volcenginecc.iam.User

volcenginecc v0.0.32, Apr 23 26

Viewing docs for volcenginecc v0.0.32
published on Thursday, Apr 23, 2026 by Volcengine

Schema (JSON)

volcengine/pulumi-volcenginecc

Viewing docs for volcenginecc v0.0.32
published on Thursday, Apr 23, 2026 by Volcengine

Schema (JSON)

volcengine/pulumi-volcenginecc

Example Usage

Example coming soon!

Example coming soon!

Example coming soon!

Example coming soon!

Example coming soon!

resources:
  userDemo:
    type: volcenginecc:iam:User
    name: UserDemo
    properties:
      userName: UserDemo
      description: user description
      groups:
        - UserGroupDemo
      policies:
        - policy_name: TOSReadOnlyAccess
          policy_type: System
      tags:
        - key: env
          value: test

Create User Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new User(name: string, args: UserArgs, opts?: CustomResourceOptions);

@overload
def User(resource_name: str,
         args: UserArgs,
         opts: Optional[ResourceOptions] = None)

@overload
def User(resource_name: str,
         opts: Optional[ResourceOptions] = None,
         user_name: Optional[str] = None,
         description: Optional[str] = None,
         display_name: Optional[str] = None,
         email: Optional[str] = None,
         email_is_verify: Optional[bool] = None,
         groups: Optional[Sequence[str]] = None,
         login_profile: Optional[UserLoginProfileArgs] = None,
         mobile_phone: Optional[str] = None,
         policies: Optional[Sequence[UserPolicyArgs]] = None,
         security_config: Optional[UserSecurityConfigArgs] = None,
         tags: Optional[Sequence[UserTagArgs]] = None)

func NewUser(ctx *Context, name string, args UserArgs, opts ...ResourceOption) (*User, error)

public User(string name, UserArgs args, CustomResourceOptions? opts = null)

public User(String name, UserArgs args)
public User(String name, UserArgs args, CustomResourceOptions options)

type: volcenginecc:iam:User
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args UserArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args UserArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args UserArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args UserArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args UserArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

User Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The User resource accepts the following input properties:

UserName string: Sub-user name, username. Length 1–64. Supports English, numbers, underscores, and .-@ characters.
Description string: Description for the sub-user, up to 255 characters.
DisplayName string: Display name for the sub-user, user display name. Length 1–128. Supports Chinese, English, numbers, spaces, and .-_@ characters only.
Email string: Sub-user's email address.
EmailIsVerify bool: Whether the sub-user's email address is verified. 'true' means verified, 'false' means not verified.
Groups List<string>: User group to which the sub-user belongs.
LoginProfile Volcengine.UserLoginProfile: Login configuration for the sub-user.
MobilePhone string: Sub-user's mobile number.
Policies List<Volcengine.UserPolicy>
SecurityConfig Volcengine.UserSecurityConfig: Operation protection configuration for the sub-user.
Tags List<Volcengine.UserTag>

UserName string: Sub-user name, username. Length 1–64. Supports English, numbers, underscores, and .-@ characters.
Description string: Description for the sub-user, up to 255 characters.
DisplayName string: Display name for the sub-user, user display name. Length 1–128. Supports Chinese, English, numbers, spaces, and .-_@ characters only.
Email string: Sub-user's email address.
EmailIsVerify bool: Whether the sub-user's email address is verified. 'true' means verified, 'false' means not verified.
Groups []string: User group to which the sub-user belongs.
LoginProfile UserLoginProfileArgs: Login configuration for the sub-user.
MobilePhone string: Sub-user's mobile number.
Policies []UserPolicyArgs
SecurityConfig UserSecurityConfigArgs: Operation protection configuration for the sub-user.
Tags []UserTagArgs

userName String: Sub-user name, username. Length 1–64. Supports English, numbers, underscores, and .-@ characters.
description String: Description for the sub-user, up to 255 characters.
displayName String: Display name for the sub-user, user display name. Length 1–128. Supports Chinese, English, numbers, spaces, and .-_@ characters only.
email String: Sub-user's email address.
emailIsVerify Boolean: Whether the sub-user's email address is verified. 'true' means verified, 'false' means not verified.
groups List<String>: User group to which the sub-user belongs.
loginProfile UserLoginProfile: Login configuration for the sub-user.
mobilePhone String: Sub-user's mobile number.
policies List<UserPolicy>
securityConfig UserSecurityConfig: Operation protection configuration for the sub-user.
tags List<UserTag>

userName string: Sub-user name, username. Length 1–64. Supports English, numbers, underscores, and .-@ characters.
description string: Description for the sub-user, up to 255 characters.
displayName string: Display name for the sub-user, user display name. Length 1–128. Supports Chinese, English, numbers, spaces, and .-_@ characters only.
email string: Sub-user's email address.
emailIsVerify boolean: Whether the sub-user's email address is verified. 'true' means verified, 'false' means not verified.
groups string[]: User group to which the sub-user belongs.
loginProfile UserLoginProfile: Login configuration for the sub-user.
mobilePhone string: Sub-user's mobile number.
policies UserPolicy[]
securityConfig UserSecurityConfig: Operation protection configuration for the sub-user.
tags UserTag[]

user_name str: Sub-user name, username. Length 1–64. Supports English, numbers, underscores, and .-@ characters.
description str: Description for the sub-user, up to 255 characters.
display_name str: Display name for the sub-user, user display name. Length 1–128. Supports Chinese, English, numbers, spaces, and .-_@ characters only.
email str: Sub-user's email address.
email_is_verify bool: Whether the sub-user's email address is verified. 'true' means verified, 'false' means not verified.
groups Sequence[str]: User group to which the sub-user belongs.
login_profile UserLoginProfileArgs: Login configuration for the sub-user.
mobile_phone str: Sub-user's mobile number.
policies Sequence[UserPolicyArgs]
security_config UserSecurityConfigArgs: Operation protection configuration for the sub-user.
tags Sequence[UserTagArgs]

userName String: Sub-user name, username. Length 1–64. Supports English, numbers, underscores, and .-@ characters.
description String: Description for the sub-user, up to 255 characters.
displayName String: Display name for the sub-user, user display name. Length 1–128. Supports Chinese, English, numbers, spaces, and .-_@ characters only.
email String: Sub-user's email address.
emailIsVerify Boolean: Whether the sub-user's email address is verified. 'true' means verified, 'false' means not verified.
groups List<String>: User group to which the sub-user belongs.
loginProfile Property Map: Login configuration for the sub-user.
mobilePhone String: Sub-user's mobile number.
policies List<Property Map>
securityConfig Property Map: Operation protection configuration for the sub-user.
tags List<Property Map>

Outputs

All input properties are implicitly available as output properties. Additionally, the User resource produces the following output properties:

AccessKeys List<Volcengine.UserAccessKey>
AccountId double: Main account to which the sub-user belongs.
CreateDate string: Sub-user's creation time.
Id string: The provider-assigned unique ID for this managed resource.
MobilePhoneIsVerify bool: Whether the sub-user's phone number is verified. 'true' means verified, 'false' means not verified.
Trn string: TRN expression for the sub-user.
UpdateDate string: Update time for the sub-user.
UserId int: Sub-user's ID.

AccessKeys []UserAccessKey
AccountId float64: Main account to which the sub-user belongs.
CreateDate string: Sub-user's creation time.
Id string: The provider-assigned unique ID for this managed resource.
MobilePhoneIsVerify bool: Whether the sub-user's phone number is verified. 'true' means verified, 'false' means not verified.
Trn string: TRN expression for the sub-user.
UpdateDate string: Update time for the sub-user.
UserId int: Sub-user's ID.

accessKeys List<UserAccessKey>
accountId Double: Main account to which the sub-user belongs.
createDate String: Sub-user's creation time.
id String: The provider-assigned unique ID for this managed resource.
mobilePhoneIsVerify Boolean: Whether the sub-user's phone number is verified. 'true' means verified, 'false' means not verified.
trn String: TRN expression for the sub-user.
updateDate String: Update time for the sub-user.
userId Integer: Sub-user's ID.

accessKeys UserAccessKey[]
accountId number: Main account to which the sub-user belongs.
createDate string: Sub-user's creation time.
id string: The provider-assigned unique ID for this managed resource.
mobilePhoneIsVerify boolean: Whether the sub-user's phone number is verified. 'true' means verified, 'false' means not verified.
trn string: TRN expression for the sub-user.
updateDate string: Update time for the sub-user.
userId number: Sub-user's ID.

access_keys Sequence[UserAccessKey]
account_id float: Main account to which the sub-user belongs.
create_date str: Sub-user's creation time.
id str: The provider-assigned unique ID for this managed resource.
mobile_phone_is_verify bool: Whether the sub-user's phone number is verified. 'true' means verified, 'false' means not verified.
trn str: TRN expression for the sub-user.
update_date str: Update time for the sub-user.
user_id int: Sub-user's ID.

accessKeys List<Property Map>
accountId Number: Main account to which the sub-user belongs.
createDate String: Sub-user's creation time.
id String: The provider-assigned unique ID for this managed resource.
mobilePhoneIsVerify Boolean: Whether the sub-user's phone number is verified. 'true' means verified, 'false' means not verified.
trn String: TRN expression for the sub-user.
updateDate String: Update time for the sub-user.
userId Number: Sub-user's ID.

