amazon-web-servicesterraformterraform-provider-awsterraform-aws-modules
How to enable Cognito "Attribute verification and user account confirmation" in terraform
This is the terraform script that I use to create Cognito user pool:
resource "aws_cognito_user_pool" "user_pool" {
name = "${var.app_name}-user-pool"
username_attributes = ["email"]
verification_message_template {
default_email_option = "CONFIRM_WITH_CODE"
email_subject = "Account Confirmation"
email_message = "Your confirmation code is {####}"
}
}
resource "aws_cognito_user_pool_client" "client" {
name = "${var.app_name}-cognito-client"
user_pool_id = aws_cognito_user_pool.user_pool.id
generate_secret = false
refresh_token_validity = 90
prevent_user_existence_errors = "ENABLED"
explicit_auth_flows = [
"ALLOW_REFRESH_TOKEN_AUTH",
"ALLOW_USER_PASSWORD_AUTH",
"ALLOW_ADMIN_USER_PASSWORD_AUTH",
"ALLOW_CUSTOM_AUTH",
"ALLOW_USER_SRP_AUTH"
]
}
resource "aws_cognito_user_pool_domain" "cognito-domain" {
domain = "${var.app_name}userpooldomain"
user_pool_id = aws_cognito_user_pool.user_pool.id
}
But then I manually added the attribute verification and user account confirmation, like in the image. What I need is to add what's in the picture to my terraform script
I was reading the documentation but I haven't logo it yet
Solution
The solution to this question it's to add email as a auto verified attributes like this :
resource "aws_cognito_user_pool" "user_pool" {
name = "${var.app_name}-user-pool"
username_attributes = ["email"]
verification_message_template {
default_email_option = "CONFIRM_WITH_CODE"
email_subject = "Account Confirmation"
email_message = "Your confirmation code is {####}"
}
# this allow the verification message on email
auto_verified_attributes = ["email"]
}
- What does "eksctl create iamserviceaccount" do under the hood on an EKS cluster?
- Reporting AWS Tools RDS or Redshift?
- Configure Selenium Nodes without a JSON file
- How to bypass expectation of S3 server 100-contiune response in Boto3 put_object method
- Deleting Perforce depot from AWS EC2 server does not free up space on EC2
- Middy is not getting a secret from Secret Manager in a NodeJS AWS Lambda
- Can I include a display name when sending email from the AWS SES Javascript v3 SDK?
- Is it possible to add fields to struct in an existing AWS Athena table?
- AWS SNS - Message missing a phone number
- How to run a one-off task on AWS ECS Fargate?
- AWS FIFO queues subscription with SNS: passing message group id
- AWS CLI to get all matching CloudFronts using the "--query" option?
- What is the best way to read a csv and text file from S3 on AWS glue without having to read it as a Dynamic daataframe?
- Why is CloudFormation saying AlreadyExists when creating a AWS::ApiGateway::Authorizer
- AWS sts assume role in one command
- GetSecretValue, get identity: get credentials: failed to refresh cached credentials
- Does PutACLAsync make a copy of an object?
- How to use AWS CodeArtifact *within* A Dockerfile in AWSCodeBuild
- AWS CodeBuild: Accessing CodeCommit repository in another account?
- AWS Java SDK SSL Certificates
- How can I use AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY to perform actions in AWS through a Jenkins pipeline?
- Syntax error when executing Invoke-DDBQuery to fetch dynamodb record using Powershell
- How can I delete a specific record from my AWS Glue table?
- Start cfn-init in Ubuntu instance with cloudformation (yaml)
- How to check ephemeral storage that is allocated to EKS node
- Permission Error Running Container in AWS CodeBuild
- retrieve list of urls from Amazon S3 bucket using R
- New volume in ec2 instance not reflecting
- How to allocate GPUs on AWS Free Tier?
- Get source repo commit hash in AWS code build step