» aws_iam_user_login_profile

Provides one-time creation of a IAM user login profile, and uses PGP to encrypt the password for safe transport to the user. PGP keys can be obtained from Keybase.

» Example Usage

resource "aws_iam_user" "u" {
  name          = "auser"
  path          = "/"
  force_destroy = true

resource "aws_iam_user_login_profile" "u" {
  user    = "${aws_iam_user.u.name}"
  pgp_key = "keybase:some_person_that_exists"

output "password" {
  value = "${aws_iam_user_login_profile.u.encrypted_password}"

» Argument Reference

The following arguments are supported:

  • user - (Required) The IAM user's name.
  • pgp_key - (Required) Either a base-64 encoded PGP public key, or a keybase username in the form keybase:username.
  • password_reset_required - (Optional, default "true") Whether the user should be forced to reset the generated password on first login.
  • password_length - (Optional, default 20) The length of the generated password.

» Attributes Reference

In addition to all arguments above, the following attributes are exported:

» Import

IAM Login Profiles may not be imported.