Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding support for password_policy.temporary_password_validity_days #10890

Merged
merged 3 commits into from
Jan 24, 2020

Conversation

michalschott
Copy link
Contributor

@michalschott michalschott commented Nov 15, 2019

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for pull request followers and do not help prioritize the request

Closes #8827

Release note for CHANGELOG:

`admin_create_user_config.0.unused_account_validity_days` has been deprecated, added support for 
 `password_policy.0.temporary_password_validity_days`

Output from acceptance testing:

$ make testacc TEST=./aws TESTARGS='-run=TestAccAWSCognitoUserPool'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 10 -run=TestAccAWSCognitoUserPool -timeout 120m
=== RUN   TestAccAWSCognitoUserPoolClient_basic
=== PAUSE TestAccAWSCognitoUserPoolClient_basic
=== RUN   TestAccAWSCognitoUserPoolClient_RefreshTokenValidity
=== PAUSE TestAccAWSCognitoUserPoolClient_RefreshTokenValidity
=== RUN   TestAccAWSCognitoUserPoolClient_Name
=== PAUSE TestAccAWSCognitoUserPoolClient_Name
=== RUN   TestAccAWSCognitoUserPoolClient_allFields
=== PAUSE TestAccAWSCognitoUserPoolClient_allFields
=== RUN   TestAccAWSCognitoUserPoolClient_allFieldsUpdatingOneField
=== PAUSE TestAccAWSCognitoUserPoolClient_allFieldsUpdatingOneField
=== RUN   TestAccAWSCognitoUserPoolDomain_basic
=== PAUSE TestAccAWSCognitoUserPoolDomain_basic
=== RUN   TestAccAWSCognitoUserPoolDomain_custom
--- SKIP: TestAccAWSCognitoUserPoolDomain_custom (0.00s)
    resource_aws_cognito_user_pool_domain_test.go:56: Environment variable AWS_COGNITO_USER_POOL_DOMAIN_ROOT_DOMAIN is not set. This environment variable must be set to the fqdn of an ISSUED ACM certificate in us-east-1 to enable this test.
=== RUN   TestAccAWSCognitoUserPool_basic
=== PAUSE TestAccAWSCognitoUserPool_basic
=== RUN   TestAccAWSCognitoUserPool_withAdminCreateUserConfiguration
=== PAUSE TestAccAWSCognitoUserPool_withAdminCreateUserConfiguration
=== RUN   TestAccAWSCognitoUserPool_withAdvancedSecurityMode
=== PAUSE TestAccAWSCognitoUserPool_withAdvancedSecurityMode
=== RUN   TestAccAWSCognitoUserPool_withDeviceConfiguration
=== PAUSE TestAccAWSCognitoUserPool_withDeviceConfiguration
=== RUN   TestAccAWSCognitoUserPool_withEmailVerificationMessage
=== PAUSE TestAccAWSCognitoUserPool_withEmailVerificationMessage
=== RUN   TestAccAWSCognitoUserPool_withSmsVerificationMessage
=== PAUSE TestAccAWSCognitoUserPool_withSmsVerificationMessage
=== RUN   TestAccAWSCognitoUserPool_withEmailConfiguration
--- SKIP: TestAccAWSCognitoUserPool_withEmailConfiguration (0.00s)
    resource_aws_cognito_user_pool_test.go:304: 'TEST_AWS_SES_VERIFIED_EMAIL_ARN' not set, skipping test.
=== RUN   TestAccAWSCognitoUserPool_withSmsConfiguration
=== PAUSE TestAccAWSCognitoUserPool_withSmsConfiguration
=== RUN   TestAccAWSCognitoUserPool_withSmsConfigurationUpdated
=== PAUSE TestAccAWSCognitoUserPool_withSmsConfigurationUpdated
=== RUN   TestAccAWSCognitoUserPool_withTags
=== PAUSE TestAccAWSCognitoUserPool_withTags
=== RUN   TestAccAWSCognitoUserPool_withAliasAttributes
=== PAUSE TestAccAWSCognitoUserPool_withAliasAttributes
