/
user.go
290 lines (244 loc) · 9.51 KB
/
user.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
// Code generated by Pulumi SDK Generator DO NOT EDIT.
// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! ***
package awsiam
import (
"context"
"reflect"
"errors"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
// This resources helps you create an IAM User, Login Profile, and Access Key. Additionally you
// can optionally upload an IAM SSH User Public Key.
//
// ## Example Usage
// ### User
//
// ```go
// package main
//
// import (
//
// iam "github.com/pulumi/pulumi-aws-iam/sdk/go/aws-iam"
// "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
//
// )
//
// func main() {
// pulumi.Run(func(ctx *pulumi.Context) error {
// user, err := iam.NewUser(ctx, "user", &iam.UserArgs{
// Name: pulumi.String("pulumipus"),
// ForceDestroy: pulumi.BoolPtr(true),
// PgpKey: pulumi.String("keybase:test"),
// PasswordResetRequired: pulumi.BoolPtr(false),
// })
// if err != nil {
// return err
// }
//
// ctx.Export("user", user)
//
// return nil
// })
// }
//
// ```
// {{ /example }}
type User struct {
pulumi.ResourceState
// The IAM access key.
AccessKey AccessKeyOutputOutput `pulumi:"accessKey"`
Keybase KeybaseOutputOutput `pulumi:"keybase"`
// PGP key used to encrypt sensitive data for this user (if empty - secrets are not encrypted).
PgpKey pulumi.StringOutput `pulumi:"pgpKey"`
// The IAM user.
UserInfo UserOutputTypeOutput `pulumi:"userInfo"`
}
// NewUser registers a new resource with the given unique name, arguments, and options.
func NewUser(ctx *pulumi.Context,
name string, args *UserArgs, opts ...pulumi.ResourceOption) (*User, error) {
if args == nil {
return nil, errors.New("missing one or more required arguments")
}
if args.Name == nil {
return nil, errors.New("invalid value for required argument 'Name'")
}
if args.Path == nil {
args.Path = pulumi.StringPtr("/")
}
if args.SshKeyEncoding == nil {
args.SshKeyEncoding = pulumi.StringPtr("SSH")
}
var resource User
err := ctx.RegisterRemoteComponentResource("aws-iam:index:User", name, args, &resource, opts...)
if err != nil {
return nil, err
}
return &resource, nil
}
type userArgs struct {
// When destroying this user, destroy even if it has non-Pulumi-managed IAM access keys, login profile or MFA devices. Without forceDestroy a user with non-Pulumi-managed access keys and login profile will fail to be destroyed.
ForceDestroy *bool `pulumi:"forceDestroy"`
// Desired name for the IAM user.
Name string `pulumi:"name"`
// The length of the generated password
PasswordLength *int `pulumi:"passwordLength"`
// Whether the user should be forced to reset the generated password on first login.
PasswordResetRequired *bool `pulumi:"passwordResetRequired"`
// Desired path for the IAM user.
Path *string `pulumi:"path"`
// The ARN of the policy that is used to set the permissions boundary for the user.
PermissionsBoundary *string `pulumi:"permissionsBoundary"`
// Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`. Used to encrypt password and access key.
PgpKey *string `pulumi:"pgpKey"`
// Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use SSH. To retrieve the public key in PEM format, use PEM.
SshKeyEncoding *string `pulumi:"sshKeyEncoding"`
// The SSH public key. The public key must be encoded in ssh-rsa format or PEM format.
SshPublicKey *string `pulumi:"sshPublicKey"`
// A map of tags to add.
Tags map[string]string `pulumi:"tags"`
// Whether to upload a public ssh key to the IAM user.
UploadIamUserSshKey *bool `pulumi:"uploadIamUserSshKey"`
}
// The set of arguments for constructing a User resource.
type UserArgs struct {
// When destroying this user, destroy even if it has non-Pulumi-managed IAM access keys, login profile or MFA devices. Without forceDestroy a user with non-Pulumi-managed access keys and login profile will fail to be destroyed.
ForceDestroy pulumi.BoolPtrInput
// Desired name for the IAM user.
Name pulumi.StringInput
// The length of the generated password
PasswordLength pulumi.IntPtrInput
// Whether the user should be forced to reset the generated password on first login.
PasswordResetRequired pulumi.BoolPtrInput
// Desired path for the IAM user.
Path pulumi.StringPtrInput
// The ARN of the policy that is used to set the permissions boundary for the user.
PermissionsBoundary pulumi.StringPtrInput
// Either a base-64 encoded PGP public key, or a keybase username in the form `keybase:username`. Used to encrypt password and access key.
PgpKey pulumi.StringPtrInput
// Specifies the public key encoding format to use in the response. To retrieve the public key in ssh-rsa format, use SSH. To retrieve the public key in PEM format, use PEM.
SshKeyEncoding pulumi.StringPtrInput
// The SSH public key. The public key must be encoded in ssh-rsa format or PEM format.
SshPublicKey pulumi.StringPtrInput
// A map of tags to add.
Tags pulumi.StringMapInput
// Whether to upload a public ssh key to the IAM user.
