Confusing downstream error about Cognito user pool SMS invite message template

[steinybot]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version

Terraform v0.12.24

• provider.aws v2.59.0

Affected Resource(s)

• aws_cognito_user_pool

Terraform Configuration Files

resource "aws_cognito_user_pool" "users" {
  admin_create_user_config {
    allow_admin_create_user_only = true
    invite_message_template {
      email_message = <<EOF
Hi,

A new CommUnity account has been created for you.

Username: {username}
Temporary password: {####}

Please login and change your password.
EOF
      email_subject = "Your new CommUnity account"
    }
  }
  auto_verified_attributes = [
    "email"
  ]
  name                     = "CommUnityUsers"
  mfa_configuration        = "ON"
  password_policy {
    minimum_length                   = 8
    temporary_password_validity_days = 7
  }
  schema {
    attribute_data_type = "String"
    name                = "email"
    required            = true
  }
  schema {
    attribute_data_type = "String"
    name                = "name"
    required            = true
  }
  software_token_mfa_configuration {
    enabled = true
  }
  tags                     = local.common_tags
  username_attributes      = [
    "email"
  ]
  username_configuration {
    case_sensitive = false
  }
  verification_message_template {
    default_email_option = "CONFIRM_WITH_CODE"
    email_message        = <<EOF
Hi,

You need to confirm your email address for your CommUnity account.

Code: {####}

Please login and enter this code.
EOF
    email_subject        = "Confirm your CommUnity account"
  }
}

Debug Output

Panic Output

Expected Behavior

The user pool should be created.

Actual Behavior

It failed with:

...
2020/04/28 18:20:50 [WARN] Provider "registry.terraform.io/-/aws" produced an invalid plan for aws_cognito_user_pool.users, but we are tolerating it because it is using the legacy plugin SDK.
    The following problems may be the cause of any confusing errors from downstream operations:
      - .lambda_config: attribute representing nested block must not be unknown itself; set nested attribute values to unknown instead
      - .sms_configuration: attribute representing nested block must not be unknown itself; set nested attribute values to unknown instead
...
Error: Error creating Cognito User Pool: InvalidParameter: 1 validation error(s) found.
- minimum field size of 6, CreateUserPoolInput.AdminCreateUserConfig.InviteMessageTemplate.SMSMessage.

Steps to Reproduce

1. terraform apply

Important Factoids

I have no idea what "set nested attribute values to unknown instead" means. How do I set it to unkown?

References

[steinybot]

I can also see in the logs that it says:

2020-04-28T18:30:19.813+1200 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4: 2020/04/28 18:30:19 [DEBUG] setting computed for "sms_configuration" from ComputedKeys
2020-04-28T18:30:19.814+1200 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4: 2020/04/28 18:30:19 [DEBUG] Creating Cognito User Pool: {
2020-04-28T18:30:19.814+1200 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4:   AdminCreateUserConfig: {
2020-04-28T18:30:19.814+1200 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4:     AllowAdminCreateUserOnly: true,
2020-04-28T18:30:19.814+1200 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4:     InviteMessageTemplate: {
2020-04-28T18:30:19.814+1200 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4:       EmailMessage: "Hi,\n\nA new CommUnity account has been created for you.\n\nUsername: {username}\nTemporary password: {####}\n\nPlease login and change your password.\n",
2020-04-28T18:30:19.814+1200 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4:       EmailSubject: "Your new CommUnity account",
2020-04-28T18:30:19.814+1200 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4:       SMSMessage: ""
2020-04-28T18:30:19.814+1200 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4:     },
2020-04-28T18:30:19.814+1200 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4:     UnusedAccountValidityDays: 0
2020-04-28T18:30:19.814+1200 [DEBUG] plugin.terraform-provider-aws_v2.59.0_x4:   },

[ConnorBarnhill]

Just ran into this, providing admin_create_user_config.invite_message_template.sms_message fixed it. I guess this field isn't optional if other values in admin_create_user_config.invite_message_template are given?

[Sohaib112]

Facing the same error. I have to comment the SMS message but it is throwing me this as well Error: Error updating Cognito User pool: InvalidParameter: 1 validation error(s) found. │ - minimum field size of 6, UpdateUserPoolInput.AdminCreateUserConfig.InviteMessageTemplate.SMSMessage.

admin_create_user_config {
   allow_admin_create_user_only = false

   invite_message_template {
     email_message = "Your username is {username}. Your temporary password is {####}. "
     email_subject = "Sign up for Kibana"
     # sms_message   = "Your username is {username}. Sign up at {####} "
   }
 }

Is there any solution to this ??

[ConnorBarnhill]

@Sohaib112 Based on my previous comment, I think you may have to provide the sms template as well (whether or not you use it)