Look up Existing User Resource

Get an existing User resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: UserState, opts?: CustomResourceOptions): User

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        access_keys: Optional[Sequence[UserAccessKeyArgs]] = None,
        account_id: Optional[float] = None,
        create_date: Optional[str] = None,
        description: Optional[str] = None,
        display_name: Optional[str] = None,
        email: Optional[str] = None,
        email_is_verify: Optional[bool] = None,
        groups: Optional[Sequence[str]] = None,
        login_profile: Optional[UserLoginProfileArgs] = None,
        mobile_phone: Optional[str] = None,
        mobile_phone_is_verify: Optional[bool] = None,
        policies: Optional[Sequence[UserPolicyArgs]] = None,
        security_config: Optional[UserSecurityConfigArgs] = None,
        tags: Optional[Sequence[UserTagArgs]] = None,
        trn: Optional[str] = None,
        update_date: Optional[str] = None,
        user_id: Optional[int] = None,
        user_name: Optional[str] = None) -> User

func GetUser(ctx *Context, name string, id IDInput, state *UserState, opts ...ResourceOption) (*User, error)

public static User Get(string name, Input<string> id, UserState? state, CustomResourceOptions? opts = null)

public static User get(String name, Output<String> id, UserState state, CustomResourceOptions options)

resources:  _:    type: volcenginecc:iam:User    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AccessKeys List<Volcengine.UserAccessKey>
AccountId double: Main account to which the sub-user belongs.
CreateDate string: Sub-user's creation time.
Description string: Description for the sub-user, up to 255 characters.
DisplayName string: Display name for the sub-user, user display name. Length 1–128. Supports Chinese, English, numbers, spaces, and .-_@ characters only.
Email string: Sub-user's email address.
EmailIsVerify bool: Whether the sub-user's email address is verified. 'true' means verified, 'false' means not verified.
Groups List<string>: User group to which the sub-user belongs.
LoginProfile Volcengine.UserLoginProfile: Login configuration for the sub-user.
MobilePhone string: Sub-user's mobile number.
MobilePhoneIsVerify bool: Whether the sub-user's phone number is verified. 'true' means verified, 'false' means not verified.
Policies List<Volcengine.UserPolicy>
SecurityConfig Volcengine.UserSecurityConfig: Operation protection configuration for the sub-user.
Tags List<Volcengine.UserTag>
Trn string: TRN expression for the sub-user.
UpdateDate string: Update time for the sub-user.
UserId int: Sub-user's ID.
UserName string: Sub-user name, username. Length 1–64. Supports English, numbers, underscores, and .-@ characters.

AccessKeys []UserAccessKeyArgs
AccountId float64: Main account to which the sub-user belongs.
CreateDate string: Sub-user's creation time.
Description string: Description for the sub-user, up to 255 characters.
DisplayName string: Display name for the sub-user, user display name. Length 1–128. Supports Chinese, English, numbers, spaces, and .-_@ characters only.
Email string: Sub-user's email address.
EmailIsVerify bool: Whether the sub-user's email address is verified. 'true' means verified, 'false' means not verified.
Groups []string: User group to which the sub-user belongs.
LoginProfile UserLoginProfileArgs: Login configuration for the sub-user.
MobilePhone string: Sub-user's mobile number.
MobilePhoneIsVerify bool: Whether the sub-user's phone number is verified. 'true' means verified, 'false' means not verified.
Policies []UserPolicyArgs
SecurityConfig UserSecurityConfigArgs: Operation protection configuration for the sub-user.
Tags []UserTagArgs
Trn string: TRN expression for the sub-user.
UpdateDate string: Update time for the sub-user.
UserId int: Sub-user's ID.
UserName string: Sub-user name, username. Length 1–64. Supports English, numbers, underscores, and .-@ characters.

accessKeys List<UserAccessKey>
accountId Double: Main account to which the sub-user belongs.
createDate String: Sub-user's creation time.
description String: Description for the sub-user, up to 255 characters.
displayName String: Display name for the sub-user, user display name. Length 1–128. Supports Chinese, English, numbers, spaces, and .-_@ characters only.
email String: Sub-user's email address.
emailIsVerify Boolean: Whether the sub-user's email address is verified. 'true' means verified, 'false' means not verified.
groups List<String>: User group to which the sub-user belongs.
loginProfile UserLoginProfile: Login configuration for the sub-user.
mobilePhone String: Sub-user's mobile number.
mobilePhoneIsVerify Boolean: Whether the sub-user's phone number is verified. 'true' means verified, 'false' means not verified.
policies List<UserPolicy>
securityConfig UserSecurityConfig: Operation protection configuration for the sub-user.
tags List<UserTag>
trn String: TRN expression for the sub-user.
updateDate String: Update time for the sub-user.
userId Integer: Sub-user's ID.
userName String: Sub-user name, username. Length 1–64. Supports English, numbers, underscores, and .-@ characters.

accessKeys UserAccessKey[]
accountId number: Main account to which the sub-user belongs.
createDate string: Sub-user's creation time.
description string: Description for the sub-user, up to 255 characters.
displayName string: Display name for the sub-user, user display name. Length 1–128. Supports Chinese, English, numbers, spaces, and .-_@ characters only.
email string: Sub-user's email address.
emailIsVerify boolean: Whether the sub-user's email address is verified. 'true' means verified, 'false' means not verified.
groups string[]: User group to which the sub-user belongs.
loginProfile UserLoginProfile: Login configuration for the sub-user.
mobilePhone string: Sub-user's mobile number.
mobilePhoneIsVerify boolean: Whether the sub-user's phone number is verified. 'true' means verified, 'false' means not verified.
policies UserPolicy[]
securityConfig UserSecurityConfig: Operation protection configuration for the sub-user.
tags UserTag[]
trn string: TRN expression for the sub-user.
updateDate string: Update time for the sub-user.
userId number: Sub-user's ID.
userName string: Sub-user name, username. Length 1–64. Supports English, numbers, underscores, and .-@ characters.

access_keys Sequence[UserAccessKeyArgs]
account_id float: Main account to which the sub-user belongs.
create_date str: Sub-user's creation time.
description str: Description for the sub-user, up to 255 characters.
display_name str: Display name for the sub-user, user display name. Length 1–128. Supports Chinese, English, numbers, spaces, and .-_@ characters only.
email str: Sub-user's email address.
email_is_verify bool: Whether the sub-user's email address is verified. 'true' means verified, 'false' means not verified.
groups Sequence[str]: User group to which the sub-user belongs.
login_profile UserLoginProfileArgs: Login configuration for the sub-user.
mobile_phone str: Sub-user's mobile number.
mobile_phone_is_verify bool: Whether the sub-user's phone number is verified. 'true' means verified, 'false' means not verified.
policies Sequence[UserPolicyArgs]
security_config UserSecurityConfigArgs: Operation protection configuration for the sub-user.
tags Sequence[UserTagArgs]
trn str: TRN expression for the sub-user.
update_date str: Update time for the sub-user.
user_id int: Sub-user's ID.
user_name str: Sub-user name, username. Length 1–64. Supports English, numbers, underscores, and .-@ characters.

accessKeys List<Property Map>
accountId Number: Main account to which the sub-user belongs.
createDate String: Sub-user's creation time.
description String: Description for the sub-user, up to 255 characters.
displayName String: Display name for the sub-user, user display name. Length 1–128. Supports Chinese, English, numbers, spaces, and .-_@ characters only.
email String: Sub-user's email address.
emailIsVerify Boolean: Whether the sub-user's email address is verified. 'true' means verified, 'false' means not verified.
groups List<String>: User group to which the sub-user belongs.
loginProfile Property Map: Login configuration for the sub-user.
mobilePhone String: Sub-user's mobile number.
mobilePhoneIsVerify Boolean: Whether the sub-user's phone number is verified. 'true' means verified, 'false' means not verified.
policies List<Property Map>
securityConfig Property Map: Operation protection configuration for the sub-user.
tags List<Property Map>
trn String: TRN expression for the sub-user.
updateDate String: Update time for the sub-user.
userId Number: Sub-user's ID.
userName String: Sub-user name, username. Length 1–64. Supports English, numbers, underscores, and .-@ characters.

Supporting Types

UserAccessKey, UserAccessKeyArgs

AccessKeyId string: Access key ID.
CreateDate string: Access key creation time.
Region string: Most recently used service region.
RequestTime string: Last used time of the access key.
Service string: Name of the most recently used service.
Status string: Access key status. 'Active' means enabled, 'Inactive' means disabled.
UpdateDate string: Access key update time.
UserName string: Access key Secret.

