provider "aws" { region = "eu-central-1"}## Create DynamoDB table# column

1. provider "aws" {
2. region = "eu-central-1"
3. }
4.  
5. #
6. # Create DynamoDB table
7. # columns: userId, noteId
8. #
9. resource "aws_dynamodb_table" "jr-notes-1" {
10. name = "jr-notes-1"
11. read_capacity = 3
12. write_capacity = 3
13. hash_key = "userId"
14. range_key = "noteId"
15.  
16. attribute {
17. name = "userId"
18. type = "S"
19. }
20.  
21. attribute {
22. name = "noteId"
23. type = "S"
24. }
25. }
26.  
27. #
28. # Auto scaling for dynamodb
29. #
30. resource "aws_appautoscaling_target" "jr-notes-1-write" {
31. max_capacity = 3
32. min_capacity = 1
33. resource_id = "table/jr-notes-1"
34. role_arn = "arn:aws:iam::488128137096:role/aws-service-role/dynamodb.application-autoscaling.amazonaws.com/AWSServiceRoleForApplicationAutoScaling_DynamoDBTable"
35. scalable_dimension = "dynamodb:table:WriteCapacityUnits"
36. service_namespace = "dynamodb"
37.  
38. depends_on = ["aws_dynamodb_table.jr-notes-1"]
39. }
40.  
41. resource "aws_appautoscaling_target" "jr-notes-1-read" {
42. max_capacity = 3
43. min_capacity = 1
44. resource_id = "table/jr-notes-1"
45. role_arn = "arn:aws:iam::488128137096:role/aws-service-role/dynamodb.application-autoscaling.amazonaws.com/AWSServiceRoleForApplicationAutoScaling_DynamoDBTable"
46. scalable_dimension = "dynamodb:table:ReadCapacityUnits"
47. service_namespace = "dynamodb"
48.  
49. depends_on = ["aws_dynamodb_table.jr-notes-1"]
50. }
51.  
52. #
53. # Create a private S3 bucket with cors rules
54. #
55. resource "aws_s3_bucket" "jr-notes-uploads" {
56. bucket = "jr-notes-uploads"
57. acl = "private"
58.  
59. cors_rule {
60. allowed_headers = ["*"]
61. allowed_methods = ["PUT", "POST", "GET", "HEAD"]
62. allowed_origins = ["*"]
63. expose_headers = ["ETag"]
64. max_age_seconds = 3000
65. }
66. }
67.  
68. #
69. # A user pool with password policies
70. #
71. resource "aws_cognito_user_pool" "jr-notes-pool" {
72. name = "jr-notes-pool"
73. username_attributes = ["email"]
74.  
75. password_policy = {
76. minimum_length = 8
77. require_lowercase = true
78. require_numbers = true
79. require_symbols = true
80. require_uppercase = true
81. }
82. }
83.  
84. #
85. # User pool client
86. #
87. resource "aws_cognito_user_pool_client" "jr-notes-client" {
88. name = "jr-notes-client"
89.  
90. user_pool_id = "${aws_cognito_user_pool.jr-notes-pool.id}"
91.  
92. generate_secret = false
93. explicit_auth_flows = ["ADMIN_NO_SRP_AUTH"]
94. }
95.  
96. #
97. # User pool domain
98. #
99. resource "aws_cognito_user_pool_domain" "main" {
100. domain = "jr-notes-app"
101. user_pool_id = "${aws_cognito_user_pool.jr-notes-pool.id}"
102. depends_on = ["aws_cognito_user_pool.jr-notes-pool"]
103. }