我正在尝试使用 AWS-CDK 预置 IAM 用户。我目前在为我正在创建的用户配置临时密码时遇到问题,并试图找到一种使用机密管理器的方法,因为我认为应该有更简单的方法来做到这一点。这是我下面的代码(我传递给“CisUser”的密码道具当前出错):
import cdk = require('@aws-cdk/core')
import * as logs from '@aws-cdk/aws-logs';
import s3 = require("@aws-cdk/aws-s3");
import * as cloudtrail from '@aws-cdk/aws-cloudtrail';
import cloudwatch = require('@aws-cdk/aws-cloudwatch');
import { User, Group } from "@aws-cdk/aws-iam";
import * as lambda from "@aws-cdk/aws-lambda"
import path = require('path');
import events = require("@aws-cdk/aws-events");
import * as targets from "@aws-cdk/aws-events-targets";
import { SecretValue } from '@aws-cdk/core';
export class CloudComplianceUserBaselineStack extends cdk.Stack {
constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
super(scope, id, props);
const CisUser = new User(this, 'CisUser',{
userName: 'CisUser',
password: 'testPassword12345%$',
passwordResetRequired: true,
})
const TestUser = new iam.User(this,"TestUser",{})
const adminGroup = new iam.Group(this, 'AdminGroup',{
managedPolicies: [
iam.ManagedPolicy.fromAwsManagedPolicyName("AdministratorAccess")
]
})
const AuditGroup = new iam.Group(this,'AuditGroup',{
managedPolicies:[
iam.ManagedPolicy.fromAwsManagedPolicyName("ReadOnlyAccess")
]
})
AuditGroup.addUser(CisUser)
adminGroup.addUser(TestUser)
}}
先感谢您。