=== RUN   TestAccAWSCognitoUserPool_withPasswordPolicy
=== PAUSE TestAccAWSCognitoUserPool_withPasswordPolicy
=== RUN   TestAccAWSCognitoUserPool_withLambdaConfig
=== PAUSE TestAccAWSCognitoUserPool_withLambdaConfig
=== RUN   TestAccAWSCognitoUserPool_withSchemaAttributes
=== PAUSE TestAccAWSCognitoUserPool_withSchemaAttributes
=== RUN   TestAccAWSCognitoUserPool_withVerificationMessageTemplate
=== PAUSE TestAccAWSCognitoUserPool_withVerificationMessageTemplate
=== RUN   TestAccAWSCognitoUserPool_update
=== PAUSE TestAccAWSCognitoUserPool_update
=== CONT  TestAccAWSCognitoUserPoolClient_basic
=== CONT  TestAccAWSCognitoUserPool_basic
=== CONT  TestAccAWSCognitoUserPool_withSmsVerificationMessage
=== CONT  TestAccAWSCognitoUserPool_withVerificationMessageTemplate
=== CONT  TestAccAWSCognitoUserPool_withSchemaAttributes
=== CONT  TestAccAWSCognitoUserPool_withLambdaConfig
=== CONT  TestAccAWSCognitoUserPool_withPasswordPolicy
=== CONT  TestAccAWSCognitoUserPool_update
=== CONT  TestAccAWSCognitoUserPool_withTags
=== CONT  TestAccAWSCognitoUserPool_withAliasAttributes
--- PASS: TestAccAWSCognitoUserPool_basic (34.67s)
=== CONT  TestAccAWSCognitoUserPool_withSmsConfigurationUpdated
--- PASS: TestAccAWSCognitoUserPoolClient_basic (39.40s)
=== CONT  TestAccAWSCognitoUserPool_withSmsConfiguration
--- PASS: TestAccAWSCognitoUserPool_withSmsVerificationMessage (54.44s)
=== CONT  TestAccAWSCognitoUserPoolClient_allFields
--- PASS: TestAccAWSCognitoUserPool_withVerificationMessageTemplate (54.44s)
=== CONT  TestAccAWSCognitoUserPoolDomain_basic
--- PASS: TestAccAWSCognitoUserPool_withAliasAttributes (55.41s)
=== CONT  TestAccAWSCognitoUserPoolClient_allFieldsUpdatingOneField
--- PASS: TestAccAWSCognitoUserPool_withPasswordPolicy (56.14s)
=== CONT  TestAccAWSCognitoUserPool_withDeviceConfiguration
--- PASS: TestAccAWSCognitoUserPool_withSchemaAttributes (58.23s)
=== CONT  TestAccAWSCognitoUserPool_withEmailVerificationMessage
--- PASS: TestAccAWSCognitoUserPool_withTags (77.46s)
=== CONT  TestAccAWSCognitoUserPoolClient_Name
--- PASS: TestAccAWSCognitoUserPool_withSmsConfiguration (49.83s)
=== CONT  TestAccAWSCognitoUserPoolClient_RefreshTokenValidity
--- PASS: TestAccAWSCognitoUserPoolClient_allFields (37.53s)
=== CONT  TestAccAWSCognitoUserPool_withAdvancedSecurityMode
--- PASS: TestAccAWSCognitoUserPool_withLambdaConfig (93.05s)
=== CONT  TestAccAWSCognitoUserPool_withAdminCreateUserConfiguration
--- PASS: TestAccAWSCognitoUserPoolDomain_basic (39.21s)
--- PASS: TestAccAWSCognitoUserPool_update (104.76s)
--- PASS: TestAccAWSCognitoUserPool_withSmsConfigurationUpdated (70.37s)
--- PASS: TestAccAWSCognitoUserPool_withDeviceConfiguration (52.87s)
--- PASS: TestAccAWSCognitoUserPool_withEmailVerificationMessage (53.27s)
--- PASS: TestAccAWSCognitoUserPoolClient_allFieldsUpdatingOneField (58.13s)
--- PASS: TestAccAWSCognitoUserPoolClient_Name (60.39s)
--- PASS: TestAccAWSCognitoUserPoolClient_RefreshTokenValidity (58.94s)
--- PASS: TestAccAWSCognitoUserPool_withAdminCreateUserConfiguration (71.57s)
--- PASS: TestAccAWSCognitoUserPool_withAdvancedSecurityMode (75.25s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	168.608s

