Added more options to the schema for Cognito User Pools

hashicorp · Sep 11, 2017 · ae03884 · ae03884
1 parent e00786f
commit ae03884
Show file tree

Hide file tree

Showing 4 changed files with 431 additions and 21 deletions.
diff --git a/aws/resource_aws_cognito_user_pool.go b/aws/resource_aws_cognito_user_pool.go
@@ -24,9 +24,29 @@ func resourceAwsCognitoUserPool() *schema.Resource {
 				ForceNew: true,
 			},
 
-			"email_verification_subject": {
-				Type:     schema.TypeString,
+			"alias_attributes": {
+				Type:     schema.TypeList,
+				Optional: true,
+				ForceNew: true,
+				Elem: &schema.Schema{
+					Type:         schema.TypeString,
+					ValidateFunc: validateCognitoUserPoolAliasAttribute,
+				},
+			},
+
+			"auto_verified_attributes": {
+				Type:     schema.TypeList,
 				Optional: true,
+				Elem: &schema.Schema{
+					Type:         schema.TypeString,
+					ValidateFunc: validateCognitoUserPoolAutoVerifiedAttribute,
+				},
+			},
+
+			"email_verification_subject": {
+				Type:         schema.TypeString,
+				Optional:     true,
+				ValidateFunc: validateCognitoUserPoolEmailVerificationSubject,
 			},
 
 			"email_verification_message": {
@@ -35,12 +55,26 @@ func resourceAwsCognitoUserPool() *schema.Resource {
 				ValidateFunc: validateCognitoUserPoolEmailVerificationMessage,
 			},
 
+			"sms_authentication_message": {
+				Type:         schema.TypeString,
+				Optional:     true,
+				ValidateFunc: validateCognitoUserPoolSmsAuthenticationMessage,
+			},
+
+			"sms_verification_message": {
+				Type:         schema.TypeString,
+				Optional:     true,
+				ValidateFunc: validateCognitoUserPoolSmsVerificationMessage,
+			},
+
 			"mfa_configuration": {
 				Type:         schema.TypeString,
 				Optional:     true,
 				Default:      cognitoidentityprovider.UserPoolMfaTypeOff,
 				ValidateFunc: validateCognitoUserPoolMfaConfiguration,
 			},
+
+			"tags": tagsSchema(),
 		},
 	}
 }
@@ -52,6 +86,14 @@ func resourceAwsCognitoUserPoolCreate(d *schema.ResourceData, meta interface{})
 		PoolName: aws.String(d.Get("name").(string)),
 	}
 
+	if v, ok := d.GetOk("alias_attributes"); ok {
+		params.AliasAttributes = expandStringList(v.([]interface{}))
+	}
+
+	if v, ok := d.GetOk("auto_verified_attributes"); ok {
+		params.AutoVerifiedAttributes = expandStringList(v.([]interface{}))
+	}
+
 	if v, ok := d.GetOk("email_verification_subject"); ok {
 		params.EmailVerificationSubject = aws.String(v.(string))
 	}
@@ -64,6 +106,17 @@ func resourceAwsCognitoUserPoolCreate(d *schema.ResourceData, meta interface{})
 		params.MfaConfiguration = aws.String(v.(string))
 	}
 
+	if v, ok := d.GetOk("sms_authentication_message"); ok {
+		params.SmsAuthenticationMessage = aws.String(v.(string))
+	}
+
+	if v, ok := d.GetOk("sms_verification_message"); ok {
+		params.SmsVerificationMessage = aws.String(v.(string))
+	}
+
+	if v, ok := d.GetOk("tags"); ok {
+		params.UserPoolTags = tagsFromMapGeneric(v.(map[string]interface{}))
+	}
 	log.Printf("[DEBUG] Creating Cognito User Pool: %s", params)
 
 	resp, err := conn.CreateUserPool(params)
@@ -97,17 +150,29 @@ func resourceAwsCognitoUserPoolRead(d *schema.ResourceData, meta interface{}) er
 		return err
 	}
 
+	if resp.UserPool.AliasAttributes != nil {
+		d.Set("alias_attributes", flattenStringList(resp.UserPool.AliasAttributes))
+	}
+	if resp.UserPool.AutoVerifiedAttributes != nil {
+		d.Set("auto_verified_attributes", flattenStringList(resp.UserPool.AutoVerifiedAttributes))
+	}
 	if resp.UserPool.EmailVerificationSubject != nil {
 		d.Set("email_verification_subject", *resp.UserPool.EmailVerificationSubject)
 	}
-
 	if resp.UserPool.EmailVerificationMessage != nil {
 		d.Set("email_verification_message", *resp.UserPool.EmailVerificationMessage)
 	}
-
 	if resp.UserPool.MfaConfiguration != nil {
 		d.Set("mfa_configuration", *resp.UserPool.MfaConfiguration)
 	}
+	if resp.UserPool.SmsVerificationMessage != nil {
+		d.Set("sms_verification_message", *resp.UserPool.SmsVerificationMessage)
+	}
+	if resp.UserPool.SmsAuthenticationMessage != nil {
+		d.Set("sms_authentication_message", *resp.UserPool.SmsAuthenticationMessage)
+	}
+
+	d.Set("tags", tagsToMapGeneric(resp.UserPool.UserPoolTags))
 
 	return nil
 }
@@ -119,6 +184,12 @@ func resourceAwsCognitoUserPoolUpdate(d *schema.ResourceData, meta interface{})
 		UserPoolId: aws.String(d.Id()),
 	}
 
+	// TODO - Handle update of AliasAttributes
+
+	if d.HasChange("auto_verified_attributes") {
+		params.AutoVerifiedAttributes = expandStringList(d.Get("auto_verified_attributes").([]interface{}))
+	}
+
 	if d.HasChange("email_verification_subject") {
 		params.EmailVerificationSubject = aws.String(d.Get("email_verification_subject").(string))
 	}
@@ -131,14 +202,26 @@ func resourceAwsCognitoUserPoolUpdate(d *schema.ResourceData, meta interface{})
 		params.MfaConfiguration = aws.String(d.Get("mfa_configuration").(string))
 	}
 
+	if d.HasChange("sms_authentication_message") {
+		params.SmsAuthenticationMessage = aws.String(d.Get("sms_authentication_message").(string))
+	}
+
+	if d.HasChange("sms_verification_message") {
+		params.SmsVerificationMessage = aws.String(d.Get("sms_verification_message").(string))
+	}
+
+	if d.HasChange("tags") {
+		params.UserPoolTags = tagsFromMapGeneric(d.Get("tags").(map[string]interface{}))
+	}
+
 	log.Printf("[DEBUG] Updating Cognito User Pool: %s", params)
 
 	_, err := conn.UpdateUserPool(params)
 	if err != nil {
 		return errwrap.Wrapf("Error updating Cognito User pool: {{err}}", err)
 	}
 
-	return nil
+	return resourceAwsCognitoUserPoolRead(d, meta)
 }
 
 func resourceAwsCognitoUserPoolDelete(d *schema.ResourceData, meta interface{}) error {

diff --git a/aws/resource_aws_cognito_user_pool_test.go b/aws/resource_aws_cognito_user_pool_test.go
@@ -14,7 +14,7 @@ import (
 )
 
 func TestAccAWSCognitoUserPool_basic(t *testing.T) {
-	name := fmt.Sprintf("%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum))
+	name := acctest.RandString(5)
 
 	resource.Test(t, resource.TestCase{
 		PreCheck:     func() { testAccPreCheck(t) },
@@ -32,27 +32,133 @@ func TestAccAWSCognitoUserPool_basic(t *testing.T) {
 	})
 }
 
-func TestAccAWSCognitoUserPool_withVerificationMessage(t *testing.T) {
-	subject := fmt.Sprintf("%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum))
-	message := fmt.Sprintf("%s {####}", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum))
+func TestAccAWSCognitoUserPool_withEmailVerificationMessage(t *testing.T) {
+	name := acctest.RandString(5)
+	subject := acctest.RandString(10)
+	updatedSubject := acctest.RandString(10)
+	message := fmt.Sprintf("%s {####}", acctest.RandString(10))
+	upatedMessage := fmt.Sprintf("%s {####}", acctest.RandString(10))
 
