[Bug]: aws_cognito_user_pool_client : Terraform wants to update my token_validity_units parameters even if the parameters are null

[thibops]

Terraform Core Version

1.5.5

AWS Provider Version

5.37.0

Affected Resource(s)

aws_cognito_user_pool_client

Expected Behavior

No change in the infrastructure

Actual Behavior

aws_cognito_user_pool_client.multitenancy will be updated in-place
  ~ resource "aws_cognito_user_pool_client" "default-multitenancy" {
        id                                            = "aaa"
        name                                          = "default"
        # (17 unchanged attributes hidden)

      ~ token_validity_units {
          + access_token  = "hours"
          + id_token      = "hours"
            # (1 unchanged attribute hidden)
        }
    }

Relevant Error/Panic Output Snippet

No response

Terraform Configuration Files

resource "aws_cognito_user_pool_client" "multitenancy" {
  name                                 = "default"
  user_pool_id                         = aws_cognito_user_pool.pool.id
  generate_secret                      = false
  allowed_oauth_flows_user_pool_client = false
  explicit_auth_flows                  = ["AA"]
  token_validity_units {
    refresh_token = "days"
  }
  refresh_token_validity               = 950
}

Steps to Reproduce

terraform plan

Debug Output

terraform import <my actual aws_cognito_user_pool_client ressource>
terraform state show <my actual aws_cognito_user_pool_client ressource>

resource "aws_cognito_user_pool_client" "test" {
....
token_validity_units {
        refresh_token = "days"
    }
}

Panic Output

No response

Important Factoids

These parameters should be not added in the state (optional): access_token = "hours"

• id_token = "hours"

References

No response

Would you like to implement a fix?

None

[github-actions[bot]]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.