CODEWITHSUNDEEP
typescriptamazon-web-servicesamazon-iamaws-cdk
aroe
aroe

Reputation: 161

Trying to Provision IAM Users in AWS IAM with the AWS-CDK

I am attempting to provision IAM users with the AWS-CDK. I'm currently having an issue with provisioning a temporary password for the user I am creating and am trying to find a way around using secrets manager as I think there should be easier ways to do this. Here is the code I have below (the password prop I pass to the "CisUser" is currently erroring out):

import cdk = require('@aws-cdk/core')
import * as logs from '@aws-cdk/aws-logs';
import s3 = require("@aws-cdk/aws-s3");
import * as cloudtrail from '@aws-cdk/aws-cloudtrail';
import cloudwatch = require('@aws-cdk/aws-cloudwatch');
import { User, Group } from "@aws-cdk/aws-iam";
import * as lambda from "@aws-cdk/aws-lambda"
import path = require('path');
import events = require("@aws-cdk/aws-events");
import * as targets from "@aws-cdk/aws-events-targets";
import { SecretValue } from '@aws-cdk/core';


export class CloudComplianceUserBaselineStack extends cdk.Stack {
    constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
      super(scope, id, props);
    
      const CisUser = new User(this, 'CisUser',{
          userName: 'CisUser',
          password: 'testPassword12345%$',
          passwordResetRequired: true,
      })
      const TestUser = new iam.User(this,"TestUser",{})
      const adminGroup = new iam.Group(this, 'AdminGroup',{
        managedPolicies: [
          iam.ManagedPolicy.fromAwsManagedPolicyName("AdministratorAccess")
        ]
      })
      const AuditGroup = new iam.Group(this,'AuditGroup',{
        managedPolicies:[
          iam.ManagedPolicy.fromAwsManagedPolicyName("ReadOnlyAccess")
        ]
      })
      AuditGroup.addUser(CisUser)
      adminGroup.addUser(TestUser)
      
      
    }}

Thank you in advance.

Upvotes: 0

Views: 776

Answers (1)

Hai Thai
Hai Thai

Reputation: 314

I think that we should use the exact type when trying to pass the password field

https://docs.aws.amazon.com/cdk/api/latest/docs/aws-iam-readme.html

import { SecretValue } from '@aws-cdk/core';
...
...
{
    password: SecretValue.plainText('testPassword12345%$'),

}

Upvotes: 1

Related Questions