-
Notifications
You must be signed in to change notification settings - Fork 9.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New resource: aws_cognito_user_pool_app_client #2874
New resource: aws_cognito_user_pool_app_client #2874
Conversation
|
Minimal Cognito User Pool App/Client resource. Only implements generate_secret, refresh_token_validity and read/write_attributes so far. All the Oauth stuff has been left for work at a later date.
8a70324
to
9b9c56a
Compare
Interestingly I managed to accidentally return I've since fixed the mistake and squashed the fix but have I done something wrong there? |
Moving this back to WIP because after a little bit of testing it looks like updating either read or write attributes but not both then wipes the other one. I'll try and debug what's going on there but it's not good to be merged until then. |
6ced0dc
to
80fb1be
Compare
Think that's fixed everything and have tests to cover that last issue too:
|
…clients If these aren't set when the resource is updated then they are removed. If there are no read/write attributes set then Cognito defaults to allowing users to read/write all attributes. From testing, the 'name' and 'refresh_token_validity' parameters aren't affected in the same way.
80fb1be
to
25508a2
Compare
Hi @tomelliff! Thanks for the comprehensive pull request. I have another couple to review ahead of this one but if no-one else picks this up first I will do so shortly. |
Cool, thanks. The only time I get to write any Go is when I contribute to Terraform so let me know if there's anything I've done wrong or could do better. |
Hi @tomelliff Can you please take a look and confirm that we can close this PR? Thanks. |
Ack, I'm not doing too well with Github search apparently and keep missing things that other people have done before starting. Looking at the discussion in the PR I can see this comment that seems to suggest that there's no support for custom attributes but I can't see why not because it was straightforward for me to add them (and I have tests for them too). I also noticed that the read_attributes and write_attributes are only set on an update when they are changed (c583147#diff-691a9416b6661d1ee9e2ed38b6dce6fdR269) but this won't actually work because if you set just the read attributes and not the write attributes the API annoyingly blanks the write attributes and vice versa. This has the awful fallback of making everything readable/writable as well :( I added a test in my PR to cover that use case but I could probably rework fixes on top of that work and close that PR if you want? I'd probably want to test the update a bit more heavily with a test case that loops through a lot of changes just from the weirdness going on with the attributes. |
That sounds like a good plan 👍 Thanks. |
I'm going to close this PR then and let you pick any changes & PR them separately. Thanks for all the efforts! |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
Minimal Cognito User Pool App/Client resource.
Only implements generate_secret, refresh_token_validity and read/write_attributes so far.
All the Oauth stuff has been left for work at a later date.