Skip to main content

alicloud_ims_user Resource

Use the alicloud_ims_user InSpec audit resource to test properties of a single AliCloud IAM User information.

Syntax

Ensure an user exists

describe alicloud_ims_user("USER_PRINCIPAL_NAME") do
  it { should exist }
end

You may also use hash syntax to pass the user principal name

describe alicloud_ims_user(user_principal_name: "USER_PRINCIPAL_NAME") do
  it { should exist }
end

Parameters

This resource accepts a single parameter, user_principal_name.

user_principal_name _(required)

The user name of the IMS user.

See also the Alicloud documentation on cloud disks.

Properties

status
The status of the IAM user.
update_date
The update date of the IAM user.
password_reset_required
The password reset required of the IAM user. It accepts boolean value.
user_principal_name
The user name of the IAM user.
mfa_bind_required
The mfa bind required of the IAM user. It accepts boolean value.

Examples

Test that an user does not exist.

describe alicloud_ims_user("USER_PRINCIPAL_NAME") do
  it { should_not exist }
end

Test that an user is MFA bind.

describe alicloud_ims_user("USER_PRINCIPAL_NAME") do
  its('mfa_bind_required') { should eq true }
end

Test that an user has an ACTIVE status.

describe alicloud_ims_user("USER_PRINCIPAL_NAME") do
  its('status') { should eq 'Active' }
end

Matchers

For a full list of available matchers, see our Universal Matchers page.

exist

The control will pass if the describe returns at least one result.

Use should to test the entity should not exist.

describe alicloud_ims_user("USER_PRINCIPAL_NAME") do
  it { should exist }
end

Use should_not to test the entity should not exist.

describe alicloud_ims_user("USER_PRINCIPAL_NAME") do
  it { should_not exist }
end

Alicloud Permissions

Your Principal will need the ims:GetLoginProfile action with Effect set to Allow.

Edit this page on GitHub

Thank you for your feedback!

×