@michalschott michalschott requested a review from a team November 15, 2019 09:59
@ghost ghost added size/XS Managed by automation to categorize the size of a PR. needs-triage Waiting for first response or review from a maintainer. service/cognito labels Nov 15, 2019
@ghost ghost added the documentation Introduces or discusses updates to documentation. label Nov 15, 2019
@michalschott michalschott changed the title Adding new field. Adding new field for cognito_user_pool Nov 15, 2019
@michalschott michalschott changed the title Adding new field for cognito_user_pool Adding new field for cognito_user_pool (temporary_password_validity_days) Nov 15, 2019
@michalschott michalschott force-pushed the cognito_fix branch 3 times, most recently from ce6af14 to 7d00f44 Compare November 15, 2019 14:57
@michalschott
Copy link
Contributor Author

@bflad @gdavison @aeschright any chance that this might get your attention, looks like more and more people are affected.

@aeschright aeschright removed the needs-triage Waiting for first response or review from a maintainer. label Dec 12, 2019
@aeschright
Copy link
Contributor

Hi @michalschott -- thanks for getting a start on this! I think it makes sense to mark unused_account_validity_days as explicitly deprecated: https://www.terraform.io/docs/extend/best-practices/deprecations.html

@aeschright aeschright added the waiting-response Maintainers are waiting on response from community or contributor. label Dec 12, 2019
@ghost ghost added size/XXL Managed by automation to categorize the size of a PR. provider Pertains to the provider itself, rather than any interaction with AWS. service/apigateway Issues and PRs that pertain to the apigateway service. service/applicationautoscaling service/datapipeline Issues and PRs that pertain to the datapipeline service. service/dlm Issues and PRs that pertain to the dlm service. service/ec2 Issues and PRs that pertain to the ec2 service. service/ecs Issues and PRs that pertain to the ecs service. service/efs Issues and PRs that pertain to the efs service. service/iam Issues and PRs that pertain to the iam service. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. and removed size/XS Managed by automation to categorize the size of a PR. labels Dec 12, 2019
@michalschott michalschott changed the title Renaming admin_create_user_config.0.unused_account_validity_days to password_policy.0.temporary_password_validity_days Adding support for password_policy.temporary_password_validity_days Jan 11, 2020
@michalschott
Copy link
Contributor Author

michalschott commented Jan 11, 2020

@aeschright thanks for the link, I'm facing very similar problems with failing tests without updating them with new parameter.

Because of AWS sets temporary_password_validity_days on their side, any further updates are failing until you set

  password_policy {
    temporary_password_validity_days = $int
  }

Without that we're not even able to update UnusedAccountValidityDays value anymore.

Updated the code to not fully drop support for the old parameter, but continuing to update user pools without updating your code will fail with in certain scenarios - reason why I had to add password_policy block to testAccAWSCognitoUserPoolConfig_withAdminCreateUserConfiguration and testAccAWSCognitoUserPoolConfig_withAdminCreateUserConfigurationUpdated tests. Really hope this is acceptably by now.

