Skip to content

Latest commit

 

History

History

aws-cognito

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 
 
 
 
 
 
 
 
 

AWS Cognito

This module provides AWS Cognito User Pool in which SMS & e-mail settings are configured to opinionated reasonable defaults. One can specify message templates and attributes that can be included in Cognito database. An IAM policy for managing pool is provided as an output.

Requirements

Name Version
terraform >= 1.0
aws >= 4.0, < 5.0

Providers

Name Version
aws >= 4.0, < 5.0
random n/a

Modules

No modules.

Resources

Name Type
aws_cognito_user_pool.pool resource
aws_iam_policy.user_pool resource
aws_iam_role.sms_role resource
aws_iam_role_policy.sms_cognito_policy resource
random_uuid.cognito_external_id resource
aws_iam_policy_document.sms_cognito_policy data source
aws_iam_policy_document.sms_role_assume_role data source
aws_iam_policy_document.user_pool data source

Inputs

Name Description Type Default Required
allow_admin_create_user_only Settings if only the administrator is allowed to create user profiles bool "true" no
attributes Attributes used in Cognito Pool.
list(object({
name = string
type = string
# "String" or "Number"
required = bool
mutable = bool
developer_only_attribute = bool
constraints = any
}))
[] no
default_email_option Default email verification option string "CONFIRM_WITH_CODE" no
email_invitation_message E-mail template containing user credentials sent after registration. string "Your username is {username} and temporary password is {####}." no
email_invitation_subject E-mail subject for e-mail containing user credentials sent after registration. string "Your temporary password" no
email_reply The e-mail address that is shown in Reply To field when user receives an e-mail. string n/a yes
email_source_arn ARN of a verified Amazon SES e-mail address that is shown in From field when user receives an e-mail. string n/a yes
email_verification_message E-mail template containing verification code after registration. string "Your verification code is {####}." no
email_verification_message_by_link E-mail template containing verification link sent after registration. string "Please click the link below to verify your email address. {##Verify Email##}" no
email_verification_subject E-mail subject for e-mail containing verification code sent after registration. string "Your verification code" no
email_verification_subject_by_link E-mail subject for e-mail containing verification link sent after registration. string "Your verification link" no
mfa_configuration Setting if Multi-Factor Authentication should be turned ON string "OPTIONAL" no
name Name of the Cognito User Pool and a prefix for it's subresources. string n/a yes
password_policy Object with information about password policy
object({
minimum_length = number
require_lowercase = bool
require_numbers = bool
require_symbols = bool
require_uppercase = bool
})
{
"minimum_length": 12,
"require_lowercase": true,
"require_numbers": true,
"require_symbols": true,
"require_uppercase": true
}
no
sms_authentication_message SMS template containing authentication code. Used for MFA. string "Your authentication code is {####}." no
sms_invitation_message SMS template containing user credentials sent after registration. string "Your username is {username} and temporary password is {####}." no
sms_verification_message SMS template containing verification code sent after registration. string "Your verification code is {####}." no
tags AWS resource tags that will be attached to the User Pool. map(string) {} no

Outputs

Name Description
user_pool_arn ARN of created Cognito User Pool.
user_pool_id Identifier of created Cognito User Pool.
user_pool_policy_arn IAM policy that can be applied to roles and users which will manage this User Pool.