diff --git a/.github/workflows/readme.yml b/.github/workflows/readme.yml index 1eb0243..6cee65d 100644 --- a/.github/workflows/readme.yml +++ b/.github/workflows/readme.yml @@ -3,51 +3,12 @@ on: push: branches: - master + paths-ignore: + - 'README.md' jobs: readme-create: - name: 'readme-create' - runs-on: ubuntu-latest - steps: - - name: 'Checkout' - uses: actions/checkout@master - - - name: 'Set up Python 3.7' - uses: actions/setup-python@v5 - with: - python-version: '3.x' - - - name: 'create readme' - uses: 'clouddrove/github-actions@9.0.3' - with: - actions_subcommand: 'readme' - github_token: '${{ secrets.GITHUB }}' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: 'pre-commit check errors' - uses: pre-commit/action@v3.0.0 - continue-on-error: true - - - name: 'pre-commit fix erros' - uses: pre-commit/action@v3.0.0 - continue-on-error: true - - - name: 'push readme' - uses: 'clouddrove/github-actions@9.0.3' - continue-on-error: true - with: - actions_subcommand: 'push' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - - name: 'Slack Notification' - uses: clouddrove/action-slack@v2 - with: - status: ${{ job.status }} - fields: repo,author - author_name: 'CloudDrove' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # required - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} # required - if: always() + uses: clouddrove/github-shared-workflows/.github/workflows/readme.yml@1.2.1 + secrets: + TOKEN: ${{ secrets.GITHUB }} + SLACK_WEBHOOK_TERRAFORM: ${{ secrets.SLACK_WEBHOOK_TERRAFORM }} \ No newline at end of file diff --git a/main.tf b/main.tf index 5bbc6c5..7c50626 100644 --- a/main.tf +++ b/main.tf @@ -10,6 +10,7 @@ module "labels" { source = "clouddrove/labels/aws" version = "1.3.0" + enabled = var.enabled name = var.name environment = var.environment managedby = var.managedby @@ -44,7 +45,7 @@ data "aws_iam_policy_document" "authenticated_assume" { variable = "cognito-identity.amazonaws.com:aud" values = [ - aws_cognito_identity_pool.identity_pool[*].id[0], + aws_cognito_identity_pool.identity_pool[0].id, ] } condition { @@ -93,7 +94,7 @@ data "aws_iam_policy_document" "unauthenticated_assume" { variable = "cognito-identity.amazonaws.com:aud" values = [ - aws_cognito_identity_pool.identity_pool[*].id[0], + aws_cognito_identity_pool.identity_pool[0].id, ] } condition { @@ -117,7 +118,7 @@ data "aws_iam_policy_document" "unauthenticated" { resource "aws_cognito_identity_pool_roles_attachment" "identity_pool" { count = var.enabled ? 1 : 0 - identity_pool_id = aws_cognito_identity_pool.identity_pool[*].id[0] + identity_pool_id = aws_cognito_identity_pool.identity_pool[0].id roles = { "authenticated" = module.auth-role.arn "unauthenticated" = module.unauth-role.arn @@ -154,7 +155,7 @@ resource "aws_cognito_user_pool" "user_pool" { admin_create_user_config { allow_admin_create_user_only = true invite_message_template { - email_message = < A new account for ${var.name} has been created for you. @@ -291,7 +292,7 @@ resource "aws_cognito_user_pool_client" "client" { prevent_user_existence_errors = lookup(element(local.clients, count.index), "prevent_user_existence_errors", null) write_attributes = lookup(element(local.clients, count.index), "write_attributes", null) enable_token_revocation = lookup(element(local.clients, count.index), "enable_token_revocation", null) - user_pool_id = aws_cognito_user_pool.user_pool[*].id[0] + user_pool_id = aws_cognito_user_pool.user_pool[0].id # token_validity_units dynamic "token_validity_units" { @@ -361,7 +362,7 @@ resource "aws_cognito_user_pool_domain" "domain" { count = !var.enabled || var.domain == null || var.domain == "" ? 0 : 1 domain = var.domain certificate_arn = var.domain_certificate_arn - user_pool_id = aws_cognito_user_pool.user_pool[*].id[0] + user_pool_id = aws_cognito_user_pool.user_pool[0].id } resource "aws_cognito_identity_pool" "identity_pool" { @@ -380,7 +381,7 @@ resource "aws_cognito_user_group" "main" { description = lookup(element(local.groups, count.index), "description") precedence = lookup(element(local.groups, count.index), "precedence") role_arn = lookup(element(local.groups, count.index), "role_arn") - user_pool_id = aws_cognito_user_pool.user_pool[*].id[0] + user_pool_id = aws_cognito_user_pool.user_pool[0].id } locals { @@ -412,7 +413,7 @@ locals { resource "aws_cognito_user" "users" { for_each = var.users - user_pool_id = aws_cognito_user_pool.user_pool[*].id[0] + user_pool_id = aws_cognito_user_pool.user_pool[0].id username = each.value.email desired_delivery_mediums = var.desired_delivery_mediums @@ -447,5 +448,5 @@ resource "aws_cognito_resource_server" "resource_servers" { } } - user_pool_id = aws_cognito_user_pool.user_pool[*].id[0] + user_pool_id = aws_cognito_user_pool.user_pool[0].id } \ No newline at end of file diff --git a/outputs.tf b/outputs.tf index 7a42ecc..3bc7f2a 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,15 +1,15 @@ output "user_pool_id" { - value = aws_cognito_user_pool.user_pool[*].id[0] + value = try(aws_cognito_user_pool.user_pool[0].id, null) description = "(Required) User pool the client belongs to." } output "name" { - value = aws_cognito_user_pool.user_pool[*].name[0] + value = try(aws_cognito_user_pool.user_pool[0].name, null) description = "(Required) Name of the application client." } output "app_client_id" { - value = aws_cognito_user_pool_client.client[*].id[0] + value = try(aws_cognito_user_pool_client.client[0].id, null) description = "ID of the user pool client." } diff --git a/variables.tf b/variables.tf index 224b1c6..915f352 100644 --- a/variables.tf +++ b/variables.tf @@ -87,6 +87,11 @@ variable "case_sensitive" { description = "Whether username case sensitivity will be applied for all users in the user pool through Cognito APIs." } +variable "email_message" { + type = string + default = "" +} + ################################################ ## Admin Create USer ################################################