-
Notifications
You must be signed in to change notification settings - Fork 8.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
error creating Cognito User Pool: InvalidParameterException: Required custom attributes are not supported currently #18430
Comments
Any update when this may be added? |
AWS doesn't support requirements for custom attributes. "Cognito assigns all users a set of standard attributes based on the OpenID Connect (OIDC) standard." You can use a requirement of attribute during user pool creation only for predefined attributes. I think the documentation should describes this limitation. Example for correct usage of resource "aws_cognito_user_pool" "administration" {
name = "example-user-pool"
username_attributes = ["email"]
auto_verified_attributes = ["email"]
password_policy {
minimum_length = 8
require_lowercase = false
require_numbers = false
require_symbols = false
require_uppercase = false
temporary_password_validity_days = 1
}
# Predefined attribute
schema {
name = "email"
attribute_data_type = "String"
mutable = true
required = true
developer_only_attribute = false
string_attribute_constraints {
max_length = "2048"
min_length = "5"
}
}
# Custom attribute
schema {
name = "roles"
attribute_data_type = "String"
developer_only_attribute = false
mutable = true
required = false
string_attribute_constraints {
min_length = 0
max_length = 100
}
}
} |
I tried your approach, however, I'm still getting the same error 🤔 |
I'm encountering the same error even when following the new approach.
Error:
|
So I had a simple mistake but I'm going to leave this up in case anybody else encounters it. After creating the User Pool, you cannot modify it to mark an attribute as required. Instead the resource must be destroyed, and then redeployed for the changes to take effect. This can be seen in the first note section of the documentation, under standard attributes: user-pool-settings |
Then terraform should recognize this and then destroy/create the resource, no? |
are there any updates on this issue? This looks like a limitation on the AWS API rather than on terraform since a quick google search shows CF gives the same error. Ref: https://stackoverflow.com/questions/59388115/deploy-aws-userpool-via-cloudformation-with-attribute-update I am still seeing this on aws provider version |
Came across this issue today and was scratching my head for a bit. I came to the conclusion that the required = true is the issue after reading the custom attributes section here https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-custom-attributes
As soon as I set required = false, deployed as expected. Not the optimal behaviour I was after, but, acceptable for me. |
setting the filed required = false did the job for me. Thank you
|
My solution: I faced an issue where I had already created a custom attribute, but I needed to add a standard attribute with the 'required' parameter set to true. Terraform automatically attempted to recreate the existing custom attribute and add the new standard attribute, but this was not possible as attributes cannot be deleted or modified once they have been created for the first time. To solve this issue, I needed to delete the 'aws_cognito_user_pool' resource and then apply both schema blocks together. After doing this, the standard attribute was successfully added with the 'require' parameter set to true. It's inconvenient to add attributes in Terraform without deleting the entire resource. A future feature can be a good idea to do here. I hope this information will be useful to you :) |
Hello, I had the same issue. My problem was I had an inconsistency with the values and terraform state. The current values were changed manually and were inconsistent with the measurement of time for that value. I changed the value manually to short values and checked the measure for these values. I edit the terraform and change the values to
I ran the terraform pipeline and got the measure values changed successfully. |
Terraform CLI and Terraform AWS Provider Version
Affected Resource(s)
aws_cognito_user_pool
Terraform Configuration Files
Expected Behavior
I should have been able to create the Cognito user pool with the configuration I have (with
required
set totrue
) since therequired
attribute is listed in the Terraform resource documentation.Actual Behavior
I get an error when trying to create the Cognito user pool with a custom
user_id
attribute.Steps to Reproduce
The text was updated successfully, but these errors were encountered: