I can't seem to find a way to enable SMS message and Authenticator apps in Mfa methods for a UserPool, through a CloudFormation template.
Through the console it was possible, but I was not able to do it when using a CF template. I could not find anything in the documentation that readily stated how to configure the user pool to have Mfa configuration: Optional, and have the two Mfa methods both enabled.
My general question would be, is this possible and if so how? I need both MFA methods, and MFA Optional
A snippet of the code I tried:
The code snippet above is obviously incomplete, I have run it with it being complete and working before.
When I run it without "EnabledMfas" I get the UserPool created with MFA Optional and SMS Message as the MFA method, but no Authenticator Apps.
I would think that the "EnabledMfas" would allow that configuration, but I get an error saying
Resource handler returned message: "Invalid request provided: Can't turn off SMS_MFA when SMS configuration is set for the user pool with a required or optional MFAConfiguration."
I dont want to turn of SMS MFA, I would like to have both SMS and Authenticator Apps.
Just wanted to close this as this can be done by having both SOFTWARE_TOKEN_MFA and SMS_MFA in EnabledMfas. This allows both types. The documentation made it seem that I had to choose one or the other.
Resource Name
AWS::Cognito::UserPool
Details
I can't seem to find a way to enable SMS message and Authenticator apps in Mfa methods for a UserPool, through a CloudFormation template.
Through the console it was possible, but I was not able to do it when using a CF template. I could not find anything in the documentation that readily stated how to configure the user pool to have Mfa configuration: Optional, and have the two Mfa methods both enabled. My general question would be, is this possible and if so how? I need both MFA methods, and MFA Optional
A snippet of the code I tried:![image](https://github.com/aws-cloudformation/cloudformation-coverage-roadmap/assets/44593416/7f750ce7-672e-4125-b3b4-113c8e375a62)
The code snippet above is obviously incomplete, I have run it with it being complete and working before. When I run it without "EnabledMfas" I get the UserPool created with MFA Optional and SMS Message as the MFA method, but no Authenticator Apps.
I would think that the "EnabledMfas" would allow that configuration, but I get an error saying
Resource handler returned message: "Invalid request provided: Can't turn off SMS_MFA when SMS configuration is set for the user pool with a required or optional MFAConfiguration."
I dont want to turn of SMS MFA, I would like to have both SMS and Authenticator Apps.