alicloud_ims_user Resource
Use the alicloud_ims_user
InSpec audit resource to test properties of a single AliCloud IAM User information.
Syntax
Ensure an user exists
describe alicloud_ims_user("USER_PRINCIPAL_NAME") do
it { should exist }
end
You may also use hash syntax to pass the user principal name
describe alicloud_ims_user(user_principal_name: "USER_PRINCIPAL_NAME") do
it { should exist }
end
Parameters
This resource accepts a single parameter, user_principal_name
.
user_principal_name
_(required)The user name of the IMS user.
See also the Alicloud documentation on cloud disks.
Properties
status
- The status of the IAM user.
update_date
- The update date of the IAM user.
password_reset_required
- The password reset required of the IAM user. It accepts boolean value.
user_principal_name
- The user name of the IAM user.
mfa_bind_required
- The mfa bind required of the IAM user. It accepts boolean value.
Examples
Test that an user does not exist.
describe alicloud_ims_user("USER_PRINCIPAL_NAME") do
it { should_not exist }
end
Test that an user is MFA bind.
describe alicloud_ims_user("USER_PRINCIPAL_NAME") do
its('mfa_bind_required') { should eq true }
end
Test that an user has an ACTIVE
status.
describe alicloud_ims_user("USER_PRINCIPAL_NAME") do
its('status') { should eq 'Active' }
end
Matchers
For a full list of available matchers, see our Universal Matchers page.exist
The control will pass if the describe returns at least one result.
Use should
to test the entity should not exist.
describe alicloud_ims_user("USER_PRINCIPAL_NAME") do
it { should exist }
end
Use should_not
to test the entity should not exist.
describe alicloud_ims_user("USER_PRINCIPAL_NAME") do
it { should_not exist }
end
Alicloud Permissions
Your Principal will need the ims:GetLoginProfile
action with Effect
set to Allow
.