From 888c8aa909eb416983f214e215f8e4bb08191546 Mon Sep 17 00:00:00 2001
From: Ramesh Maddegoda <94033485+ramesh-maddegoda@users.noreply.github.com>
Date: Tue, 4 Feb 2025 09:48:11 -0800
Subject: [PATCH] UPDATE README, examples of .tfvars files and minor code
 format changes.

Refer to issue: NASA-PDS/nucleus#123
---
 terraform/README.md                                      | 4 ++--
 terraform/terraform-modules/cognito-auth/cognito-auth.tf | 7 -------
 terraform/variables/terraform.tfvars.dev                 | 4 ++++
 terraform/variables/terraform.tfvars.test                | 4 ++++
 4 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/terraform/README.md b/terraform/README.md
index cf0a177..32eef04 100644
--- a/terraform/README.md
+++ b/terraform/README.md
@@ -38,7 +38,7 @@ system admin team of your AWS account)
 
 6. PDS Registry (OpenSearch) is accessible from the AWS account which is used to deploy PDS Nucleus)
 
-7. A Cognito User Pool to maintain the Nucleus users
+7. A Cognito User Pool to manage Nucleus users
 
 8. A certificate to be used for the ALB Listener facing Airflow UI
 
@@ -94,7 +94,7 @@ Note:  Examples of `terraform.tfvars` files are available at `terraform/variable
     - pds_nucleus_config_bucket_name  : S3 Bucket name to keep temporary configurations (E.g.: pds-nucleus-config-mcp-test)
     - pds_nucleus_default_airflow_dag_id : The default example DAG to be included for testing (E.g.: pds-basic-registry-load-use-case)
     - pds_registry_loader_harvest_task_role_arn: An IAM role which is associated with a Cognito user group
-    - cognito_user_pool_id: The ID of the Cognito user pool which is sued to create Nuclues user accounts
+    - cognito_user_pool_id: The ID of the Cognito user pool which is used to create Nuclues user accounts
     - cognito_user_pool_domain: Cognitp domain name of the Cognito user pool which is sued to create Nuclues user accounts
     - auth_alb_listener_certificate_arn: ARN of the certificate to be used for the ALB Listener facing Airflow UI
 
diff --git a/terraform/terraform-modules/cognito-auth/cognito-auth.tf b/terraform/terraform-modules/cognito-auth/cognito-auth.tf
index c0e479b..fd8706b 100644
--- a/terraform/terraform-modules/cognito-auth/cognito-auth.tf
+++ b/terraform/terraform-modules/cognito-auth/cognito-auth.tf
@@ -86,7 +86,6 @@ data "aws_iam_policy_document" "alb_auth_lambda_execution_role_policy" {
   }
 }
 
-
 resource "aws_iam_role" "pds_nucleus_alb_auth_lambda_execution_role" {
   name = "pds_nucleus_alb_auth_lambda_execution_role"
 
@@ -114,7 +113,6 @@ resource "null_resource" "install_dependencies" {
   }
 }
 
-
 data "archive_file" "pds_nucleus_auth_alb_function_zip_packages" {
   type        = "zip"
   source_dir  = "${path.module}/lambda/package"
@@ -149,8 +147,6 @@ resource "aws_cloudwatch_log_group" "pds_nucleus_product_processing_status_track
   name = "/aws/lambda/pds_nucleus_auth_alb"
 }
 
-
-
 resource "aws_lambda_permission" "lambda_permissions_auth_alb" {
   statement_id  = "AllowExecutionFromlb"
   action        = "lambda:InvokeFunction"
@@ -222,7 +218,6 @@ resource "aws_lb_listener_rule" "aws_console_sso_rule" {
   }
 }
 
-
 # Cognito user pool client
 resource "aws_cognito_user_pool_client" "cognito_user_pool_client_for_mwaa" {
   name                                 = "pds-nucleus-airflow-ui-client"
@@ -235,7 +230,6 @@ resource "aws_cognito_user_pool_client" "cognito_user_pool_client_for_mwaa" {
   supported_identity_providers         = ["COGNITO"]
 }
 
-
 # Common assume role policy
 data "aws_iam_policy_document" "pds_nucleus_airflow_assume_role" {
   statement {
@@ -252,7 +246,6 @@ data "aws_iam_policy_document" "pds_nucleus_airflow_assume_role" {
 }
 
 
-
 # Airflow Admin Role
 
 data "aws_iam_policy_document" "pds_nucleus_airflow_admin_policy" {
diff --git a/terraform/variables/terraform.tfvars.dev b/terraform/variables/terraform.tfvars.dev
index 941219e..90e876d 100644
--- a/terraform/variables/terraform.tfvars.dev
+++ b/terraform/variables/terraform.tfvars.dev
@@ -28,3 +28,7 @@ pds_nucleus_config_bucket_name               = "pds-nucleus-config-mcp-dev"
 pds_nucleus_default_airflow_dag_id = "pds-basic-registry-load-use-case"
 
 pds_registry_loader_harvest_task_role_arn = "arn:aws:iam::12345678:role/pds-registry-loader-harvest-role"
+
+cognito_user_pool_id              = "us-west-2_ABCDEFG"
+cognito_user_pool_domain          = "pds-registry"
+auth_alb_listener_certificate_arn = "arn:aws:acm:us-west-2:123456789:certificate/ca123456-abcd-abcd-1234-abcdefghi"
\ No newline at end of file
diff --git a/terraform/variables/terraform.tfvars.test b/terraform/variables/terraform.tfvars.test
index 917167c..aa63a17 100644
--- a/terraform/variables/terraform.tfvars.test
+++ b/terraform/variables/terraform.tfvars.test
@@ -28,3 +28,7 @@ pds_nucleus_config_bucket_name               = "pds-nucleus-config-mcp-dev"
 pds_nucleus_default_airflow_dag_id = "pds-basic-registry-load-use-case"
 
 pds_registry_loader_harvest_task_role_arn = "arn:aws:iam::12345678:role/pds-registry-loader-harvest-role"
+
+cognito_user_pool_id              = "us-west-2_ABCDEFG"
+cognito_user_pool_domain          = "pds-registry"
+auth_alb_listener_certificate_arn = "arn:aws:acm:us-west-2:123456789:certificate/ca123456-abcd-abcd-1234-abcdefghi"
\ No newline at end of file