UploadIamUserSshKey pulumi.BoolPtrInput
}
func (UserArgs) ElementType() reflect.Type {
return reflect.TypeOf((*userArgs)(nil)).Elem()
}
type UserInput interface {
pulumi.Input
ToUserOutput() UserOutput
ToUserOutputWithContext(ctx context.Context) UserOutput
}
func (*User) ElementType() reflect.Type {
return reflect.TypeOf((**User)(nil)).Elem()
}
func (i *User) ToUserOutput() UserOutput {
return i.ToUserOutputWithContext(context.Background())
}
func (i *User) ToUserOutputWithContext(ctx context.Context) UserOutput {
return pulumi.ToOutputWithContext(ctx, i).(UserOutput)
}
// UserArrayInput is an input type that accepts UserArray and UserArrayOutput values.
// You can construct a concrete instance of `UserArrayInput` via:
//
// UserArray{ UserArgs{...} }
type UserArrayInput interface {
pulumi.Input
ToUserArrayOutput() UserArrayOutput
ToUserArrayOutputWithContext(context.Context) UserArrayOutput
}
type UserArray []UserInput
func (UserArray) ElementType() reflect.Type {
return reflect.TypeOf((*[]*User)(nil)).Elem()
}
func (i UserArray) ToUserArrayOutput() UserArrayOutput {
return i.ToUserArrayOutputWithContext(context.Background())
}
func (i UserArray) ToUserArrayOutputWithContext(ctx context.Context) UserArrayOutput {
return pulumi.ToOutputWithContext(ctx, i).(UserArrayOutput)
}
// UserMapInput is an input type that accepts UserMap and UserMapOutput values.
// You can construct a concrete instance of `UserMapInput` via:
//
// UserMap{ "key": UserArgs{...} }
type UserMapInput interface {
pulumi.Input
ToUserMapOutput() UserMapOutput
ToUserMapOutputWithContext(context.Context) UserMapOutput
}
type UserMap map[string]UserInput
func (UserMap) ElementType() reflect.Type {
return reflect.TypeOf((*map[string]*User)(nil)).Elem()
}
func (i UserMap) ToUserMapOutput() UserMapOutput {
return i.ToUserMapOutputWithContext(context.Background())
}
func (i UserMap) ToUserMapOutputWithContext(ctx context.Context) UserMapOutput {
return pulumi.ToOutputWithContext(ctx, i).(UserMapOutput)
}
type UserOutput struct{ *pulumi.OutputState }
func (UserOutput) ElementType() reflect.Type {
return reflect.TypeOf((**User)(nil)).Elem()
}
func (o UserOutput) ToUserOutput() UserOutput {
return o
}
func (o UserOutput) ToUserOutputWithContext(ctx context.Context) UserOutput {
return o
}
// The IAM access key.
func (o UserOutput) AccessKey() AccessKeyOutputOutput {
return o.ApplyT(func(v *User) AccessKeyOutputOutput { return v.AccessKey }).(AccessKeyOutputOutput)
}
func (o UserOutput) Keybase() KeybaseOutputOutput {
return o.ApplyT(func(v *User) KeybaseOutputOutput { return v.Keybase }).(KeybaseOutputOutput)
}
// PGP key used to encrypt sensitive data for this user (if empty - secrets are not encrypted).
func (o UserOutput) PgpKey() pulumi.StringOutput {
return o.ApplyT(func(v *User) pulumi.StringOutput { return v.PgpKey }).(pulumi.StringOutput)
}
// The IAM user.
func (o UserOutput) UserInfo() UserOutputTypeOutput {
return o.ApplyT(func(v *User) UserOutputTypeOutput { return v.UserInfo }).(UserOutputTypeOutput)
}
type UserArrayOutput struct{ *pulumi.OutputState }
func (UserArrayOutput) ElementType() reflect.Type {
return reflect.TypeOf((*[]*User)(nil)).Elem()
}
func (o UserArrayOutput) ToUserArrayOutput() UserArrayOutput {
return o
}
func (o UserArrayOutput) ToUserArrayOutputWithContext(ctx context.Context) UserArrayOutput {
return o
}
func (o UserArrayOutput) Index(i pulumi.IntInput) UserOutput {
return pulumi.All(o, i).ApplyT(func(vs []interface{}) *User {
return vs[0].([]*User)[vs[1].(int)]
}).(UserOutput)
}
type UserMapOutput struct{ *pulumi.OutputState }
func (UserMapOutput) ElementType() reflect.Type {
return reflect.TypeOf((*map[string]*User)(nil)).Elem()
}
func (o UserMapOutput) ToUserMapOutput() UserMapOutput {
return o
}
func (o UserMapOutput) ToUserMapOutputWithContext(ctx context.Context) UserMapOutput {
return o
}
func (o UserMapOutput) MapIndex(k pulumi.StringInput) UserOutput {
return pulumi.All(o, k).ApplyT(func(vs []interface{}) *User {
return vs[0].(map[string]*User)[vs[1].(string)]
}).(UserOutput)
}
func init() {
pulumi.RegisterInputType(reflect.TypeOf((*UserInput)(nil)).Elem(), &User{})
pulumi.RegisterInputType(reflect.TypeOf((*UserArrayInput)(nil)).Elem(), UserArray{})
pulumi.RegisterInputType(reflect.TypeOf((*UserMapInput)(nil)).Elem(), UserMap{})
pulumi.RegisterOutputType(UserOutput{})
pulumi.RegisterOutputType(UserArrayOutput{})
pulumi.RegisterOutputType(UserMapOutput{})
}