Merge pull request #1 from sahil21/develop

Add password policy and lambda config for Cognito user pool

main.tf

@@ -8,5 +8,31 @@ module "label" {
 }
 
 resource "aws_cognito_user_pool" "pool" {
-  name = "${module.label.id}"
+  name                       = "${module.label.id}"
+  email_verification_subject = "${var.email_verification_subject}"
+  email_verification_message = "${var.email_verification_message}"
+
+  password_policy {
+    minimum_length    = "${lookup(var.password_policy, "minimum_length")}"
+    require_lowercase = "${lookup(var.password_policy, "require_lowercase")}"
+    require_numbers   = "${lookup(var.password_policy, "require_numbers")}"
+    require_symbols   = "${lookup(var.password_policy, "require_symbols")}"
+    require_uppercase = "${lookup(var.password_policy, "require_uppercase")}"
+  }
+
+  lambda_config {
+    create_auth_challenge          = "${lookup(var.lambda_config, "create_auth_challenge")}"
+    custom_message                 = "${lookup(var.lambda_config, "custom_message")}"
+    define_auth_challenge          = "${lookup(var.lambda_config, "define_auth_challenge")}"
+    post_authentication            = "${lookup(var.lambda_config, "post_authentication")}"
+    post_confirmation              = "${lookup(var.lambda_config, "post_confirmation")}"
+    pre_authentication             = "${lookup(var.lambda_config, "pre_authentication")}"
+    pre_sign_up                    = "${lookup(var.lambda_config, "pre_sign_up")}"
+    pre_token_generation           = "${lookup(var.lambda_config, "pre_token_generation")}"
+    user_migration                 = "${lookup(var.lambda_config, "user_migration")}"
+    verify_auth_challenge_response = "${lookup(var.lambda_config, "verify_auth_challenge_response")}"
+  }
+
+  tags = "${var.tags}"
+
 }

variables.tf

@@ -1,6 +1,6 @@
 variable "namespace" {
   type        = "string"
-  description = "Namespace, which could be your organization name/project, e.g. 'mithoo' or 'intomix'"
+  description = "Namespace, which could be your organization name/project"
 }
 
 variable "stage" {
@@ -9,12 +9,51 @@ variable "stage" {
 }
 
 variable "name" {
-  default     = "app"
-  description = "Solution name, e.g. 'polly-pool'"
+  default     = "pool"
+  description = "Solution name, e.g. 'pool'"
 }
 
 variable "tags" {
   type        = "map"
   default     = {}
   description = "Additional tags (e.g. `map('BusinessUnit`,`XYZ`)"
 }
+
+variable "email_verification_subject" {
+  default     = "Verification Code"
+  description = "Subject of verification E-mail"
+}
+
+variable "email_verification_message" {
+  default     = "Please use the following code {####}"
+  description = "Message of verification E-mail"
+}
+
+variable "password_policy" {
+  type    = "map"
+  default = {
+    "minimum_length" = 8
+    "require_lowercase" = false
+    "require_numbers" = true
+    "require_symbols" =false
+    "require_uppercase" =true
+  }
+  description = "Password Policy for Cognito User Pool"
+}
+
+variable "lambda_config" {
+  type = "map"
+  default = {
+    "create_auth_challenge" = ""
+    "custom_message" = ""
+    "define_auth_challenge" = ""
+    "post_authentication" = ""
+    "post_confirmation" = ""
+    "pre_authentication" = ""
+    "pre_sign_up" = ""
+    "pre_token_generation" = ""
+    "user_migration" = ""
+    "verify_auth_challenge_response" = ""
+  }
+  description = "A container for the AWS Lambda triggers associated with the user pool"  
+}