Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- provider "aws" {
- region = "eu-central-1"
- }
- #
- # Create DynamoDB table
- # columns: userId, noteId
- #
- resource "aws_dynamodb_table" "jr-notes-1" {
- name = "jr-notes-1"
- read_capacity = 3
- write_capacity = 3
- hash_key = "userId"
- range_key = "noteId"
- attribute {
- name = "userId"
- type = "S"
- }
- attribute {
- name = "noteId"
- type = "S"
- }
- }
- #
- # Auto scaling for dynamodb
- #
- resource "aws_appautoscaling_target" "jr-notes-1-write" {
- max_capacity = 3
- min_capacity = 1
- resource_id = "table/jr-notes-1"
- role_arn = "arn:aws:iam::488128137096:role/aws-service-role/dynamodb.application-autoscaling.amazonaws.com/AWSServiceRoleForApplicationAutoScaling_DynamoDBTable"
- scalable_dimension = "dynamodb:table:WriteCapacityUnits"
- service_namespace = "dynamodb"
- depends_on = ["aws_dynamodb_table.jr-notes-1"]
- }
- resource "aws_appautoscaling_target" "jr-notes-1-read" {
- max_capacity = 3
- min_capacity = 1
- resource_id = "table/jr-notes-1"
- role_arn = "arn:aws:iam::488128137096:role/aws-service-role/dynamodb.application-autoscaling.amazonaws.com/AWSServiceRoleForApplicationAutoScaling_DynamoDBTable"
- scalable_dimension = "dynamodb:table:ReadCapacityUnits"
- service_namespace = "dynamodb"
- depends_on = ["aws_dynamodb_table.jr-notes-1"]
- }
- #
- # Create a private S3 bucket with cors rules
- #
- resource "aws_s3_bucket" "jr-notes-uploads" {
- bucket = "jr-notes-uploads"
- acl = "private"
- cors_rule {
- allowed_headers = ["*"]
- allowed_methods = ["PUT", "POST", "GET", "HEAD"]
- allowed_origins = ["*"]
- expose_headers = ["ETag"]
- max_age_seconds = 3000
- }
- }
- #
- # A user pool with password policies
- #
- resource "aws_cognito_user_pool" "jr-notes-pool" {
- name = "jr-notes-pool"
- username_attributes = ["email"]
- password_policy = {
- minimum_length = 8
- require_lowercase = true
- require_numbers = true
- require_symbols = true
- require_uppercase = true
- }
- }
- #
- # User pool client
- #
- resource "aws_cognito_user_pool_client" "jr-notes-client" {
- name = "jr-notes-client"
- user_pool_id = "${aws_cognito_user_pool.jr-notes-pool.id}"
- generate_secret = false
- explicit_auth_flows = ["ADMIN_NO_SRP_AUTH"]
- }
- #
- # User pool domain
- #
- resource "aws_cognito_user_pool_domain" "main" {
- domain = "jr-notes-app"
- user_pool_id = "${aws_cognito_user_pool.jr-notes-pool.id}"
- depends_on = ["aws_cognito_user_pool.jr-notes-pool"]
- }
Add Comment
Please, Sign In to add comment