Created
July 26, 2017 14:10
-
-
Save sethetter/8e52aec6cb5ff63c17d13e2308ddb754 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env node | |
const path = require('path') | |
const fs = require('fs') | |
const yaml = require('js-yaml') | |
const _ = require('lodash') | |
const AWS = require('aws-sdk') | |
const program = require('commander') | |
const configFile = path.join(__dirname, '../config.yml') | |
const config = yaml.safeLoad(fs.readFileSync(configFile)) | |
program | |
.option('-s, --stage [stage]', `Specify stage to create user pool for [localhost]`, 'localhost') | |
.parse(process.argv) | |
/** | |
* Validate our input. | |
*/ | |
if (!_.has(config, program.stage)) throw new Error('Must provide a stage configured in config.yml') | |
/** | |
* Load AWS credentials from configured profile for this stage. | |
*/ | |
AWS.config.credentials = new AWS.SharedIniFileCredentials({ | |
profile: config[program.stage].profile | |
}) | |
AWS.config.update({ region: config[program.stage].region }) | |
/** | |
* Create the Cognito user pool. | |
*/ | |
const cognito = new AWS.CognitoIdentityServiceProvider() | |
const iam = new AWS.IAM() | |
const adminUserPoolParams = { | |
PoolName: `articleone-${program.stage}-ArticleOneAdminUserPool`, | |
Policies: { | |
PasswordPolicy: { | |
MinimumLength: 8, | |
RequireUppercase: true, | |
RequireLowercase: true, | |
RequireNumbers: true, | |
RequireSymbols: true | |
} | |
}, | |
AdminCreateUserConfig: { | |
AllowAdminCreateUserOnly: true | |
}, | |
DeviceConfiguration: { | |
ChallengeRequiredOnNewDevice: true, | |
DeviceOnlyRememberedOnUserPrompt: true | |
}, | |
AliasAttributes: ['email'], | |
Schema: [ | |
{ | |
Name: 'email', | |
Required: true | |
}, | |
{ | |
Name: 'officeId', | |
AttributeDataType: 'String', | |
Mutable: true, | |
StringAttributeConstraints: { | |
MinLength: '5', | |
MaxLength: '5' | |
} | |
} | |
] | |
} | |
const getPoolsWithMatchingName = (poolParams) => new Promise((resolve, reject) => { | |
cognito.listUserPools({ MaxResults: 60 }, (err, listPoolsData) => { | |
if (err) return reject(err) | |
return resolve(listPoolsData.UserPools.filter(p => p.Name === poolParams.PoolName)) | |
}) | |
}) | |
const createUserPool = (poolParams) => new Promise((resolve, reject) => { | |
cognito.createUserPool(adminUserPoolParams, (err, poolData) => { | |
return err ? reject(err) : resolve(poolData) | |
}) | |
}) | |
const getArnFromPoolData = (poolData) => new Promise((resolve, reject) => { | |
const poolId = _.get(poolData, 'UserPool.Id') || _.get(poolData, 'Id') | |
iam.getUser({}, (err, iamData) => { | |
if (err) return console.error(err, err.stack) | |
const id = iamData.User.Arn.split(':')[4] | |
const poolArn = `arn:aws:cognito-idp:${AWS.config.region}:${id}:userpool/${poolId}` | |
return resolve(poolArn) | |
}) | |
}) | |
const showArn = (poolArn) => new Promise((resolve, reject) => { | |
console.log(`User Pool ARN is -- ${poolArn}`) | |
console.log(`Set this value for '${program.stage}.cognito.admin_user_pool_arn' in your config file!`) | |
}) | |
getPoolsWithMatchingName(adminUserPoolParams) | |
.then(poolsWithMatchingName => { | |
// We need to allow multiple localhost stages so all devs can have their own | |
if (program.stage !== 'localhost' && poolsWithMatchingName.length > 0) { | |
return getArnFromPoolData(poolsWithMatchingName[0]) | |
} | |
return createUserPool(adminUserPoolParams).then(getArnFromPoolData) | |
}) | |
.then(showArn) | |
.catch(err => { | |
console.error(err, err.stack) | |
return process.exit(1) | |
}) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment