Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cognito account recovery settings missing new options #1437

Closed
shousper opened this issue Apr 8, 2021 · 3 comments
Closed

Cognito account recovery settings missing new options #1437

shousper opened this issue Apr 8, 2021 · 3 comments
Assignees
@corymhall
Labels
kind/bug Some behavior is incorrect or out of spec resolution/no-repro This issue wasn't able to be reproduced

Comments

@shousper
Copy link

shousper commented Apr 8, 2021
edited
Loading

The accountRecoverySetting.recoveryMechanisms input block appears to be missing support for the "Not Recommended" option in Cognito's console.

After making a manual change in the AWS Console to "How will a user be able to recover their account?" and doing a pulumi refresh, the values of recoveryMechanisms were removed. Now, even when ignoring changes to accountRecoverySetting I'm faced with this error:

error: aws:cognito/userPool:UserPool resource 'app' has a problem: List shorter than MinItems: Attribute supports 1 item minimum, config has 0 declared. Examine values at 'UserPool.AccountRecoverySetting.RecoveryMechanism'.

Which I can recover from, no worries, It probably means the pulumi-aws provider isn't consuming the API response for the state of the User Pool correctly?

Expected behavior

UserPool resource should correctly maintain state with AWS.

Current behavior

recoveryMechanisms appears to become empty when "(Not Recommended) Phone if available, otherwise email, and do allow a user to reset their password via phone if they are also using it for MFA." option is chosen in the UI.

Steps to reproduce

  1. Define a basic aws.cognito.UserPool resource.
  2. pulumi up.
  3. Log into AWS Console, change "How will a user be able to recover their account?" to "(Not Recommended) Phone if available, otherwise email, and do allow a user to reset their password via phone if they are also using it for MFA."
  4. pulumi refresh
  5. Observe diff to recoveryMechanisms will remove all elements.

Context (Environment)

Trying to enable phone number account recovery, regardless of MFA.

Affected feature

aws.cognito.UserPool
@shousper shousper added the kind/bug Some behavior is incorrect or out of spec label Apr 8, 2021
@aterreno
Copy link

I just bumped into this, it's strange as we continously deploy infra with pulumi.. but I got the error only today.

Solved adding:

      accountRecoverySetting: {
        recoveryMechanisms: [{ name: 'verified_email', priority: 1 }],
      },

@chamathpali
Copy link

@aterreno thanks for that! spend few hours trying to find a suitable fix! 👍

@adrians5j adrians5j mentioned this issue Mar 14, 2023
Closed
@corymhall
Copy link
Contributor

I've only been able to reproduce this issue when providing something like the below example. I will note though that when using the below app, the error message is correct! I've tried with a bunch of other combinations and I cannot reproduce this error with any other configuration.

new aws.cognito.UserPool('chall-pool', {
  accountRecoverySetting: {},
});

My hunch is that this has been fixed sometime since this was reported. If anyone is still experiencing this issue please let us know!

@corymhall corymhall added needs-repro Needs repro steps before it can be triaged or fixed awaiting-feedback Blocked on input from the author labels Jun 14, 2024
@mjeffryes mjeffryes added resolution/no-repro This issue wasn't able to be reproduced and removed needs-repro Needs repro steps before it can be triaged or fixed awaiting-feedback Blocked on input from the author labels Jun 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@corymhall corymhall

Labels
kind/bug Some behavior is incorrect or out of spec resolution/no-repro This issue wasn't able to be reproduced
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@aterreno @stack72 @shousper @mjeffryes @chamathpali @corymhall