Introduction.
What is Cognito?
AWS Cognito is a service provided by Amazon Web Services (AWS) that helps developers manage user authentication and access control in their applications. It simplifies the process of adding user sign-up, sign-in, and access management features to mobile and web apps. AWS Cognito is widely used to handle user identities securely and scale effortlessly while integrating with other AWS services.
What is terraform?
Terraform is an open-source Infrastructure as Code (IaC) tool developed by HashiCorp, that lets you build, change, and version cloud and on-prem resources safely and efficiently in human-readable configuration files that you can version, reuse, and share.
Now, Create cognito using terraform script in vscode.
STEP 1: Create IAM user.
- Enter the user name.
- Select I want to create an IAM user.
- Click on next button.
STEP 2: Click on Attach policies directly.
- Select Cognito Access policies.
- Click on next.
STEP 3: Click on create user.
STEP 4: You will see that a user has been created.
- Select your user.
STEP 5: Select the create access key.
STEP 6: Select CLI.
- Click on create access key.
- You will get a access key and secret key.
- Download the .csv file.
- Click on done.
STEP 7: Go to VS Code and open your folder.
- Create variable.tf file.
- Enter the following script and save the file.
variable "access_key" {
description = "Access key to AWS console"
}
variable "secret_key" {
description = "Secret key to AWS console"
}
variable "region" {
description = "AWS region"
}
STEP 8: Create terraform.tfvars and enter your region, access key and secret key.
- Save it.
region = "us-east-1"
access_key = "<Your access key id>"
secret_key = "<Your secret key id>"
STEP 9: Create main.tf file.
- Enter the following commands and save the file.
provider "aws" {
region = var.region
access_key = var.access_key
secret_key = var.secret_key
}
resource "aws_cognito_user_pool" "my_user_pool" {
name = "my-user-pool"
# Optional configuration settings
username_attributes = ["email"] # Specify the attribute used as the username
schema {
attribute_data_type = "String"
name = "email"
required = true
}
# Define password policy
password_policy {
minimum_length = 8
require_lowercase = true
require_numbers = true
require_symbols = true
require_uppercase = true
}
# Specify email verification settings
verification_message_template {
default_email_option = "CONFIRM_WITH_CODE" # Options: CONFIRM_WITH_LINK or CONFIRM_WITH_CODE
}
}
output "user_pool_id" {
value = aws_cognito_user_pool.my_user_pool.id
}
STEP 10: Create output.tf file.
- Enter the terraform script and save the file.
output "Cognito_user_pool" {
value = "cognito_user_pool"
description = "Cognito user pool created successfully"
}
STEP 11: Go to terminal and enter the terraform init command.
STEP 12: Next, enter terraform plan.
STEP 13: Enter terraform apply.
STEP 14: Check the resources in the AWS Console.
- Navigate to the Cognito page by clicking on the Services menu at the top.
STEP 15: If you delete, use the terraform destroy command.
Conclusion.
You have successfully created a User Pool in AWS Cognito. AWS Cognito is a powerful tool for managing user authentication and access in applications, providing a blend of security, scalability, and integration with AWS services. While it may require a learning curve for complex setups, its benefits often outweigh these challenges, making it a strong candidate for companies looking to enhance their user management processes and secure their applications. It is essential for businesses to assess their specific use cases to maximize the benefits of AWS Cognito effectively.
Add a Comment