This note is an extension of my previous note on creating an Amazon Managed Grafana workspace with one more resource added to the configuration. In my earlier note, there was a pre-requisite manual step to create the IAM Identity Center user before creating the Amazon Managed Grafana workspace. At that time, the AWS Terraform provider version 4.29.0 did not support that specific resource type. As of January 2024, the AWS Terraform provider version 5.32.0 supports that resource. In this note, I cover only that change. Please refer to the previous note for the rest of the configuration (to create the Amazon Managed Grafana workspace). Here is the link to my GitHub repository with the Terraform code: aws_managed_grafana_workspace_dashboard/amg_workspace.

As mentioned in my previous note, you must enable “IAM Identity Center” in your AWS account, where I have the details. The below Terraform code creates an aws_identitystore_user resource. 89-image-2 Once the resource is created, the user_id property can be populated in the aws_grafana_role_association resource using the code below. 89-image-3 Previously, when the Identity store user was manually created, the user_id value was passed into the Terraform configuration. But now, with the AWS resource being supported by the AWS provider, there is no need to pass the absolute value.

After Terraform provisioned all the resources, I logged into my AWS console and found the message below. 89-image-4 I sent the email verification link and configured a password for the user. Then, using the same username and password, I logged into the Amazon Managed Grafana workspace.

If you used my Terraform configuration to provision the Amazon Managed Grafana workspace previously, try to add the above aws_identitystore_user resource. That will prevent you from manually keeping track of user management. Using the allowed roles in the link managed-grafana-role you can also manage users and their permissions using Terraform.

And that brings us to the end of this note. Please see how easy user management with Amazon Managed Grafana workspace has become with the latest resource support.