Aws-cdk: IAM User.fromUserName does not implement IUser functions

Created on 15 Jan 2020 · 4Comments · Source: aws/aws-cdk

When trying to create an IAM User from @aws-cdk/aws-iam with User.fromUserName the following IUser functions throw an erro.

addToGroup
attachInlinePolicy
addManagedPolicy

https://github.com/aws/aws-cdk/blob/master/packages/%40aws-cdk/aws-iam/lib/user.ts#L145-L154

Reproduction Steps

import { PolicyStatement, User } from '@aws-cdk/aws-iam';

const importedUser = User.fromUserName(this, 'ImportedUser', 'my-user');
importedUser.attachInlinePolicy(new PolicyStatement({...}));

Error Log

Cannot add inline policy to imported User

Environment

CLI Version : 1.20.0
Framework Version : 1.20.0
OS : Mac OS
Language : Typescript 3.7.0

Other

https://gitter.im/awslabs/aws-cdk?at=5dc31ea914d55a3785e7ca39 (Other people are having this problem)
https://github.com/aws/aws-cdk/pull/3738 (PR implementation of IUser)
https://github.com/aws/aws-cdk/issues/3490 (issue associated with PR)

This is :bug: Bug Report

@aws-cdaws-iam efforsmall feature-request good first issue in-progress p1

Source

seawatts

👍2

Most helpful comment

@rix0rrr , I had the exact same usecase. Do you happen to know the reason why this was on purpose?

rangoju on 31 Jan 2020

👍7

All 4 comments

More of a feature request than a bug. We didn't implement this on purpose (apparently).

Can you describe your use case?

rix0rrr on 15 Jan 2020

There was a user created manually in my aws account and now I need to add extra policies to that user.

seawatts on 15 Jan 2020

@rix0rrr , I had the exact same usecase. Do you happen to know the reason why this was on purpose?

rangoju on 31 Jan 2020

👍7

We have the exact same scenario: iam user creation is disabled, they opened up for a short time so we could manually create a build user for our service, now I want to configure that build user with CDK.