{"id":19056896,"url":"https://github.com/provectus/sak-cognito","last_synced_at":"2026-05-11T18:30:18.787Z","repository":{"id":46681997,"uuid":"331709915","full_name":"provectus/sak-cognito","owner":"provectus","description":"Cognito module for SAK project","archived":false,"fork":false,"pushed_at":"2023-02-16T14:40:32.000Z","size":14,"stargazers_count":1,"open_issues_count":0,"forks_count":1,"subscribers_count":90,"default_branch":"master","last_synced_at":"2025-01-02T11:44:13.156Z","etag":null,"topics":["aws","cognito","devops","open-source","security","swiss-army-kube"],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/provectus.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-01-21T17:57:50.000Z","updated_at":"2021-09-30T10:49:22.000Z","dependencies_parsed_at":"2023-02-17T13:30:44.456Z","dependency_job_id":null,"html_url":"https://github.com/provectus/sak-cognito","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/provectus%2Fsak-cognito","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/provectus%2Fsak-cognito/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/provectus%2Fsak-cognito/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/provectus%2Fsak-cognito/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/provectus","download_url":"https://codeload.github.com/provectus/sak-cognito/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":240113116,"owners_count":19749736,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","cognito","devops","open-source","security","swiss-army-kube"],"created_at":"2024-11-08T23:52:19.957Z","updated_at":"2026-05-11T18:30:18.717Z","avatar_url":"https://github.com/provectus.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Cognito\nThe module creates base resources such as a user pool, Route53 record for a domain, and ACM certificates for it.\n\n## Example\nThis example demonstrates how you can create an AWS Cognito client for your application.\n``` hcl\nmodule \"cognito\" {\n source = \"github.com/provectus/sak-cognito.git\"\n cluster_name = module.eks.cluster_id\n domain = \"example.com\"\n zone_id = \"FOOBAR123456\"\n}\n\nresource aws_cognito_user_pool_client this {\n name = \"foo\"\n user_pool_id = module.cognito.pool_id\n callback_urls = [\"https://foo.example.com/oauth2/idpresponse\"]\n allowed_oauth_flows_user_pool_client = true\n allowed_oauth_scopes = [\"email\", \"openid\", \"profile\", \"aws.cognito.signin.user.admin\"]\n allowed_oauth_flows = [\"code\"]\n supported_identity_providers = [\"COGNITO\"]\n generate_secret = true\n}\n```\n\n## Requirements\n\n```\nterraform \u003e= 1.1\n ```\n\n## Providers\n| Name | Version |\n|------|---------|\n| aws | \u003e= 3.0 |\n| random | \u003e= 3.1.0 |\n\n## Inputs\n| Name | Description | Type | Default | Required |\n|------|-------------|------|---------|:-----:|\n| cluster\\_name | A name of the cluster | `string` | n/a | yes |\n| domain | n/a | `string` | n/a | yes |\n| tags | A set of tags | `map(string)` | `{}` | no |\n| zone\\_id | n/a | `string` | n/a | yes |\n\n## Outputs\n| Name | Description |\n|------|-------------|\n| domain | A custom domain name of the AWS Cognito endpoint |\n| pool\\_arn | An ARN of the new created AWS Cognito User Pool |\n| pool\\_id | An ID of the new created AWS Cognito User Pool |\n\n\n## Known issues\nRight now Terraform provider for AWS did not support the creation of users for User Pool, so if you want to start managing users by Terraform need to use the following configuration with `local-exec` provisioner:\n``` hcl\nresource aws_cognito_user_group this {\n for_each = toset(distinct(values(\n {\n for k, v in var.cognito_users :\n k =\u003e lookup(v, \"group\", \"read-only\")\n }\n )))\n name = each.value\n user_pool_id = module.cognito.pool_id\n}\n\nresource null_resource cognito_users {\n depends_on = [aws_cognito_user_group.this]\n for_each = {\n for k, v in var.cognito_users :\n v.username =\u003e v\n }\n provisioner local-exec {\n command = \"aws --region ${var.aws_region} cognito-idp admin-create-user --user-pool-id ${module.cognito.pool_id} --username ${each.key} --user-attributes Name=email,Value=${each.value.email}\"\n }\n provisioner local-exec {\n command = \"aws --region ${var.aws_region} cognito-idp admin-add-user-to-group --user-pool-id ${module.cognito.pool_id} --username ${each.key} --group-name ${lookup(each.value, \"group\", \"read-only\")}\"\n }\n provisioner local-exec {\n when = \"destroy\"\n command = \"aws --region ${var.aws_region} cognito-idp admin-delete-user --user-pool-id ${module.cognito.pool_id} --username ${each.key}\"\n }\n}\n\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprovectus%2Fsak-cognito","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fprovectus%2Fsak-cognito","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprovectus%2Fsak-cognito/lists"}