pulumi-aws-kotlin/com.pulumi.aws.iam.kotlin/UserLoginProfileArgs

UserLoginProfileArgs

data class UserLoginProfileArgs(val passwordLength: Output<Int>? = null, val passwordResetRequired: Output<Boolean>? = null, val pgpKey: Output<String>? = null, val user: Output<String>? = null) : ConvertibleToJava<UserLoginProfileArgs>

Manages an IAM User Login Profile with limited support for password creation during this provider resource creation. Uses PGP to encrypt the password for safe transport to the user. PGP keys can be obtained from Keybase.

To reset an IAM User login password via this provider, you can use delete and recreate this resource or change any of the arguments.

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.iam.User;
import com.pulumi.aws.iam.UserArgs;
import com.pulumi.aws.iam.UserLoginProfile;
import com.pulumi.aws.iam.UserLoginProfileArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var exampleUser = new User("exampleUser", UserArgs.builder()
            .path("/")
            .forceDestroy(true)
            .build());
        var exampleUserLoginProfile = new UserLoginProfile("exampleUserLoginProfile", UserLoginProfileArgs.builder()
            .user(exampleUser.name())
            .pgpKey("keybase:some_person_that_exists")
            .build());
        ctx.export("password", exampleUserLoginProfile.encryptedPassword());
    }
}
Content copied to clipboard

Import

IAM User Login Profiles can be imported without password information support via the IAM User name, e.g.,

$ pulumi import aws:iam/userLoginProfile:UserLoginProfile example myusername
Content copied to clipboard

Since this provider has no method to read the PGP or password information during import, use ignore_changes argument to ignore them unless password recreation is desired. e.g. terraform resource "aws_iam_user_login_profile" "example" {

... other configuration ...

lifecycle { ignore_changes = password_length, password_reset_required, pgp_key, } }

Constructors

Link copied to clipboard
fun UserLoginProfileArgs(passwordLength: Output<Int>? = null, passwordResetRequired: Output<Boolean>? = null, pgpKey: Output<String>? = null, user: Output<String>? = null)

Functions

Link copied to clipboard
open override fun toJava(): UserLoginProfileArgs

Properties

Link copied to clipboard
val passwordLength: Output<Int>? = null

The length of the generated password on resource creation. Only applies on resource creation. Drift detection is not possible with this argument. Default value is 20.

Link copied to clipboard
val passwordResetRequired: Output<Boolean>? = null

Whether the user should be forced to reset the generated password on resource creation. Only applies on resource creation.

Link copied to clipboard
val pgpKey: Output<String>? = null

Either a base-64 encoded PGP public key, or a keybase username in the form keybase:username. Only applies on resource creation. Drift detection is not possible with this argument.

Link copied to clipboard
val user: Output<String>? = null

The IAM user's name.