[Enhancement]: Data Sources for Cognito User Pool

[hanoj-budime]

Description

Currently, we lack real-time descriptions of user pool information, which is crucial for end applications and Terraform operations to gather data. This information includes whether the user pool configuration has MFA activated, password patterns, sign-up enablement, required fields, etc.

Similarly, we are also missing real-time descriptions of app client information. This could prove beneficial for end applications, providing insights into whether the app client auth session timeout settings, etc.

Affected Resource(s) and/or Data Source(s)

data "aws_cognito_user_pool" "describe_user_pool"

{
  "UserPool": {
      "MfaConfiguration": "OFF",
      "Name": "MyUserPool",
      "AutoVerifiedAttributes": [
          "email"
      ],
      "Policies": {
          "PasswordPolicy": {
              "RequireLowercase": true,
              "RequireSymbols": true,
              "RequireNumbers": true,
              "MinimumLength": 8,
              "RequireUppercase": true
          }
      },
      "UsernameAttributes": [
          "email"
      ],
      "Id": "us-west-2_aaaaaaaaa",
  }
}

Potential Terraform Configuration

No response

References

No response

Would you like to implement a fix?

No

[github-actions[bot]]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.

[danquack]

@HanojHanu you mentioned a data source for a specific user pool, but your title also stated a data source for an app client. There is a data source for user_pool_client is that what you are referring to?

From the description, it just appears you want to lookup the properties for a user pool, so just want to make sure I understand what insight you are looking for.

[hanoj-budime]

Yes, @danquack.

Looking for data source for a specific user pool

[SolomonHD]

Yes, we need a data "aws_cognito_user_pool", without we can't get the custom domain attribute. I have to use a pre-existing user pool.

I've got a hack with the import block and the resource "aws_cognito_user_pool" with an ignore_changes lifecycle attached, but it requires that I remove it from state before deleting to avoid errors.

[github-actions[bot]]

[!WARNING] This issue has been closed, meaning that any additional comments are hard for our team to see. Please assume that the maintainers will not see them.

Ongoing conversations amongst community members are welcome, however, the issue will be locked after 30 days. Moving conversations to another venue, such as the AWS Provider forum, is recommended. If you have additional concerns, please open a new issue, referencing this one where needed.