| 12345678910111213141516171819202122232425262728293031323334353637383940414243 |
- resource "aws_iam_user" "testuser" {
- name = "testuser"
- path = "/FIAMS/"
- tags = {
- project = "FIAMS"
- }
- force_destroy = true
- }
- data "template_file" "FIAM-TESTING-assume_any_fiam_role" {
- template = "${file("../policies/FIAM-TESTING-assume_any_fiam_role.json")}"
- vars = {
- account = "${data.aws_caller_identity.current.account_id}"
- }
- }
- resource "aws_iam_policy" "FIAM-TESTING-assume_any_fiam_role" {
- name = "FIAM-TESTING-assume_any_fiam_role"
- description = "Assume any FIAM role"
- policy = "${data.template_file.FIAM-TESTING-assume_any_fiam_role.rendered}"
- }
- resource "aws_iam_user_policy_attachment" "FIAM-TESTING-assume_any_fiam_role" {
- user = "${aws_iam_user.testuser.name}"
- policy_arn = "${aws_iam_policy.FIAM-TESTING-assume_any_fiam_role.arn}"
- }
- resource "aws_iam_user_login_profile" "testuser" {
- user = "${aws_iam_user.testuser.name}"
- pgp_key = "keybase:fdamstra"
- }
- output "testuser_password" {
- # to decrypt, run: terraform output testuser_password | base64 --decode | keybase --standalone pgp decrypt
- value = "${aws_iam_user_login_profile.testuser.encrypted_password}"
- }
- output "testuser_password_instructions" {
- value = "Execute: terraform output testuser_password | base64 --decode | keybase --standalone pgp decrypt"
- }
|
