Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How do i enable "cognito user pool" option in app client settings through terraform?

I am able to specify "Facebook" in the "supported_identity_providers" argument and it works. I tried specifying the name, id and the word "Cognito User Pool" for the supported identity providers argument and it keeps throwing validation error.

enter image description here

I want the option pointed by the arrow enabled from terraform. What value do I pass to the "supported_identity_providers" argument?

like image 500
Karthik Priyadarshan Avatar asked Jun 04 '18 14:06

Karthik Priyadarshan


People also ask

What is a Cognito user pool client?

A User Pool Client resource represents an Amazon Cognito User Pool Client that provides a way to generate authentication tokens used to authorize a user for an application. Configuring a User Pool Client then connecting it to a User Pool will generate to a User Pool client ID.


1 Answers

Short answer

resource "aws_cognito_user_pool_client" "<name>" {
  ...
  supported_identity_providers = ["COGNITO", ...]
  ...
}

Details

The AWS API for creating a user pool client can be found here and the terraform docs here.

Both are missing the default names for the standard providers (Cognito, Amazon, Google, Facebook).

I wasn't been able to find any amazon documentation on the default names of the user pool client's SupportedIdentityProviders value, only a pattern in the AWS API docs here.

When writing the terraform code I had to toggle on the values in the AWS console, then use the CLI to retrieve the values:

aws cognito-idp describe-user-pool-client --user-pool-id <pool-id> --client-id <client-id>

For cognito this gives back COGNITO the social providers are Google, Facebook, and LoginWithAmazon. If you are using OIDC/SAML it is the provider name you have configured.

like image 58
Ravenscar Avatar answered Sep 27 '22 23:09

Ravenscar