@stevegula
Copy link

stevegula commented Jan 11, 2020

@michalschott is there a work around one can use while we wait for this patch to get merged?

disregard - i somehow missed this comment #8827 (comment)

@michalschott
Copy link
Contributor Author

michalschott commented Jan 12, 2020

Code used for testing:

resource "aws_cognito_user_pool" "test" {
  name = "terraform-test-pool-test"

  admin_create_user_config {
    allow_admin_create_user_only = true
    unused_account_validity_days = 6

    invite_message_template {
      email_message = "Your username is {username} and temporary password is {####}. "
      email_subject = "FooBar {####}"
      sms_message   = "Your username is {username} and temporary password is {####}."
    }
  }
}

Testing steps:

  1. Create user pool with stable provider, state looks like:
...
admin_create_user_config.0.unused_account_validity_days            = 6
...
password_policy.#                                                  = 1
password_policy.0.minimum_length                                   = 8
password_policy.0.require_lowercase                                = true
password_policy.0.require_numbers                                  = true
password_policy.0.require_symbols                                  = true
password_policy.0.require_uppercase                                = true
schema.#                                                           = 0
...
  1. Added new field, rebuild custom version, ran apply, state has changed:
...
admin_create_user_config.0.unused_account_validity_days            = 6
...
password_policy.#                                                  = 1
password_policy.0.minimum_length                                   = 8
password_policy.0.require_lowercase                                = true
password_policy.0.require_numbers                                  = true
password_policy.0.require_symbols                                  = true
password_policy.0.require_uppercase                                = true
password_policy.0.temporary_password_validity_days                 = 6
...
  1. I'm no longer available to update admin_create_user_config.0.unused_account_validity_days field due to Please use TemporaryPasswordValidityDays in PasswordPolicy instead of UnusedAccountValidityDays responce from AWS API. This only happens once support for temporary_password_validity_days is in.

Any thought how can this be bypassed, I was thinking about forcing resource to be recreated but that might lead to various scenarios where this might not fit (once support for deprecated field drops).

Shall we create new resource cognito_userpool_v2 to keep backwards compatibility?

@ghost ghost added size/S Managed by automation to categorize the size of a PR. and removed size/M Managed by automation to categorize the size of a PR. labels Jan 12, 2020
@claydanford
Copy link
Contributor

Since the old attribute is being deprecated, can we remove it from the provider, and push this forward? Seems the grace period is over, or perhaps I'm missing something?

@michalschott
Copy link
Contributor Author

@aeschright have you internally agreed on final decision how this should be handled, as mentioned above adding support for new field partially drops support for (already legacy field) unused_account_validity_days as it is no longer available to update its value.

@claydanford
Copy link
Contributor

I've now run into this blocker like everyone else. Cannot update anything in the pools.

Copy link
Contributor

@aeschright aeschright left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good! Just a couple of small things I'd like you to have a look at, and then we'll ship it 🚀

@@ -948,6 +955,11 @@ func resourceAwsCognitoUserPoolUpdate(d *schema.ResourceData, meta interface{})
log.Printf("[DEBUG] Received %s, retrying UpdateUserPool", err)
return resource.RetryableError(err)
}
if isAWSErr(err, cognitoidentityprovider.ErrCodeInvalidParameterException, "Please use TemporaryPasswordValidityDays in PasswordPolicy instead of UnusedAccountValidityDays") {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
if isAWSErr(err, cognitoidentityprovider.ErrCodeInvalidParameterException, "Please use TemporaryPasswordValidityDays in PasswordPolicy instead of UnusedAccountValidityDays") {
if isAWSErr(err, cognitoidentityprovider.ErrCodeInvalidParameterException, "UnusedAccountValidityDays has been deprecated, set TemporaryPasswordValidityDays in PasswordPolicy instead.") {

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If you have time, I think it would be a good idea to add a test that checks the error condition, but I know this is a blocker for folks who've been following the PR, so I don't want to delay it any longer.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change is not working as this is the exact error message from AWS API I need to act on.

Copy link
Contributor Author

@michalschott michalschott Jan 24, 2020

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Think the test I've added should do the work. Since we're retrying on error without deprecated field being send, the plan will still show that a change will be required - reason why I have used nonemptyplan.

aws/resource_aws_cognito_user_pool_test.go Show resolved Hide resolved
@ghost ghost added size/M Managed by automation to categorize the size of a PR. and removed size/S Managed by automation to categorize the size of a PR. labels Jan 24, 2020
@aeschright aeschright added this to the v2.47.0 milestone Jan 24, 2020
Copy link
Contributor

@aeschright aeschright left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for all your work on this! It will be included in next week's release.

