chainctl iam identities create aws user

chainctl iam identities create aws user

chainctl iam identities create aws user NAME --aws-account-id=ACCOUNT --aws-user-name=NAME [--aws-user-id=ID] [--aws-partition=PARTITION] [--parent=PARENT] [--description=DESC] [--role=ROLE,ROLE,...] [--output=id|json|table]

Examples

  # Create an assumable identity for an IAM user
  chainctl iam identities create aws user my-aws-identity --aws-account-id=123456789012 --aws-user-name=my-user
  
  # Create an assumable identity for an IAM user. Bind it to the registry.pull role.
  chainctl iam identities create aws user my-aws-identity --aws-account-id=123456789012 --aws-user-name=my-user --role=registry.pull
  
  # Provide the unique ID of the user. This prevents the identity from being assumed if the user is deleted and then recreated with the same name.
  chainctl iam identities create aws user my-aws-identity --aws-account-id=123456789012 --aws-user-name=my-user --aws-user-id=AIDAEXAMPLEC2UL7LUB
  
  # Create an assumable identity for a user in the aws-us-gov partition
  chainctl iam identities create aws user my-aws-identity --aws-partition=aws-us-gov --aws-account-id=123456789012 --aws-user-name=my-user

Options

      --aws-account-id string   The ID of the AWS account.
      --aws-partition string    The partition in which the user is located. For instance: aws, aws-cn or aws-us-gov. (default "aws")
      --aws-user-id string      The unique ID of the IAM user.
      --aws-user-name string    The name of the IAM user.
  -d, --description string      The description of the resource.
  -h, --help                    help for user
  -n, --name string             Given name of the resource.
      --parent string           The name or id of the parent location to create this identity under.
      --role strings            A comma separated list of names or IDs of roles to bind this identity to (optional).
  -y, --yes                     Automatic yes to prompts; assume "yes" as answer to all prompts and run non-interactively.

Options inherited from parent commands

      --api string         The url of the Chainguard platform API. (default "https://console-api.enforce.dev")
      --audience string    The Chainguard token audience to request. (default "https://console-api.enforce.dev")
      --config string      A specific chainctl config file. Uses CHAINCTL_CONFIG environment variable if a file is not passed explicitly.
      --console string     The url of the Chainguard platform Console. (default "https://console.chainguard.dev")
      --force-color        Force color output even when stdout is not a TTY.
      --issuer string      The url of the Chainguard STS endpoint. (default "https://issuer.enforce.dev")
      --log-level string   Set the log level (debug, info) (default "ERROR")
  -o, --output string      Output format. One of: [csv, env, go-template, id, json, markdown, none, table, terse, tree, wide]
  -v, --v int              Set the log verbosity level.

SEE ALSO

• chainctl iam identities create aws - Create a new identity for an AWS IAM resource.