powerscale_user (Resource)

This resource is used to manage the User entity of PowerScale Array. We can Create, Update and Delete the User using this resource. We can also import an existing User from PowerScale array. PowerScale User allows you to authenticate through a local authentication provider. Remote users are restricted to read-only operations.

Example Usage

/*
Copyright (c) 2023-2024 Dell Inc., or its subsidiaries. All Rights Reserved.

Licensed under the Mozilla Public License Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://mozilla.org/MPL/2.0/


Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

# Available actions: Create, Update, Delete and Import.
# After `terraform apply` of this example file it will create a new user with the name set in `name` attribute on the PowerScale.

# PowerScale User allows you to authenticate through a local authentication provider. Remote users are restricted to read-only operations.
resource "powerscale_user" "testUser" {
  # Required name for creating
  name = "testUserResourceSample"

  # Optional query_force. If true, skip validation checks when creating user. The force option is required for user ID changes.
  # query_force = false

  # Optional query_zone, will return user according to zone. Specifies the zone that the user will belong to when creating. Once user is created, its zone cannot be changed.
  # query_zone = "testZone"

  # Optional query_provider, will return user according to provider. Specifies the provider that the user will belong to when creating. Once user is created, its provider cannot be changed.
  # query_provider = "testProvider"

  # Optional parameters when creating
  # sid = "SID:XXXX"

  # Optional parameters when creating and updating. 
  # uid      = 11000
  # password = "testPassword"
  # roles    = ["SystemAdmin"]
  # enabled = false
  # unlock = false
  # email = "testTerraform@dell.com"
  # home_directory = "/ifs/home/testUserResourceSample"
  # password_expires = true
  # primary_group = "testPrimaryGroup"
  # prompt_password_change = false
  # shell = "/bin/zsh"
  # expiry = 123456
  # gecos = "testFullName"
}

# After the execution of above resource block, user would have been created on the PowerScale array. 
# For more information, Please check the terraform state file.

Schema

Required

name (String) Specifies a user name.

Optional

domain (String) Specifies the domain that the object is part of.
email (String) Specifies an email address. (Update Supported)
enabled (Boolean) If true, the authenticated user is enabled. (Update Supported)
expiry (Number) Specifies the Unix Epoch time at which the authenticated user will expire. (Update Supported)
gecos (String) Specifies the GECOS value, which is usually the full name. (Update Supported)
home_directory (String) Specifies a home directory for the user. (Update Supported)
password (String, Sensitive) Sets or Changes the password for the user. (Update Supported)
password_expires (Boolean) If true, the password is allowed to expire. (Update Supported)
primary_group (String) Specifies the name of the primary group. (Update Supported)
prompt_password_change (Boolean) If true, Prompts the user to change their password at the next login. (Update Supported)
query_force (Boolean) If true, skip validation checks when creating user. Need to be true, when changing user UID.
query_provider (String) Specifies the provider type.
query_zone (String) Specifies the zone that the object belongs to.
roles (List of String) List of roles, the user is assigned. (Update Supported)
shell (String) Specifies a path to the shell for the user. (Update Supported)
sid (String) Specifies a security identifier.
uid (Number) Specifies a numeric user identifier. (Update Supported)
unlock (Boolean) If true, the user account should be unlocked. (Update Supported)

Read-Only

dn (String) Specifies a principal name for the user.
dns_domain (String) Specifies the DNS domain.
expired (Boolean) If true, the authenticated user has expired.
generated_gid (Boolean) If true, the GID was generated.
generated_uid (Boolean) If true, the UID was generated.
generated_upn (Boolean) If true, the UPN was generated.
gid (Object) Specifies a group identifier. (see below for nested schema)
id (String) Specifies the user ID.
locked (Boolean) If true, indicates that the account is locked.
max_password_age (Number) Specifies the maximum time in seconds allowed before the password expires.
password_expired (Boolean) If true, the password has expired.
password_expiry (Number) Specifies the time in Unix Epoch seconds that the password will expire.
password_last_set (Number) Specifies the last time the password was set.
primary_group_sid (Object) Specifies the persona of the primary group. (see below for nested schema)
provider_name (String) Specifies the authentication provider that the object belongs to.
sam_account_name (String) Specifies a user name.
type (String) Specifies the object type.
upn (String) Specifies a principal name for the user.
user_can_change_password (Boolean) Specifies whether the password for the user can be changed.

Nested Schema for `gid`

Read-Only:

id (String)
name (String)
type (String)

Nested Schema for `primary_group_sid`