--- PASS: TestAccAWSCognitoUserPoolClient_basic (17.77s)
--- PASS: TestAccAWSCognitoUserPoolDomain_basic (20.42s)
--- PASS: TestAccAWSCognitoUserPoolClient_allFields (20.49s)
--- PASS: TestAccAWSCognitoUserPool_basic (20.88s)
--- PASS: TestAccAWSCognitoUserPool_withDeviceConfiguration (27.58s)
--- PASS: TestAccAWSCognitoUserPoolClient_Name (27.68s)
--- PASS: TestAccAWSCognitoUserPool_withVerificationMessageTemplate (27.68s)
--- PASS: TestAccAWSCognitoUserPoolClient_allFieldsUpdatingOneField (30.56s)
--- PASS: TestAccAWSCognitoUserPool_withPasswordPolicy (31.04s)
--- PASS: TestAccAWSCognitoUserPool_withSmsVerificationMessage (31.19s)
--- PASS: TestAccAWSCognitoUserPool_withSmsConfiguration (32.60s)
--- PASS: TestAccAWSCognitoUserPool_withSchemaAttributes (34.14s)
--- PASS: TestAccAWSCognitoUserPool_withEmailVerificationMessage (34.22s)
--- PASS: TestAccAWSCognitoUserPool_withAliasAttributes (34.82s)
--- PASS: TestAccAWSCognitoUserPool_withAdvancedSecurityMode (38.25s)
--- PASS: TestAccAWSCognitoUserPool_withTags (39.37s)
--- PASS: TestAccAWSCognitoUserPool_withAdminCreateUserConfiguration (39.42s)
--- PASS: TestAccAWSCognitoUserPool_withSmsConfigurationUpdated (41.02s)
--- PASS: TestAccAWSCognitoUserPoolClient_RefreshTokenValidity (25.85s)
--- PASS: TestAccAWSCognitoUserPool_withLambdaConfig (58.46s)
--- PASS: TestAccAWSCognitoUserPool_update (62.47s)

@aeschright aeschright merged commit 9b606be into hashicorp:master Jan 24, 2020
aeschright added a commit that referenced this pull request Jan 24, 2020
bflad added a commit that referenced this pull request Jan 28, 2020
@ghost
Copy link

ghost commented Jan 30, 2020

This has been released in version 2.47.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks!

bflad added a commit that referenced this pull request Feb 11, 2020
…uration block unused_account_validity_days to be omitted

Reference: #11858
Reference: #10890

There was previously no test configuration covering both admin_create_user_config and password_policy being defined. The upstream API has deprecated a field in the former, however if the configuration block was defined, the attribute would errantly show a difference on the deprecated field.

Previous output from acceptance testing (before code fix):

```
--- FAIL: TestAccAWSCognitoUserPool_withAdminCreateUserConfigurationAndPasswordPolicy (13.28s)
    testing.go:640: Step 0 error: After applying this step, the plan was not empty:

        DIFF:

        UPDATE: aws_cognito_user_pool.test
          admin_create_user_config.#:                              "1" => "1"
          admin_create_user_config.0.allow_admin_create_user_only: "true" => "true"
          admin_create_user_config.0.invite_message_template.#:    "0" => "0"
          admin_create_user_config.0.unused_account_validity_days: "7" => ""
... omitted for clarity ...
```