AccessKeyId string: Access key ID.
CreateDate string: Access key creation time.
Region string: Most recently used service region.
RequestTime string: Last used time of the access key.
Service string: Name of the most recently used service.
Status string: Access key status. 'Active' means enabled, 'Inactive' means disabled.
UpdateDate string: Access key update time.
UserName string: Access key Secret.

accessKeyId String: Access key ID.
createDate String: Access key creation time.
region String: Most recently used service region.
requestTime String: Last used time of the access key.
service String: Name of the most recently used service.
status String: Access key status. 'Active' means enabled, 'Inactive' means disabled.
updateDate String: Access key update time.
userName String: Access key Secret.

accessKeyId string: Access key ID.
createDate string: Access key creation time.
region string: Most recently used service region.
requestTime string: Last used time of the access key.
service string: Name of the most recently used service.
status string: Access key status. 'Active' means enabled, 'Inactive' means disabled.
updateDate string: Access key update time.
userName string: Access key Secret.

access_key_id str: Access key ID.
create_date str: Access key creation time.
region str: Most recently used service region.
request_time str: Last used time of the access key.
service str: Name of the most recently used service.
status str: Access key status. 'Active' means enabled, 'Inactive' means disabled.
update_date str: Access key update time.
user_name str: Access key Secret.

accessKeyId String: Access key ID.
createDate String: Access key creation time.
region String: Most recently used service region.
requestTime String: Last used time of the access key.
service String: Name of the most recently used service.
status String: Access key status. 'Active' means enabled, 'Inactive' means disabled.
updateDate String: Access key update time.
userName String: Access key Secret.

UserLoginProfile, UserLoginProfileArgs

CreateDate string: Login configuration creation time.
LastLoginDate string: Last login time.
LastLoginIp string: Last login IP.
LastResetPasswordTime int: Last password reset time. Last password reset time. 0 means no password has been set; a non-zero value means the timestamp when the password expires.
LoginAllowed bool: Whether login is allowed. 'true' means allowed, 'false' means not allowed. Default is 'false'.
LoginLocked bool: Whether login is locked. 'true' means locked, 'false' means not locked. After the administrator sets a limit for incorrect password retry attempts, login will be locked if the user exceeds the limit.
Password string: Login password.
PasswordExpireAt int: Password expiration time. '0' means never expires; non-zero means the expiration timestamp.
PasswordResetRequired bool: Whether password reset is required on next login. Whether password reset is required on next login. 'true' means password reset is required, 'false' means not required. Default is 'false'.
SafeAuthExemptDuration double: Login protection exemption duration. Supports setting 1 to 7 (days), 1 to 168 (hours), or 5 to 1440 (minutes). For unit settings, refer to the SafeAuthExemptUnit parameter.
SafeAuthExemptRequired double: Whether login protection exemption is enabled. Whether login protection exemption is enabled. 0 means disabled, 1 means enabled. When login protection exemption is enabled, after verification is completed, login will not require verification again within a certain period.
SafeAuthExemptUnit double: Login protection exemption time unit. Login protection exemption time unit. 0 represents minutes, 1 represents hours, 2 represents days.
SafeAuthFlag bool: Whether login protection is enabled. 'true' means enabled, 'false' means disabled. Default is 'false'.
SafeAuthType string: Login protection type. Login protection type. 'phone' represents mobile verification, 'email' represents email verification, 'vmfa' represents MFA device verification. Multiple login protection types can be set, separated by commas. Options: vmfa, phone, email, separated by commas.
UpdateDate string: Login configuration update time.

CreateDate string: Login configuration creation time.
LastLoginDate string: Last login time.
LastLoginIp string: Last login IP.
LastResetPasswordTime int: Last password reset time. Last password reset time. 0 means no password has been set; a non-zero value means the timestamp when the password expires.
LoginAllowed bool: Whether login is allowed. 'true' means allowed, 'false' means not allowed. Default is 'false'.
LoginLocked bool: Whether login is locked. 'true' means locked, 'false' means not locked. After the administrator sets a limit for incorrect password retry attempts, login will be locked if the user exceeds the limit.
Password string: Login password.
PasswordExpireAt int: Password expiration time. '0' means never expires; non-zero means the expiration timestamp.
PasswordResetRequired bool: Whether password reset is required on next login. Whether password reset is required on next login. 'true' means password reset is required, 'false' means not required. Default is 'false'.
SafeAuthExemptDuration float64: Login protection exemption duration. Supports setting 1 to 7 (days), 1 to 168 (hours), or 5 to 1440 (minutes). For unit settings, refer to the SafeAuthExemptUnit parameter.
SafeAuthExemptRequired float64: Whether login protection exemption is enabled. Whether login protection exemption is enabled. 0 means disabled, 1 means enabled. When login protection exemption is enabled, after verification is completed, login will not require verification again within a certain period.
SafeAuthExemptUnit float64: Login protection exemption time unit. Login protection exemption time unit. 0 represents minutes, 1 represents hours, 2 represents days.
SafeAuthFlag bool: Whether login protection is enabled. 'true' means enabled, 'false' means disabled. Default is 'false'.
SafeAuthType string: Login protection type. Login protection type. 'phone' represents mobile verification, 'email' represents email verification, 'vmfa' represents MFA device verification. Multiple login protection types can be set, separated by commas. Options: vmfa, phone, email, separated by commas.
UpdateDate string: Login configuration update time.

