AWS IAM

Pulumi Official
Package maintained by Pulumi
v0.0.3 published on Wednesday, Jun 1, 2022 by Pulumi

Account

This resource helps you manage an Iam Account’s Alias and Password Policy. If your IAM Account Alias was previously set (either via the AWS console or when AWS created your Account) you will see an error like the below:

    * Aws_iam_account_alias.this: Error creating account alias with name my-account-alias

If you want to manage you Alias using Pulumi you will need to import this resource.

Example Usage

using Pulumi;
using Pulumi.AwsIam;
using Pulumi.AwsIam.Inputs;

class MyStack : Stack
{
    public MyStack()
    {
        var account = new Account("account", new AccountArgs
        {
            AccountAlias = "cool-alias",
            PasswordPolicy=new AccountPasswordPolicyArgs
            {
                MinimumLength = 37,
                RequireNumbers = false,
                AllowUsersToChange = true,
                HardExpiry = true,
                RequireSymbols = true,
                RequireLowercaseCharacters = true,
                RequireUppercaseCharacters = true,
            }

        });

        this.Account = Output.Create<Account>(account);
    }

    [Output]
    public Output<Account> Account { get; set; }
}
package main

import (
    iam "github.com/pulumi/pulumi-aws-iam/sdk/go/aws-iam"
    "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {
        account, err := iam.NewAccount(ctx, "account", &iam.AccountArgs{
            AccountAlias: pulumi.String("cool-alias"),
            PasswordPolicy: iam.AccountPasswordPolicyArgs{
                MinimumLength:              pulumi.IntPtr(37),
                RequireNumbers:             pulumi.Bool(false),
                AllowUsersToChange:         pulumi.Bool(true),
                HardExpiry:                 pulumi.Bool(true),
                RequireSymbols:             pulumi.Bool(true),
                RequireLowercaseCharacters: pulumi.Bool(true),
                RequireUppercaseCharacters: pulumi.Bool(true),
            },
        })
        if err != nil {
            return err
        }

        ctx.Export("account", account)

        return nil
    })
}

Coming soon!

import pulumi
import pulumi_aws_iam as iam

account = iam.Account(
    'account',
    account_alias='cool-alias',
    password_policy=iam.AccountPasswordPolicyArgs(
        minimum_length=37,
        require_numbers=False,
        allow_users_to_change=True,
        hard_expiry=True,
        require_symbols=True,
        require_lowercase_characters=True,
        require_uppercase_characters=True,
    )
)

pulumi.export('account', account)
import * as iam from "@pulumi/aws-iam";

export const account = new iam.Account("account", {
    accountAlias: "cool-alias",
    passwordPolicy: {
        minimumLength: 37,
        requireNumbers: false,
        allowUsersToChange: true,
        hardExpiry: true,
        requireSymbols: true,
        requireLowercaseCharacters: true,
        requireUppercaseCharacters: true,
    },
});
name: awsiam-yaml
runtime: yaml
resources:
    account:
        type: "aws-iam:index:Account"
        properties:
            accountAlias: "cool-alias"
            passwordPolicy:
                minimumLength: 37
                requireNumbers: false
                allowUsersToChange: true
                hardExpiry: true
                requireSymbols: true
                requireLowercaseCharacters: true
                requireUppercaseCharacters: true
outputs:
    account: ${account}

Create a Account Resource

new Account(name: string, args: AccountArgs, opts?: CustomResourceOptions);
@overload
def Account(resource_name: str,
            opts: Optional[ResourceOptions] = None,
            account_alias: Optional[str] = None,
            password_policy: Optional[AccountPasswordPolicyArgs] = None)
@overload
def Account(resource_name: str,
            args: AccountArgs,
            opts: Optional[ResourceOptions] = None)
func NewAccount(ctx *Context, name string, args AccountArgs, opts ...ResourceOption) (*Account, error)
public Account(string name, AccountArgs args, CustomResourceOptions? opts = null)
public Account(String name, AccountArgs args)
public Account(String name, AccountArgs args, CustomResourceOptions options)
type: aws-iam:Account
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args AccountArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args AccountArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args AccountArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args AccountArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args AccountArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Account Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Account resource accepts the following input properties:

AccountAlias string

AWS IAM account alias for this account.

PasswordPolicy Pulumi.AwsIam.Inputs.AccountPasswordPolicyArgs

Options to specify complexity requirements and mandatory rotation periods for your IAM users' passwords. If left empty the default AWS password policy will be applied.

