login_profile启用控制台登录.可以在此处找到Terraform文档.您也可以参考此 stackoverflow问题.

You need to enable console login using aws_iam_user_login_profile. Terraform documentation for this can be found here. You can also refer this stackoverflow question.

这篇关于在禁用IAM控制台访问的情况下创建的Terraform预配置IAM用户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！