问Terraform Cognito身份池
EN

Stack Overflow用户

提问于 2021-02-04 03:11:38

回答 1查看 193关注 0票数 1

我想使用Terraform添加一个Cognito用户池和身份池。我当前的错误是身份池提供程序的名称不正确。身份池中Cognito用户池的正确名称是什么？

我同时使用了用户池的名称和资源的名称。我应该使用什么？

# Cognito.tf
resource "aws_ses_domain_identity" "identity" {
  domain = "mydomain.com"
}
data "aws_route53_zone" "blog" {
  name         = "mydomain.com"
}


# Cognito
resource "aws_cognito_user_pool" "main" {
  name = "${var.user_pool_name}-${var.stage}"

  # ATTRIBUTES
  alias_attributes = ["email", "preferred_username"]

  # Require each user to supply a name
  schema {
    attribute_data_type = "String"
    mutable             = true
    name                = "name"
    required            = true
  }

  # Require each user to supply an email
  schema {
    attribute_data_type = "String"
    mutable             = true
    name                = "email"
    required            = true
  }

  # POLICY
  password_policy {
    minimum_length    = "8"
    require_lowercase = true
    require_numbers   = true
    require_symbols   = true
    require_uppercase = true
  }

  # MFA & VERIFICATIONS
  mfa_configuration        = "OFF"

  # MESSAGE CUSTOMIZATIONS
  verification_message_template {
    default_email_option  = "CONFIRM_WITH_LINK"
    email_message_by_link = "Your life will be dramatically improved by signing up! {##Click Here##}"
    email_subject_by_link = "Welcome to to a new world and life!"
  }
  email_configuration {
    reply_to_email_address = "a-email-for-people-to@reply.to"
  }

  # TAGS
  tags = {
    project = "No Meat May"
  }

  # DEVICES
  device_configuration {
    challenge_required_on_new_device      = true
    device_only_remembered_on_user_prompt = true
  }
}

 resource "aws_cognito_user_pool_client" "client" {
    name = "client"
    user_pool_id = aws_cognito_user_pool.main.id
    generate_secret = true
    explicit_auth_flows = ["ADMIN_NO_SRP_AUTH"]
 }

resource "aws_cognito_identity_pool" "main" {
  identity_pool_name               = "${var.identity_pool_name}-${var.stage}"
  allow_unauthenticated_identities = false

  cognito_identity_providers {
    client_id               = aws_cognito_user_pool_client.client.id
    provider_name           = "${var.user_pool_name}-${var.stage}" # <= What's this?
    server_side_token_check = true
  }
 }

terraform

amazon-cognito

aws-userpools

回答 1

Stack Overflow用户

发布于 2021-02-04 03:15:27

我可以通过使用用户池的端点来解决这个问题：

...
resource "aws_cognito_identity_pool" "main" {
  identity_pool_name               = "${var.identity_pool_name}-${var.stage}"
  allow_unauthenticated_identities = false

  cognito_identity_providers {
    client_id               = aws_cognito_user_pool_client.client.id
    provider_name           = aws_cognito_user_pool.main.endpoint
    server_side_token_check = true
  }
 }

票数 1

页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持

原文链接：

https://stackoverflow.com/questions/66034188

复制

相似问题

问Terraform Cognito身份池
EN

回答 1

Stack Overflow用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问Terraform Cognito身份池EN

回答 1

Stack Overflow用户

社区

活动

圈层

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问Terraform Cognito身份池
EN