Output from acceptance testing:

```
--- PASS: TestAccAWSCognitoUserPool_withAdminCreateUserConfigurationAndPasswordPolicy (18.41s)
--- PASS: TestAccAWSCognitoUserPool_basic (18.46s)
--- PASS: TestAccAWSCognitoUserPool_withAliasAttributes (27.92s)
--- PASS: TestAccAWSCognitoUserPool_withPasswordPolicy (29.64s)
--- PASS: TestAccAWSCognitoUserPool_withVerificationMessageTemplate (29.68s)
--- PASS: TestAccAWSCognitoUserPool_withDeviceConfiguration (30.52s)
--- PASS: TestAccAWSCognitoUserPool_withEmailVerificationMessage (31.38s)
--- PASS: TestAccAWSCognitoUserPool_withSmsVerificationMessage (32.67s)
--- PASS: TestAccAWSCognitoUserPool_withSchemaAttributes (33.39s)
--- PASS: TestAccAWSCognitoUserPool_withAdminCreateUserConfiguration (37.94s)
--- PASS: TestAccAWSCognitoUserPool_withAdvancedSecurityMode (39.71s)
--- PASS: TestAccAWSCognitoUserPool_withTags (44.33s)
--- PASS: TestAccAWSCognitoUserPool_withSmsConfiguration (50.12s)
--- PASS: TestAccAWSCognitoUserPool_withSmsConfigurationUpdated (51.37s)
--- PASS: TestAccAWSCognitoUserPool_update (66.06s)
--- PASS: TestAccAWSCognitoUserPool_withLambdaConfig (75.15s)
```
bflad added a commit that referenced this pull request Feb 12, 2020
…uration block unused_account_validity_days to be omitted (#12001)

Reference: #11858
Reference: #10890

There was previously no test configuration covering both admin_create_user_config and password_policy being defined. The upstream API has deprecated a field in the former, however if the configuration block was defined, the attribute would errantly show a difference on the deprecated field.

Previous output from acceptance testing (before code fix):

```
--- FAIL: TestAccAWSCognitoUserPool_withAdminCreateUserConfigurationAndPasswordPolicy (13.28s)
    testing.go:640: Step 0 error: After applying this step, the plan was not empty:

        DIFF:

        UPDATE: aws_cognito_user_pool.test
          admin_create_user_config.#:                              "1" => "1"
          admin_create_user_config.0.allow_admin_create_user_only: "true" => "true"
          admin_create_user_config.0.invite_message_template.#:    "0" => "0"
          admin_create_user_config.0.unused_account_validity_days: "7" => ""
... omitted for clarity ...
```

Output from acceptance testing:

```
--- PASS: TestAccAWSCognitoUserPool_withAdminCreateUserConfigurationAndPasswordPolicy (18.41s)
--- PASS: TestAccAWSCognitoUserPool_basic (18.46s)
--- PASS: TestAccAWSCognitoUserPool_withAliasAttributes (27.92s)
--- PASS: TestAccAWSCognitoUserPool_withPasswordPolicy (29.64s)
--- PASS: TestAccAWSCognitoUserPool_withVerificationMessageTemplate (29.68s)
--- PASS: TestAccAWSCognitoUserPool_withDeviceConfiguration (30.52s)
--- PASS: TestAccAWSCognitoUserPool_withEmailVerificationMessage (31.38s)
--- PASS: TestAccAWSCognitoUserPool_withSmsVerificationMessage (32.67s)
--- PASS: TestAccAWSCognitoUserPool_withSchemaAttributes (33.39s)
--- PASS: TestAccAWSCognitoUserPool_withAdminCreateUserConfiguration (37.94s)
--- PASS: TestAccAWSCognitoUserPool_withAdvancedSecurityMode (39.71s)
--- PASS: TestAccAWSCognitoUserPool_withTags (44.33s)
--- PASS: TestAccAWSCognitoUserPool_withSmsConfiguration (50.12s)
--- PASS: TestAccAWSCognitoUserPool_withSmsConfigurationUpdated (51.37s)
--- PASS: TestAccAWSCognitoUserPool_update (66.06s)
--- PASS: TestAccAWSCognitoUserPool_withLambdaConfig (75.15s)
```
@ghost
Copy link

ghost commented Mar 27, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

@ghost ghost locked and limited conversation to collaborators Mar 27, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
documentation Introduces or discusses updates to documentation. size/M Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

aws_cognito_user_pool support temporary password validity days in password policy
7 participants