createDate String: Login configuration creation time.
lastLoginDate String: Last login time.
lastLoginIp String: Last login IP.
lastResetPasswordTime Integer: Last password reset time. Last password reset time. 0 means no password has been set; a non-zero value means the timestamp when the password expires.
loginAllowed Boolean: Whether login is allowed. 'true' means allowed, 'false' means not allowed. Default is 'false'.
loginLocked Boolean: Whether login is locked. 'true' means locked, 'false' means not locked. After the administrator sets a limit for incorrect password retry attempts, login will be locked if the user exceeds the limit.
password String: Login password.
passwordExpireAt Integer: Password expiration time. '0' means never expires; non-zero means the expiration timestamp.
passwordResetRequired Boolean: Whether password reset is required on next login. Whether password reset is required on next login. 'true' means password reset is required, 'false' means not required. Default is 'false'.
safeAuthExemptDuration Double: Login protection exemption duration. Supports setting 1 to 7 (days), 1 to 168 (hours), or 5 to 1440 (minutes). For unit settings, refer to the SafeAuthExemptUnit parameter.
safeAuthExemptRequired Double: Whether login protection exemption is enabled. Whether login protection exemption is enabled. 0 means disabled, 1 means enabled. When login protection exemption is enabled, after verification is completed, login will not require verification again within a certain period.
safeAuthExemptUnit Double: Login protection exemption time unit. Login protection exemption time unit. 0 represents minutes, 1 represents hours, 2 represents days.
safeAuthFlag Boolean: Whether login protection is enabled. 'true' means enabled, 'false' means disabled. Default is 'false'.
safeAuthType String: Login protection type. Login protection type. 'phone' represents mobile verification, 'email' represents email verification, 'vmfa' represents MFA device verification. Multiple login protection types can be set, separated by commas. Options: vmfa, phone, email, separated by commas.
updateDate String: Login configuration update time.

createDate string: Login configuration creation time.
lastLoginDate string: Last login time.
lastLoginIp string: Last login IP.
lastResetPasswordTime number: Last password reset time. Last password reset time. 0 means no password has been set; a non-zero value means the timestamp when the password expires.
loginAllowed boolean: Whether login is allowed. 'true' means allowed, 'false' means not allowed. Default is 'false'.
loginLocked boolean: Whether login is locked. 'true' means locked, 'false' means not locked. After the administrator sets a limit for incorrect password retry attempts, login will be locked if the user exceeds the limit.
password string: Login password.
passwordExpireAt number: Password expiration time. '0' means never expires; non-zero means the expiration timestamp.
passwordResetRequired boolean: Whether password reset is required on next login. Whether password reset is required on next login. 'true' means password reset is required, 'false' means not required. Default is 'false'.
safeAuthExemptDuration number: Login protection exemption duration. Supports setting 1 to 7 (days), 1 to 168 (hours), or 5 to 1440 (minutes). For unit settings, refer to the SafeAuthExemptUnit parameter.
safeAuthExemptRequired number: Whether login protection exemption is enabled. Whether login protection exemption is enabled. 0 means disabled, 1 means enabled. When login protection exemption is enabled, after verification is completed, login will not require verification again within a certain period.
safeAuthExemptUnit number: Login protection exemption time unit. Login protection exemption time unit. 0 represents minutes, 1 represents hours, 2 represents days.
safeAuthFlag boolean: Whether login protection is enabled. 'true' means enabled, 'false' means disabled. Default is 'false'.
safeAuthType string: Login protection type. Login protection type. 'phone' represents mobile verification, 'email' represents email verification, 'vmfa' represents MFA device verification. Multiple login protection types can be set, separated by commas. Options: vmfa, phone, email, separated by commas.
updateDate string: Login configuration update time.