AccountAlias string

AWS IAM account alias for this account.

PasswordPolicy AccountPasswordPolicyArgs

Options to specify complexity requirements and mandatory rotation periods for your IAM users' passwords. If left empty the default AWS password policy will be applied.

accountAlias String

AWS IAM account alias for this account.

passwordPolicy AccountPasswordPolicyArgs

Options to specify complexity requirements and mandatory rotation periods for your IAM users' passwords. If left empty the default AWS password policy will be applied.

accountAlias string

AWS IAM account alias for this account.

passwordPolicy AccountPasswordPolicyArgs

Options to specify complexity requirements and mandatory rotation periods for your IAM users' passwords. If left empty the default AWS password policy will be applied.

account_alias str

AWS IAM account alias for this account.

password_policy AccountPasswordPolicyArgs

Options to specify complexity requirements and mandatory rotation periods for your IAM users' passwords. If left empty the default AWS password policy will be applied.

accountAlias String

AWS IAM account alias for this account.

passwordPolicy Property Map

Options to specify complexity requirements and mandatory rotation periods for your IAM users' passwords. If left empty the default AWS password policy will be applied.

Outputs

All input properties are implicitly available as output properties. Additionally, the Account resource produces the following output properties:

Arn string

The AWS ARN associated with the calling entity.

Id string

The AWS Account ID number of the account that owns or contains the calling entity.

Id string

The provider-assigned unique ID for this managed resource.

PasswordPolicyExpirePasswords bool

Indicates whether passwords in the account expire. Returns true if max password age contains a value greater than 0. Returns false if it is 0 or not present.

UserId string

The unique identifier of the calling entity.

Arn string

The AWS ARN associated with the calling entity.

Id string

The AWS Account ID number of the account that owns or contains the calling entity.

Id string

The provider-assigned unique ID for this managed resource.

PasswordPolicyExpirePasswords bool

Indicates whether passwords in the account expire. Returns true if max password age contains a value greater than 0. Returns false if it is 0 or not present.

UserId string

The unique identifier of the calling entity.

arn String

The AWS ARN associated with the calling entity.

id String

The AWS Account ID number of the account that owns or contains the calling entity.

id String

The provider-assigned unique ID for this managed resource.

passwordPolicyExpirePasswords Boolean

Indicates whether passwords in the account expire. Returns true if max password age contains a value greater than 0. Returns false if it is 0 or not present.

userId String

The unique identifier of the calling entity.

arn string

The AWS ARN associated with the calling entity.

id string

The AWS Account ID number of the account that owns or contains the calling entity.

id string

The provider-assigned unique ID for this managed resource.

passwordPolicyExpirePasswords boolean

Indicates whether passwords in the account expire. Returns true if max password age contains a value greater than 0. Returns false if it is 0 or not present.

userId string

The unique identifier of the calling entity.

arn str

The AWS ARN associated with the calling entity.

id str

The AWS Account ID number of the account that owns or contains the calling entity.

id str

The provider-assigned unique ID for this managed resource.

password_policy_expire_passwords bool

Indicates whether passwords in the account expire. Returns true if max password age contains a value greater than 0. Returns false if it is 0 or not present.

user_id str

The unique identifier of the calling entity.

arn String

The AWS ARN associated with the calling entity.

id String

The AWS Account ID number of the account that owns or contains the calling entity.

id String

The provider-assigned unique ID for this managed resource.

passwordPolicyExpirePasswords Boolean

Indicates whether passwords in the account expire. Returns true if max password age contains a value greater than 0. Returns false if it is 0 or not present.

userId String

The unique identifier of the calling entity.

Supporting Types

AccountPasswordPolicy

AllowUsersToChange bool

Whether to allow users to change their own password.

HardExpiry bool

Whether users are prevented from setting a new password after their password has expired (i.e. require administrator reset).

RequireLowercaseCharacters bool

Whether to require lowercase characters for user passwords.

RequireNumbers bool

Whether to require numbers for user passwords.

RequireSymbols bool

Whether to require symbols for user passwords.

RequireUppercaseCharacters bool

Whether to require uppercase characters for user passwords.

MaxAge int

The number of days that an user password is valid. If not set or a value of 0 is provided, then passwords will not expire.

MinimumLength int

Minimum length to require for user passwords. Defaults to 8 if not set or the provided value is invalid. Valid values are between 6 and 128.

