IAM User

An IAM User in AWS represents an individual identity within an AWS account that can be used to interact with AWS services. Each user has unique credentials such as a username, password, and access keys. IAM Users can be assigned permissions through policies, either directly or via groups, to control what actions they can perform. This resource is commonly used to provide secure, managed access for people or applications that need to work with AWS resources.

aws.iam_user

Fields

TitleIDTypeData TypeDescription
_keycorestring
account_idcorestring
arncorestringThe Amazon Resource Name (ARN) that identifies the user. For more information about ARNs and how to use ARNs in policies, see IAM Identifiers in the IAM User Guide.
attached_policiescorejsonA list of the attached policies.
create_datecoretimestampThe date and time, in ISO 8601 date-time format, when the user was created.
groupscorejsonA list of groups.
login_profilecorejsonA structure containing the user name and the profile creation date for the user.
mfa_devicescorejsonA list of MFA devices.
password_last_usedcoretimestampThe date and time, in ISO 8601 date-time format, when the user's password was last used to sign in to an Amazon Web Services website. For a list of Amazon Web Services websites that capture a user's last sign-in time, see the Credential reports topic in the IAM User Guide. If a password is used more than once in a five-minute span, only the first use is returned in this field. If the field is null (no value), then it indicates that they never signed in with a password. This can be because: The user never had a password. A password exists but has not been used since IAM started tracking this information on October 20, 2014. A null value does not mean that the user never had a password. Also, if the user does not currently have a password but had one in the past, then this field contains the date and time the most recent password was used. This value is returned only in the GetUser and ListUsers operations.
pathcorestringThe path to the user. For more information about paths, see IAM identifiers in the IAM User Guide. The ARN of the policy used to set the permissions boundary for the user.
permissions_boundarycorejsonFor more information about permissions boundaries, see Permissions boundaries for IAM identities in the IAM User Guide.
ssh_public_keyscorejsonA list of the SSH public keys assigned to IAM user.
tagscorehstore
user_idcorestringThe stable and unique string identifying the user. For more information about IDs, see IAM identifiers in the IAM User Guide.
user_namecorestringThe friendly name identifying the user.
virtual_mfa_devicescorejsonThe list of virtual MFA devices in the current account that match the AssignmentStatus value that was passed in the request.