Skip to content

Resource: awsIamVirtualMfaDevice

Provides an IAM Virtual MFA Device.

\~> Note: All attributes will be stored in the raw state as plain-text. Read more about sensitive data in state.

Example Usage

Using certs on file:

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.iamVirtualMfaDevice.IamVirtualMfaDevice(this, "example", {
  virtualMfaDeviceName: "example",
});

Argument Reference

The following arguments are supported:

  • virtualMfaDeviceName - (Required) The name of the virtual MFA device. Use with path to uniquely identify a virtual MFA device.
  • path – (Optional) The path for the virtual MFA device.
  • tags - (Optional) Map of resource tags for the virtual mfa device. If configured with a provider defaultTags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • arn - The Amazon Resource Name (ARN) specifying the virtual mfa device.
  • base32StringSeed - The base32 seed defined as specified in RFC3548. The base32StringSeed is base64-encoded.
  • qrCodePng - A QR code PNG image that encodes otpauth://totp/$virtualMfaDeviceName@$accountName?secret=$base32String where $virtualMfaDeviceName is one of the create call arguments. AccountName is the user name if set (otherwise, the account ID otherwise), and Base32String is the seed in base32 format.
  • tagsAll - A map of tags assigned to the resource, including those inherited from the provider defaultTags configuration block.

Import

IAM Virtual MFA Devices can be imported using the arn, e.g.,

$ terraform import aws_iam_virtual_mfa_device.example arn:aws:iam::123456789012:mfa/example