Skip to content

Instantly share code, notes, and snippets.

@jrasanen

jrasanen/main.tf

Created Mar 14, 2018
Embed
What would you like to do?
provider "aws" {
region = "eu-central-1"
}
#
# Create DynamoDB table
# columns: userId, noteId
#
resource "aws_dynamodb_table" "jr-notes-1" {
name = "jr-notes-1"
read_capacity = 3
write_capacity = 3
hash_key = "userId"
range_key = "noteId"
attribute {
name = "userId"
type = "S"
}
attribute {
name = "noteId"
type = "S"
}
}
#
# Auto scaling for dynamodb
#
resource "aws_appautoscaling_target" "jr-notes-1-write" {
max_capacity = 3
min_capacity = 1
resource_id = "table/jr-notes-1"
role_arn = "arn:aws:iam::488128137096:role/aws-service-role/dynamodb.application-autoscaling.amazonaws.com/AWSServiceRoleForApplicationAutoScaling_DynamoDBTable"
scalable_dimension = "dynamodb:table:WriteCapacityUnits"
service_namespace = "dynamodb"
depends_on = ["aws_dynamodb_table.jr-notes-1"]
}
resource "aws_appautoscaling_target" "jr-notes-1-read" {
max_capacity = 3
min_capacity = 1
resource_id = "table/jr-notes-1"
role_arn = "arn:aws:iam::488128137096:role/aws-service-role/dynamodb.application-autoscaling.amazonaws.com/AWSServiceRoleForApplicationAutoScaling_DynamoDBTable"
scalable_dimension = "dynamodb:table:ReadCapacityUnits"
service_namespace = "dynamodb"
depends_on = ["aws_dynamodb_table.jr-notes-1"]
}
#
# Create a private S3 bucket with cors rules
#
resource "aws_s3_bucket" "jr-notes-uploads" {
bucket = "jr-notes-uploads"
acl = "private"
cors_rule {
allowed_headers = ["*"]
allowed_methods = ["PUT", "POST", "GET", "HEAD"]
allowed_origins = ["*"]
expose_headers = ["ETag"]
max_age_seconds = 3000
}
}
#
# A user pool with password policies
#
resource "aws_cognito_user_pool" "jr-notes-pool" {
name = "jr-notes-pool"
username_attributes = ["email"]
password_policy = {
minimum_length = 8
require_lowercase = true
require_numbers = true
require_symbols = true
require_uppercase = true
}
}
#
# User pool client
#
resource "aws_cognito_user_pool_client" "jr-notes-client" {
name = "jr-notes-client"
user_pool_id = "${aws_cognito_user_pool.jr-notes-pool.id}"
generate_secret = false
explicit_auth_flows = ["ADMIN_NO_SRP_AUTH"]
}
#
# User pool domain
#
resource "aws_cognito_user_pool_domain" "main" {
domain = "jr-notes-app"
user_pool_id = "${aws_cognito_user_pool.jr-notes-pool.id}"
depends_on = ["aws_cognito_user_pool.jr-notes-pool"]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment