在禁用 IAM 控制台访问的情况下创建的 Terraform 预置 IAM 用户 [英] Terraform provisioned IAM user created with IAM Console access disabled
问题描述
我在 Terraform 配置中通过 keybase.io PGP 生成凭据.我可以确认新用户通过 aws-cli 访问成功.
I'm generating credentials via keybase.io PGP in my Terraform config. I can confirm access via aws-cli is successful for the new user.
但是,控制台访问仍然被禁用.有没有办法在启用控制台访问的情况下使用 Terraform 创建用户?
However, Console access remains disabled. Is there a way to create a user with Terraform with the console access enabled?
我很欣赏这对于 Terraform 来说有点反模式,但我希望我的新用户能够登录到控制台 UI 以进行验证/调试.
I appreciate that's a bit of an anti-pattern for Terraform, but I'd like my new user to be able to log in to the Console UI to validate/debug.
更新 1
地形模块:
https://registry.terraform.io/modules/terraform-aws-modules/iam/aws/0.0.4
https://github.com/terraform-aws-modules/terraform-aws-iam/tree/master/modules/iam-user
user.tf:
module "user" {
source = "terraform-aws-modules/iam/aws//modules/iam-user"
name = "user"
pgp_key = "keybase:foo"
}
推荐答案
您需要使用 aws_iam_user_login_profile
启用控制台登录.可以在这里找到有关此的 Terraform 文档.您也可以参考 this stackoverflow 问题.
You need to enable console login using aws_iam_user_login_profile
. Terraform documentation for this can be found here. You can also refer this stackoverflow question.
这篇关于在禁用 IAM 控制台访问的情况下创建的 Terraform 预置 IAM 用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!