 	resource.Test(t, resource.TestCase{
 		PreCheck:     func() { testAccPreCheck(t) },
 		Providers:    testAccProviders,
 		CheckDestroy: testAccCheckAWSCognitoUserPoolDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAWSCognitoUserPoolConfig_withVerificationMessage(subject, message),
+				Config: testAccAWSCognitoUserPoolConfig_withEmailVerificationMessage(name, subject, message),
 				Check: resource.ComposeAggregateTestCheckFunc(
 					testAccCheckAWSCognitoUserPoolExists("aws_cognito_user_pool.pool"),
 					resource.TestCheckResourceAttr("aws_cognito_user_pool.pool", "email_verification_subject", subject),
 					resource.TestCheckResourceAttr("aws_cognito_user_pool.pool", "email_verification_message", message),
 				),
 			},
+			{
+				Config: testAccAWSCognitoUserPoolConfig_withEmailVerificationMessage(name, updatedSubject, upatedMessage),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					resource.TestCheckResourceAttr("aws_cognito_user_pool.pool", "email_verification_subject", updatedSubject),
+					resource.TestCheckResourceAttr("aws_cognito_user_pool.pool", "email_verification_message", upatedMessage),
+				),
+			},
+		},
+	})
+}
+
+func TestAccAWSCognitoUserPool_withSmsVerificationMessage(t *testing.T) {
+	name := acctest.RandString(5)
+	authenticationMessage := fmt.Sprintf("%s {####}", acctest.RandString(10))
+	updatedAuthenticationMessage := fmt.Sprintf("%s {####}", acctest.RandString(10))
+	verificationMessage := fmt.Sprintf("%s {####}", acctest.RandString(10))
+	upatedVerificationMessage := fmt.Sprintf("%s {####}", acctest.RandString(10))
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckAWSCognitoUserPoolDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAWSCognitoUserPoolConfig_withSmsVerificationMessage(name, authenticationMessage, verificationMessage),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					testAccCheckAWSCognitoUserPoolExists("aws_cognito_user_pool.pool"),
+					resource.TestCheckResourceAttr("aws_cognito_user_pool.pool", "sms_authentication_message", authenticationMessage),
+					resource.TestCheckResourceAttr("aws_cognito_user_pool.pool", "sms_verification_message", verificationMessage),
+				),
+			},
+			{
+				Config: testAccAWSCognitoUserPoolConfig_withSmsVerificationMessage(name, updatedAuthenticationMessage, upatedVerificationMessage),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					resource.TestCheckResourceAttr("aws_cognito_user_pool.pool", "sms_authentication_message", updatedAuthenticationMessage),
+					resource.TestCheckResourceAttr("aws_cognito_user_pool.pool", "sms_verification_message", upatedVerificationMessage),
+				),
+			},
+		},
+	})
+}
+
+func TestAccAWSCognitoUserPool_withTags(t *testing.T) {
+	name := acctest.RandString(5)
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckAWSCognitoUserPoolDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAWSCognitoUserPoolConfig_withTags(name),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					testAccCheckAWSCognitoUserPoolExists("aws_cognito_user_pool.pool"),
+					resource.TestCheckResourceAttr("aws_cognito_user_pool.pool", "tags.Name", "Foo"),
+				),
+			},
+			{
+				Config: testAccAWSCognitoUserPoolConfig_withTagsUpdated(name),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					resource.TestCheckResourceAttr("aws_cognito_user_pool.pool", "tags.Name", "FooBar"),
+					resource.TestCheckResourceAttr("aws_cognito_user_pool.pool", "tags.Project", "Terraform"),
+				),
+			},
 		},
 	})
 }
 
+//func TestAccAWSCognitoUserPool_attributes(t *testing.T) {
+//	name := acctest.RandString(5)
+//	subject := acctest.RandString(10)
+//	message := fmt.Sprintf("%s {####}", acctest.RandString(10))
+//	authenticationMessage := fmt.Sprintf("%s {####}", acctest.RandString(10))
+//	verificationMessage := fmt.Sprintf("%s {####}", acctest.RandString(10))
+//
+//	resource.Test(t, resource.TestCase{
+//		PreCheck:     func() { testAccPreCheck(t) },
+//		Providers:    testAccProviders,
+//		CheckDestroy: testAccCheckAWSCognitoUserPoolDestroy,
+//		Steps: []resource.TestStep{
+//			{
+//				Config: testAccAWSCognitoUserPoolConfig_attributes(name, authenticationMessage, verificationMessage, subject, message),
+//				Check: resource.ComposeAggregateTestCheckFunc(
+//					testAccCheckAWSCognitoUserPoolExists("aws_cognito_user_pool.pool"),
+//					resource.TestCheckResourceAttr("aws_cognito_user_pool.pool", "alias_attributes.#", "3"),
+//					resource.TestCheckResourceAttr("aws_cognito_user_pool.pool", "alias_attributes.0", "email"),
+//					resource.TestCheckResourceAttr("aws_cognito_user_pool.pool", "alias_attributes.1", "phone_number"),
+//					resource.TestCheckResourceAttr("aws_cognito_user_pool.pool", "alias_attributes.2", "preferred_username"),
+//					resource.TestCheckResourceAttr("aws_cognito_user_pool.pool", "auto_verified_attributes.#", "2"),
+//					resource.TestCheckResourceAttr("aws_cognito_user_pool.pool", "auto_verified_attributes.0", "email"),
+//					resource.TestCheckResourceAttr("aws_cognito_user_pool.pool", "auto_verified_attributes.1", "phone_number"),
+//				),
+//			},
+//			{
+//				Config: testAccAWSCognitoUserPoolConfig_attributesUpdated(name, subject, message),
+//				Check: resource.ComposeAggregateTestCheckFunc(
+//					resource.TestCheckResourceAttr("aws_cognito_user_pool.pool", "alias_attributes.#", "2"),
+//					resource.TestCheckResourceAttr("aws_cognito_user_pool.pool", "alias_attributes.0", "email"),
+//					resource.TestCheckResourceAttr("aws_cognito_user_pool.pool", "alias_attributes.1", "preferred_username"),
+//					resource.TestCheckResourceAttr("aws_cognito_user_pool.pool", "auto_verified_attributes.#", "1"),
+//					resource.TestCheckResourceAttr("aws_cognito_user_pool.pool", "auto_verified_attributes.0", "email"),
+//				),
+//			},
+//		},
+//	})
+//}
+
 func testAccCheckAWSCognitoUserPoolDestroy(s *terraform.State) error {
 	conn := testAccProvider.Meta().(*AWSClient).cognitoidpconn
 
