问题描述
我正在Terraform配置中通过keybase.io PGP生成凭据.我可以确认通过aws-cli可以成功访问新用户.
I'm generating credentials via keybase.io PGP in my Terraform config. I can confirm access via aws-cli is successful for the new user.
但是,控制台访问保持禁用状态.是否可以使用启用了控制台访问权限的Terraform创建用户?
However, Console access remains disabled. Is there a way to create a user with Terraform with the console access enabled?
我很欣赏Terraform的反模式,但是我希望我的新用户能够登录控制台UI进行验证/调试.
I appreciate that's a bit of an anti-pattern for Terraform, but I'd like my new user to be able to log in to the Console UI to validate/debug.
更新1
Terraform模块:
Terraform module:
https://registry.terraform.io/modules/terraform-aws-modules/iam/aws/0.0.4
https://github .com/terraform-aws-modules/terraform-aws-iam/tree/master/modules/iam-user
user.tf:
module "user" {
source = "terraform-aws-modules/iam/aws//modules/iam-user"
name = "user"
pgp_key = "keybase:foo"
}
推荐答案
您需要使用aws_iam_user_login_profile
启用控制台登录.可以在此处找到Terraform文档.您也可以参考此 stackoverflow问题.
You need to enable console login using aws_iam_user_login_profile
. Terraform documentation for this can be found here. You can also refer this stackoverflow question.
这篇关于在禁用IAM控制台访问的情况下创建的Terraform预配置IAM用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!