Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cognito Setup part 1 #21

Merged
merged 1 commit into from
Aug 11, 2024
Merged

Cognito Setup part 1 #21

merged 1 commit into from
Aug 11, 2024

Conversation

jarrod-lowe
Copy link
Owner

No description provided.

Copy link

github-actions bot commented Aug 11, 2024

Terraform plan in terraform/environment/wildsea
With backend config: bucket=terraform-state-021891603679 key=primary/terraform.tfstate region=ap-southeast-2

With variables

aws_account       = (sensitive value)
aws_region        = (sensitive value)
environment       = "primary"
saml_metadata_url = (sensitive value)
state_bucket      = "terraform-state-021891603679"
Plan: 6 to add, 0 to change, 0 to destroy. Changes to Outputs.
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
+   create

Terraform will perform the following actions:

  # aws_cognito_identity_pool.cognito will be created
+   resource "aws_cognito_identity_pool" "cognito" {
+       allow_classic_flow               = false
+       allow_unauthenticated_identities = false
+       arn                              = (known after apply)
+       id                               = (known after apply)
+       identity_pool_name               = "Wildsea-primary"
+       tags_all                         = {
+           "Application" = "Wildsea-primary"
        }

+       cognito_identity_providers {
+           client_id               = (known after apply)
+           provider_name           = (known after apply)
+           server_side_token_check = true
        }
    }

  # aws_cognito_identity_pool_roles_attachment.cognito will be created
+   resource "aws_cognito_identity_pool_roles_attachment" "cognito" {
+       id               = (known after apply)
+       identity_pool_id = (known after apply)
+       roles            = {
+           "authenticated" = "TODO"
        }
    }

  # aws_cognito_identity_provider.idp will be created
+   resource "aws_cognito_identity_provider" "idp" {
+       attribute_mapping = {
+           "email"          = "email"
+           "email_verified" = "emailVerified"
+           "family_name"    = "lastname"
+           "given_name"     = "firstname"
        }
+       id                = (known after apply)
+       provider_details  = {
+           "MetadataURL" = (sensitive value)
        }
+       provider_name     = "SAML"
+       provider_type     = "SAML"
+       user_pool_id      = (known after apply)
    }

  # aws_cognito_user_pool.cognito will be created
+   resource "aws_cognito_user_pool" "cognito" {
+       arn                        = (known after apply)
+       creation_date              = (known after apply)
+       custom_domain              = (known after apply)
+       deletion_protection        = "INACTIVE"
+       domain                     = (known after apply)
+       email_verification_message = (known after apply)
+       email_verification_subject = (known after apply)
+       endpoint                   = (known after apply)
+       estimated_number_of_users  = (known after apply)
+       id                         = (known after apply)
+       last_modified_date         = (known after apply)
+       mfa_configuration          = "OFF"
+       name                       = "Wildsea-primary"
+       sms_verification_message   = (known after apply)
+       tags_all                   = {
+           "Application" = "Wildsea-primary"
        }

+       admin_create_user_config {
+           allow_admin_create_user_only = true
        }

+       password_policy (known after apply)

+       sms_configuration (known after apply)

+       verification_message_template (known after apply)
    }

  # aws_cognito_user_pool_client.cognito will be created
+   resource "aws_cognito_user_pool_client" "cognito" {
+       access_token_validity                         = (known after apply)
+       allowed_oauth_flows                           = [
+           "code",
+           "implicit",
        ]
+       allowed_oauth_flows_user_pool_client          = true
+       allowed_oauth_scopes                          = [
+           "openid",
        ]
+       auth_session_validity                         = (known after apply)
+       callback_urls                                 = [
+           "TODO",
        ]
+       client_secret                                 = (sensitive value)
+       default_redirect_uri                          = (known after apply)
+       enable_propagate_additional_user_context_data = (known after apply)
+       enable_token_revocation                       = (known after apply)
+       explicit_auth_flows                           = [
+           "ALLOW_USER_PASSWORD_AUTH",
+           "ALLOW_USER_SRP_AUTH",
+           "USER_PASSWORD_AUTH",
        ]
+       generate_secret                               = true
+       id                                            = (known after apply)
+       id_token_validity                             = (known after apply)
+       logout_urls                                   = [
+           "TODO",
        ]
+       name                                          = "Wildsea-primary"
+       prevent_user_existence_errors                 = (known after apply)
+       read_attributes                               = (known after apply)
+       refresh_token_validity                        = (known after apply)
+       supported_identity_providers                  = [
+           "SAML",
        ]
+       user_pool_id                                  = (known after apply)
+       write_attributes                              = (known after apply)
    }

  # aws_cognito_user_pool_domain.cognito will be created
+   resource "aws_cognito_user_pool_domain" "cognito" {
+       aws_account_id                  = (known after apply)
+       cloudfront_distribution         = (known after apply)
+       cloudfront_distribution_arn     = (known after apply)
+       cloudfront_distribution_zone_id = (known after apply)
+       domain                          = "Wildsea-primary"
+       id                              = (known after apply)
+       s3_bucket                       = (known after apply)
+       user_pool_id                    = (known after apply)
+       version                         = (known after apply)
    }

Plan: 6 to add, 0 to change, 0 to destroy.

Changes to Outputs:
+   identity_pool_id = (known after apply)
+   login_domain     = "Wildsea-primary.auth.ap-southeast-2.amazonaws.com"
+   user_pool_id     = (known after apply)
+   web_client_id    = (known after apply)

❌ Error applying plan in Environment Main - Apply #17

@jarrod-lowe jarrod-lowe merged commit 779d8c7 into main Aug 11, 2024
3 checks passed
@jarrod-lowe jarrod-lowe deleted the work3 branch August 11, 2024 03:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

1 participant