Skip to content

TechHoldingLLC/terraform-aws-cognito

BranchesTags

Repository files navigation

Requirements

Name Version
terraform >= 1.0
aws >= 5.0

Providers

Name Version
aws >= 5.0
random n/a

Modules

No modules.

Resources

Name Type
aws_cognito_identity_pool.main resource
aws_cognito_user_pool.main resource
aws_cognito_user_pool_client.main resource
aws_cognito_user_pool_domain.main resource
aws_iam_role.cognito_sns resource
aws_iam_role_policy.cognito_sns resource
random_password.external_id resource
aws_iam_policy_document.cognito_sns data source
aws_iam_policy_document.cognito_sns_trust_policy data source

Inputs

Name Description Type Default Required
access_token_validity Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used number 5 no
account_recovery Define which verified available method a user can use to recover their forgotten password 
list(object({
    name     = string
    priority = number
  }))
 [] no
allow_software_mfa_token Enable software mfa token bool false no
allow_unauthenticated_identities Whether the identity pool supports unauthenticated logins or not bool false no
allowed_oauth_flows List of allowed OAuth flows list(string) [] no
allowed_oauth_flows_user_pool_client Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools bool false no
allowed_oauth_scopes List of allowed OAuth scopes list(string) [] no
attributes_verification_before_update A list of attributes requiring verification before update list(string) [] no
auto_verified_attributes Attributes to be auto-verified list(string) [] no
callback_url List of allowed callback URLs for the identity providers list(string) [] no
email_configuration Email configuartion 
object({
    configuartion_set      = optional(string)
    email_sending_account  = optional(string)
    from_email_address     = optional(string)
    reply_to_email_address = optional(string)
    source_arn             = optional(string)
  })
 {} no
enable_token_revocation Enables or disables token revocation bool false no
explicit_auth_flows List of authentication flows list(string) [] no
id_token_validity Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used number 5 no
mfa_configuartion Multi-Factor Authentication (MFA) configuration for the User Pool string "OFF" no
minimum_length Minimum length of the password policy that you have set number 8 no
name Name of user pool any n/a yes
post_authentication Post-confirmation AWS Lambda trigger string "" no
pre_sign_up Pre-registration AWS Lambda trigger string "" no
prevent_user_existence_errors Choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool string "ENABLED" no
refresh_token_validity Time limit, between 60 minutes and 10 years, after which the refresh token is no longer valid and cannot be used number 1 no
require_lowercase Whether you have required users to use at least one lowercase letter in their password bool true no
require_numbers Whether you have required users to use at least one number in their password bool true no
require_symbols Whether you have required users to use at least one symbol in their password bool true no
require_uppercase Whether you have required users to use at least one uppercase letter in their password bool true no
schema schema attributes of a user pool list(any) [] no
sms_configuration Enable sms configuration bool false no
supported_identity_providers List of provider names for the identity providers that are supported on this client list(string) [] no
temporary_password_validity_days number of days a temporary password is valid number 7 no
token_units units in which the validity times are represented in map(any) {} no
username_attributes Whether email addresses or phone numbers can be specified as usernames when a user signs up list(string) [] no
username_configuration Whether username case sensitivity will be applied for all users in the user pool through Cognito APIs bool true no
verification_message_template verification message template 
object({
    default_email_option  = optional(string)
    email_subject         = optional(string)
    email_message         = optional(string)
    email_message_by_link = optional(string)
    email_subject_by_link = optional(string)
    sms_message           = optional(string)
  })
 {} no

Outputs

Name Description
user_pool_arn n/a
user_pool_domain n/a
user_pool_endpoint n/a
user_pool_id n/a

About

Terraform module for Cognito

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases 1

Publishing terraform module for Cognito Latest
Mar 20, 2024

Packages

No packages published

Languages