create_date str: Login configuration creation time.
last_login_date str: Last login time.
last_login_ip str: Last login IP.
last_reset_password_time int: Last password reset time. Last password reset time. 0 means no password has been set; a non-zero value means the timestamp when the password expires.
login_allowed bool: Whether login is allowed. 'true' means allowed, 'false' means not allowed. Default is 'false'.
login_locked bool: Whether login is locked. 'true' means locked, 'false' means not locked. After the administrator sets a limit for incorrect password retry attempts, login will be locked if the user exceeds the limit.
password str: Login password.
password_expire_at int: Password expiration time. '0' means never expires; non-zero means the expiration timestamp.
password_reset_required bool: Whether password reset is required on next login. Whether password reset is required on next login. 'true' means password reset is required, 'false' means not required. Default is 'false'.
safe_auth_exempt_duration float: Login protection exemption duration. Supports setting 1 to 7 (days), 1 to 168 (hours), or 5 to 1440 (minutes). For unit settings, refer to the SafeAuthExemptUnit parameter.
safe_auth_exempt_required float: Whether login protection exemption is enabled. Whether login protection exemption is enabled. 0 means disabled, 1 means enabled. When login protection exemption is enabled, after verification is completed, login will not require verification again within a certain period.
safe_auth_exempt_unit float: Login protection exemption time unit. Login protection exemption time unit. 0 represents minutes, 1 represents hours, 2 represents days.
safe_auth_flag bool: Whether login protection is enabled. 'true' means enabled, 'false' means disabled. Default is 'false'.
safe_auth_type str: Login protection type. Login protection type. 'phone' represents mobile verification, 'email' represents email verification, 'vmfa' represents MFA device verification. Multiple login protection types can be set, separated by commas. Options: vmfa, phone, email, separated by commas.
update_date str: Login configuration update time.

createDate String: Login configuration creation time.
lastLoginDate String: Last login time.
lastLoginIp String: Last login IP.
lastResetPasswordTime Number: Last password reset time. Last password reset time. 0 means no password has been set; a non-zero value means the timestamp when the password expires.
loginAllowed Boolean: Whether login is allowed. 'true' means allowed, 'false' means not allowed. Default is 'false'.
loginLocked Boolean: Whether login is locked. 'true' means locked, 'false' means not locked. After the administrator sets a limit for incorrect password retry attempts, login will be locked if the user exceeds the limit.
password String: Login password.
passwordExpireAt Number: Password expiration time. '0' means never expires; non-zero means the expiration timestamp.
passwordResetRequired Boolean: Whether password reset is required on next login. Whether password reset is required on next login. 'true' means password reset is required, 'false' means not required. Default is 'false'.
safeAuthExemptDuration Number: Login protection exemption duration. Supports setting 1 to 7 (days), 1 to 168 (hours), or 5 to 1440 (minutes). For unit settings, refer to the SafeAuthExemptUnit parameter.
safeAuthExemptRequired Number: Whether login protection exemption is enabled. Whether login protection exemption is enabled. 0 means disabled, 1 means enabled. When login protection exemption is enabled, after verification is completed, login will not require verification again within a certain period.
safeAuthExemptUnit Number: Login protection exemption time unit. Login protection exemption time unit. 0 represents minutes, 1 represents hours, 2 represents days.
safeAuthFlag Boolean: Whether login protection is enabled. 'true' means enabled, 'false' means disabled. Default is 'false'.
safeAuthType String: Login protection type. Login protection type. 'phone' represents mobile verification, 'email' represents email verification, 'vmfa' represents MFA device verification. Multiple login protection types can be set, separated by commas. Options: vmfa, phone, email, separated by commas.
updateDate String: Login configuration update time.

UserPolicy, UserPolicyArgs

PolicyName string: Permission policy name. Length: 1–64 characters. Supports English letters, numbers, and +=,.@-_ symbols.
PolicyType string: Permission policy type. 'System' indicates system preset policy, 'Custom' indicates custom policy.

PolicyName string: Permission policy name. Length: 1–64 characters. Supports English letters, numbers, and +=,.@-_ symbols.
PolicyType string: Permission policy type. 'System' indicates system preset policy, 'Custom' indicates custom policy.

policyName String: Permission policy name. Length: 1–64 characters. Supports English letters, numbers, and +=,.@-_ symbols.
policyType String: Permission policy type. 'System' indicates system preset policy, 'Custom' indicates custom policy.

policyName string: Permission policy name. Length: 1–64 characters. Supports English letters, numbers, and +=,.@-_ symbols.
policyType string: Permission policy type. 'System' indicates system preset policy, 'Custom' indicates custom policy.

policy_name str: Permission policy name. Length: 1–64 characters. Supports English letters, numbers, and +=,.@-_ symbols.
policy_type str: Permission policy type. 'System' indicates system preset policy, 'Custom' indicates custom policy.

policyName String: Permission policy name. Length: 1–64 characters. Supports English letters, numbers, and +=,.@-_ symbols.
policyType String: Permission policy type. 'System' indicates system preset policy, 'Custom' indicates custom policy.

UserSecurityConfig, UserSecurityConfigArgs

SafeAuthClose double: Whether operation protection is enabled. 0 means enabled, 1 means disabled.
SafeAuthExemptDuration double: Operation protection exemption time. After verification is completed, no further verification is required within the exemption period. Supports values from 5 to 30; the default value is 10. Unit: minutes.
SafeAuthType string: Operation protection type. 'phone' indicates phone verification, 'email' indicates email verification, 'vmfa' indicates MFA device verification. Multiple operation protection types can be set, separated by commas.

SafeAuthClose float64: Whether operation protection is enabled. 0 means enabled, 1 means disabled.
SafeAuthExemptDuration float64: Operation protection exemption time. After verification is completed, no further verification is required within the exemption period. Supports values from 5 to 30; the default value is 10. Unit: minutes.
SafeAuthType string: Operation protection type. 'phone' indicates phone verification, 'email' indicates email verification, 'vmfa' indicates MFA device verification. Multiple operation protection types can be set, separated by commas.

safeAuthClose Double: Whether operation protection is enabled. 0 means enabled, 1 means disabled.
safeAuthExemptDuration Double: Operation protection exemption time. After verification is completed, no further verification is required within the exemption period. Supports values from 5 to 30; the default value is 10. Unit: minutes.
safeAuthType String: Operation protection type. 'phone' indicates phone verification, 'email' indicates email verification, 'vmfa' indicates MFA device verification. Multiple operation protection types can be set, separated by commas.

safeAuthClose number: Whether operation protection is enabled. 0 means enabled, 1 means disabled.
safeAuthExemptDuration number: Operation protection exemption time. After verification is completed, no further verification is required within the exemption period. Supports values from 5 to 30; the default value is 10. Unit: minutes.
safeAuthType string: Operation protection type. 'phone' indicates phone verification, 'email' indicates email verification, 'vmfa' indicates MFA device verification. Multiple operation protection types can be set, separated by commas.

safe_auth_close float: Whether operation protection is enabled. 0 means enabled, 1 means disabled.
safe_auth_exempt_duration float: Operation protection exemption time. After verification is completed, no further verification is required within the exemption period. Supports values from 5 to 30; the default value is 10. Unit: minutes.
safe_auth_type str: Operation protection type. 'phone' indicates phone verification, 'email' indicates email verification, 'vmfa' indicates MFA device verification. Multiple operation protection types can be set, separated by commas.

safeAuthClose Number: Whether operation protection is enabled. 0 means enabled, 1 means disabled.
safeAuthExemptDuration Number: Operation protection exemption time. After verification is completed, no further verification is required within the exemption period. Supports values from 5 to 30; the default value is 10. Unit: minutes.
safeAuthType String: Operation protection type. 'phone' indicates phone verification, 'email' indicates email verification, 'vmfa' indicates MFA device verification. Multiple operation protection types can be set, separated by commas.

UserTag, UserTagArgs

Key string: Tag key.
Value string: Tag value.

Key string: Tag key.
Value string: Tag value.

key String: Tag key.
value String: Tag value.

key string: Tag key.
value string: Tag value.

key str: Tag key.
value str: Tag value.

key String: Tag key.
value String: Tag value.

Import

$ pulumi import volcenginecc:iam/user:User example "user_name"

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: volcenginecc volcengine/pulumi-volcenginecc
License: MPL-2.0
Notes: This Pulumi package is based on the volcenginecc Terraform Provider.

Viewing docs for volcenginecc v0.0.32
published on Thursday, Apr 23, 2026 by Volcengine

Schema (JSON)

volcengine/pulumi-volcenginecc

On this page

On this page

Example Usage

Create User Resource

Constructor syntax

Parameters

User Resource Properties

Inputs

Outputs

Look up Existing User Resource

Supporting Types

UserAccessKey, UserAccessKeyArgs

UserLoginProfile, UserLoginProfileArgs

UserPolicy, UserPolicyArgs

UserSecurityConfig, UserSecurityConfigArgs

UserTag, UserTagArgs

Import

Package Details

On this page

On this page