From 0451df6f34807c3eb1128b4ee4174855e441e930 Mon Sep 17 00:00:00 2001 From: kobayashi-m42 Date: Tue, 26 May 2020 23:32:44 +0900 Subject: [PATCH 1/3] :construction: #3 From d7dbf78b49438613f191b5aa703f2bbd3e8e4703 Mon Sep 17 00:00:00 2001 From: kobayashi-m42 Date: Sun, 31 May 2020 19:18:32 +0900 Subject: [PATCH 2/3] =?UTF-8?q?:sparkles:=20#3=20cognito=20user=20pool?= =?UTF-8?q?=E3=82=92=E4=BD=9C=E6=88=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- modules/aws/cognito/main.tf | 37 +++++++++++++++++++ modules/aws/cognito/variables.tf | 3 ++ .../environments/stg/13-cognito/backend.tf | 9 +++++ .../aws/environments/stg/13-cognito/main.tf | 5 +++ .../environments/stg/13-cognito/provider.tf | 4 ++ .../environments/stg/13-cognito/variables.tf | 6 +++ .../environments/stg/13-cognito/versions.tf | 7 ++++ 7 files changed, 71 insertions(+) create mode 100644 modules/aws/cognito/main.tf create mode 100644 modules/aws/cognito/variables.tf create mode 100644 providers/aws/environments/stg/13-cognito/backend.tf create mode 100644 providers/aws/environments/stg/13-cognito/main.tf create mode 100644 providers/aws/environments/stg/13-cognito/provider.tf create mode 100644 providers/aws/environments/stg/13-cognito/variables.tf create mode 100644 providers/aws/environments/stg/13-cognito/versions.tf diff --git a/modules/aws/cognito/main.tf b/modules/aws/cognito/main.tf new file mode 100644 index 0000000..24ffe92 --- /dev/null +++ b/modules/aws/cognito/main.tf @@ -0,0 +1,37 @@ +resource "aws_cognito_user_pool" "pool" { + name = var.user_pool_name + auto_verified_attributes = ["email"] + + admin_create_user_config { + allow_admin_create_user_only = false + } + + password_policy { + minimum_length = 8 + require_lowercase = true + require_numbers = true + require_symbols = true + require_uppercase = true + temporary_password_validity_days = 7 + } + + verification_message_template { + default_email_option = "CONFIRM_WITH_CODE" + email_message = "検証コードは {####} です。" + email_subject = "検証コード" + sms_message = "検証コードは {####} です。" + } + + schema { + attribute_data_type = "String" + developer_only_attribute = false + mutable = true + name = "email" + required = true + + string_attribute_constraints { + min_length = 0 + max_length = 2048 + } + } +} diff --git a/modules/aws/cognito/variables.tf b/modules/aws/cognito/variables.tf new file mode 100644 index 0000000..4c8f8cb --- /dev/null +++ b/modules/aws/cognito/variables.tf @@ -0,0 +1,3 @@ +variable "user_pool_name" { + type = string +} diff --git a/providers/aws/environments/stg/13-cognito/backend.tf b/providers/aws/environments/stg/13-cognito/backend.tf new file mode 100644 index 0000000..2769571 --- /dev/null +++ b/providers/aws/environments/stg/13-cognito/backend.tf @@ -0,0 +1,9 @@ +terraform { + backend "s3" { + bucket = "stg-kimono-app-tfstate" + key = "cognito/terraform.tfstate" + region = "ap-northeast-1" + profile = "kimono-app-stg" + } +} + diff --git a/providers/aws/environments/stg/13-cognito/main.tf b/providers/aws/environments/stg/13-cognito/main.tf new file mode 100644 index 0000000..3c64f5c --- /dev/null +++ b/providers/aws/environments/stg/13-cognito/main.tf @@ -0,0 +1,5 @@ +module "api" { + source = "../../../../../modules/aws/cognito" + + user_pool_name = local.user_pool_name +} diff --git a/providers/aws/environments/stg/13-cognito/provider.tf b/providers/aws/environments/stg/13-cognito/provider.tf new file mode 100644 index 0000000..e259d75 --- /dev/null +++ b/providers/aws/environments/stg/13-cognito/provider.tf @@ -0,0 +1,4 @@ +provider "aws" { + region = "ap-northeast-1" + profile = "kimono-app-stg" +} diff --git a/providers/aws/environments/stg/13-cognito/variables.tf b/providers/aws/environments/stg/13-cognito/variables.tf new file mode 100644 index 0000000..4feabe1 --- /dev/null +++ b/providers/aws/environments/stg/13-cognito/variables.tf @@ -0,0 +1,6 @@ +locals { + name = "kimono-app" + env = "stg" + + user_pool_name = "${local.env}-${local.name}" +} diff --git a/providers/aws/environments/stg/13-cognito/versions.tf b/providers/aws/environments/stg/13-cognito/versions.tf new file mode 100644 index 0000000..f8fc5eb --- /dev/null +++ b/providers/aws/environments/stg/13-cognito/versions.tf @@ -0,0 +1,7 @@ +terraform { + required_version = "0.12.24" + + required_providers { + aws = "2.57.0" + } +} From 953d09e91cd71627693b867551ea4e6d7d6b2d25 Mon Sep 17 00:00:00 2001 From: kobayashi-m42 Date: Tue, 2 Jun 2020 00:59:08 +0900 Subject: [PATCH 3/3] =?UTF-8?q?:sparkles:=20#3=20=E3=82=A2=E3=83=97?= =?UTF-8?q?=E3=83=AA=E3=82=AF=E3=83=A9=E3=82=A4=E3=82=A2=E3=83=B3=E3=83=88?= =?UTF-8?q?=E3=82=92=E8=BF=BD=E5=8A=A0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- modules/aws/cognito/main.tf | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/modules/aws/cognito/main.tf b/modules/aws/cognito/main.tf index 24ffe92..23708a8 100644 --- a/modules/aws/cognito/main.tf +++ b/modules/aws/cognito/main.tf @@ -35,3 +35,12 @@ resource "aws_cognito_user_pool" "pool" { } } } + +resource "aws_cognito_user_pool_client" "client" { + name = var.user_pool_name + user_pool_id = aws_cognito_user_pool.pool.id + generate_secret = false + prevent_user_existence_errors = "ENABLED" + refresh_token_validity = 30 + explicit_auth_flows = ["ALLOW_ADMIN_USER_PASSWORD_AUTH", "ALLOW_REFRESH_TOKEN_AUTH"] +}