Can you provide a sample code for implementing an AWS IAM (Identity and Access Management) user creation in TypeScript

Question

Pulumi · Accepted Answer

Creating an AWS IAM user using Pulumi involves declaring a resource of type `aws.iam.User` in your Pulumi program. This resource represents an IAM user within AWS, and you can configure properties such as the user's name, associated IAM policies, and other settings.

Below is a TypeScript program that demonstrates how to create a simple IAM user with Pulumi. This program uses the `@pulumi/aws` package, which is the Pulumi AWS provider. The IAM user created by this program does not have any permissions attached. Usually, you would attach either managed policies or inline policies to grant the user necessary permissions, but for this example, we will just create a user without any permissions.

Make sure you have installed the `@pulumi/aws` package before running this program.

```shell
npm install @pulumi/aws
```

Here's the Pulumi program in TypeScript:

```typescript
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

// Create an IAM user
const iamUser = new aws.iam.User("my-user", {
    name: "my-user", // Specify the desired username. Must be unique within the AWS account.
    // paths, tags, and other properties can be set as needed.
});

// To export the user's name
export const userName = iamUser.name;
```

This program first imports the necessary modules from `@pulumi/pulumi` and `@pulumi/aws`. We then create an IAM user by constructing an instance of `aws.iam.User`. The parameter `'my-user'` is a logical name for the Pulumi resource and does not have to match the IAM user's name specified in the properties.

The `export` at the end of the program will output the name of the created IAM user once the Pulumi program has been applied.

To apply this Pulumi program, you typically run `pulumi up` in your command-line interface. This command will start the provisioning process where Pulumi will make the necessary calls to AWS to create the resources.

Please note that to run Pulumi programs, you must have the Pulumi CLI installed and configured with appropriate cloud credentials. You should also have the AWS CLI configured with the credentials of an AWS account with sufficient permissions to create IAM users and apply IAM policies.