Skip to content

Commit

Permalink
resource/aws_cognito_user_pool: Allow admin_create_user_config config…
Browse files Browse the repository at this point in the history
…uration block unused_account_validity_days to be omitted (#12001)

Reference: #11858
Reference: #10890

There was previously no test configuration covering both admin_create_user_config and password_policy being defined. The upstream API has deprecated a field in the former, however if the configuration block was defined, the attribute would errantly show a difference on the deprecated field.

Previous output from acceptance testing (before code fix):

```
--- FAIL: TestAccAWSCognitoUserPool_withAdminCreateUserConfigurationAndPasswordPolicy (13.28s)
    testing.go:640: Step 0 error: After applying this step, the plan was not empty:

        DIFF:

        UPDATE: aws_cognito_user_pool.test
          admin_create_user_config.#:                              "1" => "1"
          admin_create_user_config.0.allow_admin_create_user_only: "true" => "true"
          admin_create_user_config.0.invite_message_template.#:    "0" => "0"
          admin_create_user_config.0.unused_account_validity_days: "7" => ""
... omitted for clarity ...
```

Output from acceptance testing:

```
--- PASS: TestAccAWSCognitoUserPool_withAdminCreateUserConfigurationAndPasswordPolicy (18.41s)
--- PASS: TestAccAWSCognitoUserPool_basic (18.46s)
--- PASS: TestAccAWSCognitoUserPool_withAliasAttributes (27.92s)
--- PASS: TestAccAWSCognitoUserPool_withPasswordPolicy (29.64s)
--- PASS: TestAccAWSCognitoUserPool_withVerificationMessageTemplate (29.68s)
--- PASS: TestAccAWSCognitoUserPool_withDeviceConfiguration (30.52s)
--- PASS: TestAccAWSCognitoUserPool_withEmailVerificationMessage (31.38s)
--- PASS: TestAccAWSCognitoUserPool_withSmsVerificationMessage (32.67s)
--- PASS: TestAccAWSCognitoUserPool_withSchemaAttributes (33.39s)
--- PASS: TestAccAWSCognitoUserPool_withAdminCreateUserConfiguration (37.94s)
--- PASS: TestAccAWSCognitoUserPool_withAdvancedSecurityMode (39.71s)
--- PASS: TestAccAWSCognitoUserPool_withTags (44.33s)
--- PASS: TestAccAWSCognitoUserPool_withSmsConfiguration (50.12s)
--- PASS: TestAccAWSCognitoUserPool_withSmsConfigurationUpdated (51.37s)
--- PASS: TestAccAWSCognitoUserPool_update (66.06s)
--- PASS: TestAccAWSCognitoUserPool_withLambdaConfig (75.15s)
```
  • Loading branch information
bflad authored Feb 12, 2020
1 parent a3b019b commit 7fee424
Show file tree
Hide file tree
Showing 2 changed files with 49 additions and 0 deletions.
1 change: 1 addition & 0 deletions aws/resource_aws_cognito_user_pool.go
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,7 @@ func resourceAwsCognitoUserPool() *schema.Resource {
"unused_account_validity_days": {
Type: schema.TypeInt,
Optional: true,
Computed: true,
Deprecated: "Use password_policy.temporary_password_validity_days instead",
ValidateFunc: validation.IntBetween(0, 90),
ConflictsWith: []string{"password_policy.0.temporary_password_validity_days"},
Expand Down
48 changes: 48 additions & 0 deletions aws/resource_aws_cognito_user_pool_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -150,6 +150,33 @@ func TestAccAWSCognitoUserPool_withAdminCreateUserConfiguration(t *testing.T) {
})
}

// Reference: https://github.com/terraform-providers/terraform-provider-aws/issues/11858
func TestAccAWSCognitoUserPool_withAdminCreateUserConfigurationAndPasswordPolicy(t *testing.T) {
name := acctest.RandomWithPrefix("tf-acc-test")
resourceName := "aws_cognito_user_pool.test"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t); testAccPreCheckAWSCognitoIdentityProvider(t) },
Providers: testAccProviders,
CheckDestroy: testAccCheckAWSCognitoUserPoolDestroy,
Steps: []resource.TestStep{
{
Config: testAccAWSCognitoUserPoolConfig_withAdminCreateUserConfigAndPasswordPolicy(name),
Check: resource.ComposeAggregateTestCheckFunc(
testAccCheckAWSCognitoUserPoolExists(resourceName),
resource.TestCheckResourceAttr(resourceName, "admin_create_user_config.0.allow_admin_create_user_only", "true"),
resource.TestCheckResourceAttr(resourceName, "password_policy.0.temporary_password_validity_days", "7"),
),
},
{
ResourceName: resourceName,
ImportState: true,
ImportStateVerify: true,
},
},
})
}

func TestAccAWSCognitoUserPool_withAdvancedSecurityMode(t *testing.T) {
name := acctest.RandString(5)
resourceName := "aws_cognito_user_pool.test"
Expand Down Expand Up @@ -1112,6 +1139,27 @@ resource "aws_cognito_user_pool" "test" {
`, name)
}

func testAccAWSCognitoUserPoolConfig_withAdminCreateUserConfigAndPasswordPolicy(rName string) string {
return fmt.Sprintf(`
resource "aws_cognito_user_pool" "test" {
name = %[1]q
admin_create_user_config {
allow_admin_create_user_only = true
}
password_policy {
minimum_length = 7
require_lowercase = true
require_numbers = false
require_symbols = true
require_uppercase = false
temporary_password_validity_days = 7
}
}
`, rName)
}

func testAccAWSCognitoUserPoolConfig_withPasswordPolicy(name string) string {
return fmt.Sprintf(`
resource "aws_cognito_user_pool" "test" {
Expand Down

0 comments on commit 7fee424

Please sign in to comment.