@@ -107,17 +213,69 @@ func testAccCheckAWSCognitoUserPoolExists(name string) resource.TestCheckFunc {
 
 func testAccAWSCognitoUserPoolConfig_basic(name string) string {
 	return fmt.Sprintf(`
-	resource "aws_cognito_user_pool" "pool" {
-		name = "%s"
-	}`, name)
+resource "aws_cognito_user_pool" "pool" {
+  name = "%s"
+}`, name)
+}
+
+func testAccAWSCognitoUserPoolConfig_withEmailVerificationMessage(name, subject, message string) string {
+	return fmt.Sprintf(`
+resource "aws_cognito_user_pool" "pool" {
+  name = "terraform-test-pool-%s"
+
+  email_verification_subject = "%s"
+  email_verification_message = "%s"
+}`, name, subject, message)
+}
+
+func testAccAWSCognitoUserPoolConfig_withSmsVerificationMessage(name, authenticationMessage, verificationMessage string) string {
+	return fmt.Sprintf(`
+resource "aws_cognito_user_pool" "pool" {
+  name = "terraform-test-pool-%s"
+
+  sms_authentication_message = "%s"
+  sms_verification_message   = "%s"
+}`, name, authenticationMessage, verificationMessage)
 }
 
-func testAccAWSCognitoUserPoolConfig_withVerificationMessage(subject, message string) string {
+func testAccAWSCognitoUserPoolConfig_withTags(name string) string {
 	return fmt.Sprintf(`
-	resource "aws_cognito_user_pool" "pool" {
-		name = "terraform-test-pool"
+resource "aws_cognito_user_pool" "pool" {
+  name = "terraform-test-pool-%s"
 
-		email_verification_subject = "%s"
-		email_verification_message = "%s"
-	}`, subject, message)
+  tags {
+    "Name" = "Foo"
+  }
+}`, name)
 }
+
+func testAccAWSCognitoUserPoolConfig_withTagsUpdated(name string) string {
+	return fmt.Sprintf(`
+resource "aws_cognito_user_pool" "pool" {
+  name = "terraform-test-pool-%s"
+
+  tags {
+    "Name"    = "FooBar"
+    "Project" = "Terraform"
+  }
+}`, name)
+}
+
+//func testAccAWSCognitoUserPoolConfig_attributes(name, authenticationMessage, verificationMessage, subject, message string) string {
+//	return fmt.Sprintf(`
+//	resource "aws_cognito_user_pool" "pool" {
+//		name = "terraform-test-pool-%s"
+//
+//		alias_attributes         = ["preferred_username"]
+//	}`, name, subject, message, authenticationMessage, verificationMessage)
+//}
+//
+//func testAccAWSCognitoUserPoolConfig_attributesUpdated(name, subject, message string) string {
+//	return fmt.Sprintf(`
+//	resource "aws_cognito_user_pool" "pool" {
+//		name = "terraform-test-pool-%s"
+//
+//		alias_attributes         = ["email", "preferred_username"]
+//		auto_verified_attributes = ["email", "phone_number"]
+//	}`, name, subject, message)
+//}