From 45e00490f7b1cb05adcdc5df49bac01e2a7a3045 Mon Sep 17 00:00:00 2001
From: James Nugent <james@jen20.com>
Date: Tue, 25 Oct 2016 12:08:14 -0500
Subject: [PATCH] provider/aws: Docs for aws_iam_user_login_profile

---
 .../r/iam_user_login_profile.html.markdown    | 59 +++++++++++++++++++
 website/source/layouts/aws.erb                |  4 ++
 2 files changed, 63 insertions(+)
 create mode 100644 website/source/docs/providers/aws/r/iam_user_login_profile.html.markdown

diff --git a/website/source/docs/providers/aws/r/iam_user_login_profile.html.markdown b/website/source/docs/providers/aws/r/iam_user_login_profile.html.markdown
new file mode 100644
index 0000000000..8eda76f867
--- /dev/null
+++ b/website/source/docs/providers/aws/r/iam_user_login_profile.html.markdown
@@ -0,0 +1,59 @@
+---
+layout: "aws"
+page_title: "AWS: aws_iam_user_login_profile"
+sidebar_current: "docs-aws-resource-iam-user-login-profile"
+description: |-
+  Provides an IAM user login profile and encrypts the password.
+---
+
+# aws\_iam\_user\_login\_profile
+
+Provides one-time creation of a IAM user login profile, and uses PGP to
+encrypt the password for safe transport to the user. PGP keys can be
+obtained from Keybase.
+
+## Example Usage
+
+```
+resource "aws_iam_user" "u" {
+        name = "auser"
+        path = "/"
+        force_destroy = true
+}
+
+resource "aws_iam_user_login_profile" "u" {
+        user = "${aws_iam_user.u.name}"
+        pgp_key = "keybase:some_person_that_exists"
+}
+
+output "password" {
+        value = "${aws_iam_user_login_profile.u.encrypted_password}"
+}
+```
+
+## Argument Reference
+
+The following arguments are supported:
+
+* `user` - (Required) The IAM user's name.
+* `pgp_key` - (Required) Either a base-64 encoded PGP public key, or a
+  keybase username in the form `keybase:username`.
+* `password_reset_required` - (Optional, default "true") Whether the
+  user should be forced to reset the generated password on first login.
+* `password_length` - (Optional, default 20) The length of the generated
+  password.
+
+## Attributes Reference
+
+The following attributes are exported:
+
+* `key_fingerprint` - The fingerprint of the PGP key used to encrypt
+  the password
+* `encrypted_password` - The encrypted password, base64 encoded.
+
+~> **NOTE:** The encrypted password may be decrypted using the command line,
+   for example: `terraform output password | base64 --decode | keybase pgp decrypt`. 
+
+## Import
+
+IAM Login Profiles may not be imported.
diff --git a/website/source/layouts/aws.erb b/website/source/layouts/aws.erb
index d603d6f252..ede9d0526c 100644
--- a/website/source/layouts/aws.erb
+++ b/website/source/layouts/aws.erb
@@ -582,6 +582,10 @@
                             <a href="/docs/providers/aws/r/iam_user.html">aws_iam_user</a>
                         </li>
 
+                        <li<%= sidebar_current("docs-aws-resource-iam-user-login-profile") %>>
+                          <a href="/docs/providers/aws/r/iam_user_login_profile.html">aws_iam_user_login_profile</a>
+                        </li>
+
                         <li<%= sidebar_current("docs-aws-resource-iam-user-policy") %>>
                             <a href="/docs/providers/aws/r/iam_user_policy.html">aws_iam_user_policy</a>
                         </li>