I use Terraform to automate the provision of Cognito Identity Pools in AWS. The AWS provider does not support Cognito, but I used null_resource and local-exec to invoke the AWS CLI.
I have the following resource:
resource "null_resource" "create-identitypool" {
provisioner "local-exec" {
command = "aws cognito-identity create-identity-pool
}
}
which gives the following result:
null_resource.create-identitypool (local-exec): {
null_resource.create-identitypool (local-exec): "IdentityPoolId": "eu-west-1:22549ad3-1611-......",
null_resource.create-identitypool (local-exec): "AllowUnauthenticatedIdentities": false,
null_resource.create-identitypool (local-exec): "DeveloperProviderName": "login.terraform.myapp",
null_resource.create-identitypool (local-exec): "IdentityPoolName": "terraform_identitypool"
null_resource.create-identitypool (local-exec): }
null_resource.create-identitypool: Creation complete
The next step is to add some of the roles that I have already created to the identifier pool:
resource "null_resource" "attach-policies-identitypool" {
provisioner "local-exec" {
command = "aws cognito-identity set-identity-pool-roles --identity-pool-id ${null_resource.create-identitypool.IdentityPoolId} --roles authenticated=authroleXXX,unauthenticated=unauthroleXXX"
}
}
, IdentityPoolId, ${null_resource.create-identitypool.IdentityPoolId}, . , null_resource , JSON . tirggers aws cognito-identity list-identity-pool , , delete-identity-pool, , .
? , . Terraform, , .
,