This is a Lightweight terraform module to deploy a base stable versión of a Cognito User Pool and a Cognito Identity Pool
| Name | Version |
|---|---|
| terraform | > 1.1.7 |
| aws | ~> 5.88.0 |
| Name | Version |
|---|---|
| aws | 4.67.0 |
No modules.
| Name | Type |
|---|---|
| aws_cognito_identity_pool.this | resource |
| aws_cognito_identity_provider.apple | resource |
| aws_cognito_identity_provider.facebook | resource |
| aws_cognito_identity_provider.google | resource |
| aws_cognito_user_pool.this | resource |
| aws_cognito_user_pool_client.this | resource |
| aws_cognito_user_pool_domain.this | resource |
| aws_route53_record.this | resource |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| access_token_validity | Validity duration for Access tokens (in minutes) | number |
60 |
no |
| allowed_oauth_flows | List of allowed OAuth flows | list(string) |
[ |
no |
| allowed_oauth_scopes | List of allowed OAuth scopes | list(string) |
[ |
no |
| apple_idp_enabled | Enable Apple IdP | bool |
false |
no |
| apple_key_id | Apple key ID | string |
null |
no |
| apple_private_key | Path to Apple private key | string |
null |
no |
| apple_service_id | Apple service ID | string |
null |
no |
| apple_team_id | Apple team ID | string |
null |
no |
| auth_flows | List of allowed authentication flows | list(string) |
[ |
no |
| auth_sms_message | Authentication SMS message | string |
"This code sends you {####}" |
no |
| auto_verified_attributes | List of attributes to be auto-verified in Cognito | list(string) |
[ |
no |
| aws_region | AWS region | string |
"us-east-1" |
no |
| callback_urls | Callback URLs | list(string) |
[ |
no |
| certificate_arn | Certificate ARN | string |
"" |
no |
| client_name | Client name | string |
"default-service-client" |
no |
| default_attribute_required | Valor por defecto para el atributo 'required' en los esquemas de Cognito. | bool |
false |
no |
| domain | Cognito domain | string |
"" |
no |
| email_recovery_name | Email recovery mechanism name | string |
"verified_email" |
no |
| email_recovery_priority | Email recovery mechanism priority | number |
1 |
no |
| email_sending_account | Email sending account | string |
"COGNITO_DEFAULT" |
no |
| email_verification_subject | Email verification subject | string |
"" |
no |
| enable_sms_sns | Boolean to enable/disable the creation of the SNS SMS policy | bool |
false |
no |
| enable_software_token_mfa | Boolean to enable/disable software token MFA configuration | bool |
false |
no |
| facebook_id | Facebook client ID | string |
null |
no |
| facebook_idp_enabled | Enable Facebook IdP | bool |
false |
no |
| facebook_secret | Facebook client secret | string |
null |
no |
| generate_secret | Whether to generate a secret for the client | bool |
false |
no |
| google_id | Google client ID | string |
null |
no |
| google_idp_enabled | Enable Google IdP | bool |
false |
no |
| google_secret | Google client secret | string |
null |
no |
| html_email_message | Custom HTML email message | string |
"" |
no |
| id_token_validity | Validity duration for ID tokens (in minutes) | number |
60 |
no |
| logout_urls | Logout URLs | list(string) |
[ |
no |
| name | Cognito pool name | string |
"" |
no |
| password_minimum_length | Password minimum length | number |
8 |
no |
| phone_number_recovery_name | Phone number recovery mechanism name | string |
"verified_phone_number" |
no |
| phone_number_recovery_priority | Phone number recovery mechanism priority | number |
2 |
no |
| post_authentication_lambda | Post authentication Lambda | string |
null |
no |
| post_confirmation_lambda | Post confirmation Lambda | string |
null |
no |
| pre_sign_up_lambda | Pre sign-up Lambda | string |
null |
no |
| pre_token_generation_lambda | Pre token generation Lambda | string |
null |
no |
| refresh_token_validity | Validity duration for Refresh tokens (in days) | number |
30 |
no |
| reply_to_email_address | Reply-to email address | string |
"" |
no |
| require_lowercase | Determines if lowercase characters are required in the password policy | bool |
false |
no |
| require_numbers | Determines if numbers are required in the password policy | bool |
false |
no |
| require_symbols | Determines if symbols are required in the password policy | bool |
false |
no |
| require_uppercase | Determines if uppercase characters are required in the password policy | bool |
false |
no |
| route53_zone_id | Route53 zone ID | string |
"" |
no |
| ses_configuration_arn | SES configuration ARN | string |
"" |
no |
| ses_from_email | From email address for SES | string |
"" |
no |
| sms_external_id | SMS external ID | string |
"" |
no |
| sms_sns_caller_arn | SNS caller ARN for Cognito SMS configuration | string |
null |
no |
| tags | Resource tags | map(string) |
{} |
no |
| user_migration_lambda | User migration Lambda | string |
null |
no |
| username_attributes | Username attributes | list(string) |
[ |
no |
| username_case_sensitive | Username case sensitive | bool |
false |
no |
| Name | Description |
|---|---|
| arn | Cognito user pool ARN |
| client_id | Cognito user pool client id |
| pool_id | Cognito Pool id |