ReusePrevention int

The number of previous passwords that users are prevented from reusing. If not set or a value of 0 is provided, no reuse prevention policy will be used.

AllowUsersToChange bool

Whether to allow users to change their own password.

HardExpiry bool

Whether users are prevented from setting a new password after their password has expired (i.e. require administrator reset).

RequireLowercaseCharacters bool

Whether to require lowercase characters for user passwords.

RequireNumbers bool

Whether to require numbers for user passwords.

RequireSymbols bool

Whether to require symbols for user passwords.

RequireUppercaseCharacters bool

Whether to require uppercase characters for user passwords.

MaxAge int

The number of days that an user password is valid. If not set or a value of 0 is provided, then passwords will not expire.

MinimumLength int

Minimum length to require for user passwords. Defaults to 8 if not set or the provided value is invalid. Valid values are between 6 and 128.

ReusePrevention int

The number of previous passwords that users are prevented from reusing. If not set or a value of 0 is provided, no reuse prevention policy will be used.

allowUsersToChange Boolean

Whether to allow users to change their own password.

hardExpiry Boolean

Whether users are prevented from setting a new password after their password has expired (i.e. require administrator reset).

requireLowercaseCharacters Boolean

Whether to require lowercase characters for user passwords.

requireNumbers Boolean

Whether to require numbers for user passwords.

requireSymbols Boolean

Whether to require symbols for user passwords.

requireUppercaseCharacters Boolean

Whether to require uppercase characters for user passwords.

maxAge Integer

The number of days that an user password is valid. If not set or a value of 0 is provided, then passwords will not expire.

minimumLength Integer

Minimum length to require for user passwords. Defaults to 8 if not set or the provided value is invalid. Valid values are between 6 and 128.

reusePrevention Integer

The number of previous passwords that users are prevented from reusing. If not set or a value of 0 is provided, no reuse prevention policy will be used.

allowUsersToChange boolean

Whether to allow users to change their own password.

hardExpiry boolean

Whether users are prevented from setting a new password after their password has expired (i.e. require administrator reset).

requireLowercaseCharacters boolean

Whether to require lowercase characters for user passwords.

requireNumbers boolean

Whether to require numbers for user passwords.

requireSymbols boolean

Whether to require symbols for user passwords.

requireUppercaseCharacters boolean

Whether to require uppercase characters for user passwords.

maxAge number

The number of days that an user password is valid. If not set or a value of 0 is provided, then passwords will not expire.

minimumLength number

Minimum length to require for user passwords. Defaults to 8 if not set or the provided value is invalid. Valid values are between 6 and 128.

reusePrevention number

The number of previous passwords that users are prevented from reusing. If not set or a value of 0 is provided, no reuse prevention policy will be used.

allow_users_to_change bool

Whether to allow users to change their own password.

hard_expiry bool

Whether users are prevented from setting a new password after their password has expired (i.e. require administrator reset).

require_lowercase_characters bool

Whether to require lowercase characters for user passwords.

require_numbers bool

Whether to require numbers for user passwords.

require_symbols bool

Whether to require symbols for user passwords.

require_uppercase_characters bool

Whether to require uppercase characters for user passwords.

max_age int

The number of days that an user password is valid. If not set or a value of 0 is provided, then passwords will not expire.

minimum_length int

Minimum length to require for user passwords. Defaults to 8 if not set or the provided value is invalid. Valid values are between 6 and 128.

reuse_prevention int

The number of previous passwords that users are prevented from reusing. If not set or a value of 0 is provided, no reuse prevention policy will be used.

allowUsersToChange Boolean

Whether to allow users to change their own password.

hardExpiry Boolean

Whether users are prevented from setting a new password after their password has expired (i.e. require administrator reset).

requireLowercaseCharacters Boolean

Whether to require lowercase characters for user passwords.

requireNumbers Boolean

Whether to require numbers for user passwords.

requireSymbols Boolean

Whether to require symbols for user passwords.

requireUppercaseCharacters Boolean

Whether to require uppercase characters for user passwords.

maxAge Number

The number of days that an user password is valid. If not set or a value of 0 is provided, then passwords will not expire.

minimumLength Number

Minimum length to require for user passwords. Defaults to 8 if not set or the provided value is invalid. Valid values are between 6 and 128.

reusePrevention Number

The number of previous passwords that users are prevented from reusing. If not set or a value of 0 is provided, no reuse prevention policy will be used.

Package Details

Repository
License