search

lgallard / terraform-aws-cognito-user-pool

Terraform module to create Amazon Cognito User Pools, configure its attributes and resources such as app clients, domain, resource servers. Amazon Cognito User Pools provide a secure user directory that scales to hundreds of millions of users.
Apache License 2.0
93 stars 95 forks source link

noobie: cannot create user pool with assume role terraform permissions #116

Closed itdataguy closed 1 year ago

itdataguy commented 1 year ago

Team,

Just trying to get started here. I have a terraform policy where I have added cognito-idp:* to resource *. I have also tried explicity to add cognito-idp:CreateUserPooland still get this error.


╷
│ Error: creating Cognito User Pool: AccessDeniedException: User: arn:aws:iam::XXXXXXXXXXXXX:user/cc/admin/guy is not authorized to perform: cognito-idp:CreateUserPool on resource: * because no identity-based policy allows the cognito-idp:CreateUserPool action
│       status code: 400, request id: d4e241ba-3bf7-4b17-9888-4233d7f99ca4
│ 
│   with module.cognito-hash.aws_cognito_user_pool.pool[0],
│   on ../../terraform-aws-cognito-user-pool/main.tf line 1, in resource "aws_cognito_user_pool" "pool":
│    1: resource "aws_cognito_user_pool" "pool" {
│ 
╵```
itdataguy commented 1 year ago

This is no longer an issue. My terraform project uses multiple AWS providers. I needed to pass the proper provider into the module.