social-network
social-network/cognito.tf
1
resource "aws_cognito_user_pool" "pool" {
2
  name = "social-network-${random_id.id.hex}"
3
  admin_create_user_config {
4
    allow_admin_create_user_only = true
5
  }
6
  account_recovery_setting {
7
    recovery_mechanism {
8
      name     = "verified_email"
9
      priority = 1
10
    }
11
  }
12
}
13
14
resource "aws_cognito_user_pool_client" "client" {
15
  name         = "client"
16
  user_pool_id = aws_cognito_user_pool.pool.id
17
18
  allowed_oauth_flows                  = ["code"]
19
  callback_urls                        = ["https://${aws_cloudfront_distribution.distribution.domain_name}"]
20
  logout_urls                          = ["https://${aws_cloudfront_distribution.distribution.domain_name}"]
21
  allowed_oauth_scopes                 = ["openid"]
22
  allowed_oauth_flows_user_pool_client = true
23
  supported_identity_providers         = ["COGNITO"]
24
}
25
26
resource "aws_cognito_user_pool_domain" "domain" {
27
  domain       = "social-network-${random_id.id.hex}"
28
  user_pool_id = aws_cognito_user_pool.pool.id
29
}
30
31