Open edzillion opened 5 years ago
Pretty sure we should make a role that has access to s3 so that a user can upload photo direct from their mobile.
# aws_iam_role.cognito resource "aws_iam_role" "cognito" { name = "${var.namespace}-identity" assume_role_policy = "${ data.template_file.cognito_iam_assume_role_policy.rendered }" } ... # aws_cognito_identity_pool_roles_attachment._ resource "aws_cognito_identity_pool_roles_attachment" "_" { identity_pool_id = "${aws_cognito_identity_pool._.id}" roles = { "authenticated" = "${aws_iam_role.cognito.arn}" } }
where authenticated would give them access to s3
authenticated
code from here: https://github.com/squidfunk/terraform-aws-cognito-auth/blob/f1f8bcec34950eea290040a3ae7db03b2bb0c90a/modules/identity/main.tf#L141
Pretty sure we should make a role that has access to s3 so that a user can upload photo direct from their mobile.
where
authenticatedwould give them access to s3code from here: https://github.com/squidfunk/terraform-aws-cognito-auth/blob/f1f8bcec34950eea290040a3ae7db03b2bb0c90a/modules/identity/main.tf#L141