I'd like to add a Cognito User Pool and Identity Pool using Terraform. The current error I have is that the Identity Pool provider's name is incorrect. What's the proper name for a Cognito User Pool in an Identity Pool?
I've use both the name of the User Pool and the name of the resource. What should I use?
# Cognito.tf
resource "aws_ses_domain_identity" "identity" {
domain = "mydomain.com"
}
data "aws_route53_zone" "blog" {
name = "mydomain.com"
}
# Cognito
resource "aws_cognito_user_pool" "main" {
name = "${var.user_pool_name}-${var.stage}"
# ATTRIBUTES
alias_attributes = ["email", "preferred_username"]
# Require each user to supply a name
schema {
attribute_data_type = "String"
mutable = true
name = "name"
required = true
}
# Require each user to supply an email
schema {
attribute_data_type = "String"
mutable = true
name = "email"
required = true
}
# POLICY
password_policy {
minimum_length = "8"
require_lowercase = true
require_numbers = true
require_symbols = true
require_uppercase = true
}
# MFA & VERIFICATIONS
mfa_configuration = "OFF"
# MESSAGE CUSTOMIZATIONS
verification_message_template {
default_email_option = "CONFIRM_WITH_LINK"
email_message_by_link = "Your life will be dramatically improved by signing up! {##Click Here##}"
email_subject_by_link = "Welcome to to a new world and life!"
}
email_configuration {
reply_to_email_address = "[email protected]"
}
# TAGS
tags = {
project = "No Meat May"
}
# DEVICES
device_configuration {
challenge_required_on_new_device = true
device_only_remembered_on_user_prompt = true
}
}
resource "aws_cognito_user_pool_client" "client" {
name = "client"
user_pool_id = aws_cognito_user_pool.main.id
generate_secret = true
explicit_auth_flows = ["ADMIN_NO_SRP_AUTH"]
}
resource "aws_cognito_identity_pool" "main" {
identity_pool_name = "${var.identity_pool_name}-${var.stage}"
allow_unauthenticated_identities = false
cognito_identity_providers {
client_id = aws_cognito_user_pool_client.client.id
provider_name = "${var.user_pool_name}-${var.stage}" # <= What's this?
server_side_token_check = true
}
}