shortstack/create-users.yml

## create-users.yml
#############################################
# USAGE:  ansible-playbook create-users.yml #
#############################################
---

  - name: Set up Cognito test users
    hosts: localhost
    vars:
      user_pool_id:
      client_id:
    tasks:

      - name: Create accounts
        shell: |
          aws cognito-idp admin-create-user --user-pool-id {{ user_pool_id }} --username {{ item.username }} --user-attributes '[{"Name": "email","Value": "{{ item.email }}"},{"Name":"email_verified","Value":"True"}]' --temporary-password '{{ item.password }}'

          export SESSION=$(aws cognito-idp initiate-auth --client-id {{ client_id }} --auth-flow USER_PASSWORD_AUTH --auth-parameters USERNAME={{ item.username }},PASSWORD={{ item.password }}| grep Session| cut -d ":" -f 2 | sed 's@,@@g' | sed 's@"@@g' | sed 's@ @@g')

          aws cognito-idp admin-respond-to-auth-challenge --user-pool-id {{ user_pool_id }} --client-id {{ client_id }}  --challenge-responses 'NEW_PASSWORD={{ item.password }},USERNAME={{ item.username }}' --challenge-name NEW_PASSWORD_REQUIRED --session $SESSION

        with_items:
          - { "username": "testuser1", "email": "user@test.com", "password": "testpassword" }
          - { "username": "testuser2", "email": "user@test.com", "password": "testpassword" }
          - { "username": "testuser3", "email": "user@test.com", "password": "testpassword" }
          - { "username": "testuser4", "email": "user@test.com", "password": "testpassword" }
	#############################################
	# USAGE: ansible-playbook create-users.yml #
	#############################################
	---

	- name: Set up Cognito test users
	hosts: localhost
	vars:
	user_pool_id:
	client_id:
	tasks:

	- name: Create accounts
	shell: \|
	aws cognito-idp admin-create-user --user-pool-id {{ user_pool_id }} --username {{ item.username }} --user-attributes '[{"Name": "email","Value": "{{ item.email }}"},{"Name":"email_verified","Value":"True"}]' --temporary-password '{{ item.password }}'

	export SESSION=$(aws cognito-idp initiate-auth --client-id {{ client_id }} --auth-flow USER_PASSWORD_AUTH --auth-parameters USERNAME={{ item.username }},PASSWORD={{ item.password }}\| grep Session\| cut -d ":" -f 2 \| sed 's@,@@g' \| sed 's@"@@g' \| sed 's@ @@g')

	aws cognito-idp admin-respond-to-auth-challenge --user-pool-id {{ user_pool_id }} --client-id {{ client_id }} --challenge-responses 'NEW_PASSWORD={{ item.password }},USERNAME={{ item.username }}' --challenge-name NEW_PASSWORD_REQUIRED --session $SESSION

	with_items:
	- { "username": "testuser1", "email": "user@test.com", "password": "testpassword" }
	- { "username": "testuser2", "email": "user@test.com", "password": "testpassword" }
	- { "username": "testuser3", "email": "user@test.com", "password": "testpassword" }
	- { "username": "testuser4", "email": "user@test.com", "password": "testpassword" }