Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue while updating Cognito User Pool. (UpdateUserPoolInput.AccountRecoverySetting.RecoveryMechanisms) #24686

Closed
ItsDevMonk opened this issue May 6, 2022 · 7 comments · Fixed by #25184
Closed

Issue while updating Cognito User Pool. (UpdateUserPoolInput.AccountRecoverySetting.RecoveryMechanisms) #24686

ItsDevMonk opened this issue May 6, 2022 · 7 comments · Fixed by #25184
Labels
bug Addresses a defect in current functionality. service/cognitoidp Issues and PRs that pertain to the cognitoidp service.
Milestone
v4.20.0

Comments

@ItsDevMonk
Copy link

ItsDevMonk commented May 6, 2022
edited
Loading

name: 🐛 Bug Report
about: CognitioIDP refresh command causing some issue during next run🤔.

Terraform CLI and Terraform AWS Provider Version

Terraform v0.14.7
Terraform AWS Provider Version 4.6.0

Affected Resource(s)

aws_cognito_user_pool

Debug Output

If I create User pool with terraform it is working fine. In state file, account recovery setting is empty.

"attributes": {
     "account_recovery_setting": [],
     "admin_create_user_config": ....

### Panic Output

But If i import the existing UserPool into terraform, then the same attribute will update like below,

"attributes": {
     "account_recovery_setting": [
      {
        "recovery_mechanism": []
      }
    ],
    "admin_create_user_config": ....

Actual Behavior

Since this recovery_mechanism is added to state file, I can't update anything in UserPool. If I change some data I will get the below error

aws_cognito_user_pool.pool: Modifying... [id=us-east-1_xxxxxy]

Error: error updating Cognito User pool (us-east-1_xxxxxy): InvalidParameter: 1 validation error(s) found.
- minimum field size of 1, UpdateUserPoolInput.AccountRecoverySetting.RecoveryMechanisms.

How can I fix this? I don't have account recovery settings in tf file. But still it is giving this error.

Note: This is same if I create the UserPool with terraform (not the import) and run terraform refresh command.

I think, there is an issue during the describe UserPool api call.
@github-actions github-actions bot added the needs-triage Waiting for first response or review from a maintainer. label May 6, 2022
@justinretzolk justinretzolk added bug Addresses a defect in current functionality. service/cognitoidp Issues and PRs that pertain to the cognitoidp service. and removed needs-triage Waiting for first response or review from a maintainer. labels May 9, 2022
@justinretzolk
Copy link
Member

Hey @ItsDevMonk 👋 Thank you for taking the time to raise this! It looks like this may be a bug with the provider. So that we have all of the necessary information in order to look into this, can you update the issue description to include all of the information requested in the bug report template?

@justinretzolk justinretzolk added needs-triage Waiting for first response or review from a maintainer. waiting-response Maintainers are waiting on response from community or contributor. and removed needs-triage Waiting for first response or review from a maintainer. labels May 9, 2022
@atsushi-ishibashi atsushi-ishibashi mentioned this issue Jun 6, 2022
Merged
@atsushi-ishibashi
Copy link
Contributor

atsushi-ishibashi commented Jun 6, 2022
edited
Loading

@justinretzolk
AccountRecoverySetting will be returned as empty json not nil.

$ aws cognito-idp describe-user-pool --user-pool-id xxxx

{
    "UserPool": {
        "Id": "xxxxxxxx",
        ....
        "AccountRecoverySetting": {}
    }
}

But the code validates only account_recovery_setting so recovery_mechanism will be created as empty array.

@github-actions github-actions bot removed the waiting-response Maintainers are waiting on response from community or contributor. label Jun 6, 2022
@atsushi-ishibashi
Copy link
Contributor

atsushi-ishibashi commented Jun 6, 2022
edited
Loading

we cannot avoid this issue with ignore_changes😢
Temporarily, we can avoid it by updating CognitoUserPool via management console in advance, which means not to run update in terraform.

@ItsDevMonk
Copy link
Author

@atsushi-ishibashi . Currently I am updating the management console. But I also need to update the token Units, that I can do via console. Also not able to do via Terraform because of this AccountRecoverySetting 💔

@atsushi-ishibashi
Copy link
Contributor

@ItsDevMonk yeah😅 To prioritize #25184 , please give your thumbup

@github-actions github-actions bot added this to the v4.20.0 milestone Jun 22, 2022
@github-actions
Copy link

This functionality has been released in v4.20.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@github-actions
Copy link

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jul 24, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug Addresses a defect in current functionality. service/cognitoidp Issues and PRs that pertain to the cognitoidp service.
Projects
None yet
Milestone
v4.20.0
3 participants
@atsushi-ishibashi @ItsDevMonk @justinretzolk