search

crossplane-contrib / provider-upjet-aws

Official AWS Provider for Crossplane by Upbound.
https://marketplace.upbound.io/providers/upbound/provider-aws
Apache License 2.0
137 stars 113 forks source link

Issues with adding cognito user pool custom attributes #427

Open mmclane opened 1 year ago

mmclane commented 1 year ago

What happened?

I am trying to write an XRD to build out cognito user pools for our devs. When I try to configure a custom attribute I am seeing behavior I don't expect. I think there is something wrong with this fuctionality.

Issues:

When I set the schema as follows it only sets email as required, phone_number doesn't get created

schema:
  - name: email
    attributeDataType: String
    required: true
  - name: phone_number
    attributeDataType: String
    required: false
    mutable: true
    stringAttributeConstraints:
      - maxValue: "12"
        minValue: "0"

If however I set the name to be custom:phone_number it does create the additional attribute but its not configured as I would expect. The name ends up being custom:custom:phone_number. Additionally the maxValue isn't 12, its 2048.

If I however set the attributeDataType to Number and use numberAttributeConstraints instead everything works as expected.

How can we reproduce it?

This is the XRD that I am working on.

apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
  name: xtests.cognito.doc.network
spec:
  compositeTypeRef:
    apiVersion: cognito.doc.network/v1alpha1
    kind: XTest
  resources:
  - name: pool
    base:
      apiVersion: cognitoidp.aws.upbound.io/v1beta1
      kind: UserPool
      metadata:
        labels:
          userpool: this
      spec:
        forProvider:
          autoVerifiedAttributes:
            - email
          region: us-east-1
          passwordPolicy:
            - minimumLength: 6
              requireNumbers: false
              requireSymbols: false
              requireUppercase: false
              temporaryPasswordValidityDays: 7
          mfaConfiguration: OPTIONAL
          softwareTokenMfaConfiguration:
            - enabled: true
          schema:
            - name: email
              attributeDataType: String
              required: true
            - name: custom:phone_number
              attributeDataType: String
              required: false
              mutable: true
              stringAttributeConstraints:
                - maxValue: "6"
                  minValue: "0"
          adminCreateUserConfig:
            - allowAdminCreateUserOnly: true
    patches:
      - fromFieldPath: spec.devuser
        toFieldPath: spec.forProvider.name
        transforms:
          - type: string
            string:
              fmt: "%s-cognito-user-pool"
      - fromFieldPath: spec.customizations.passwordPolicy
        toFieldPath: spec.forProvider.passwordPolicy[0]
      - fromFieldPath: spec.customizations.disable-self-registration
        toFieldPath: spec.forProvider.adminCreateUserConfig[0].allowAdminCreateUserOnly

What environment did it happen in?

mmclane commented 1 year ago

Its worth noting that using c:phone_number results in a custom attribute named custom:c:phone_number

mmclane commented 1 year ago

I have also found that I can use phonenumber and it will create the custom attribute as custom:phonenumber. It does still have the wrong maxvalue (2048) however.

Its worth noting that I can go through the AWS console at create a custom string attribute with phone_number. We are also creating these with terraform today.