Closed xronz closed 1 month ago
https://github.com/aws-cloudformation/cloudformation-coverage-roadmap/issues/448#issuecomment-673222930 https://github.com/lgallard/terraform-aws-cognito-user-pool/blob/8130daedce8faf3f20ae5f18a7f07dc8544f0f09/main.tf#L257
### Due to the above statement assuming that both attributes are false, it is set to both attributes as null. ### So the option was forced to be set as a "Don’t remember" Option. ### However, the following configuration should be "Always remember", Allow users to bypass MFA for trusted devices "NO" device_configuration = { challenge_required_on_new_device = false device_only_remembered_on_user_prompt = false } ### These are the following combinations for device configuration: ### 1) "Don’t remember" Option device_configuration = { challenge_required_on_new_device = null device_only_remembered_on_user_prompt = null } ### 2) "User opt-in", Allows users to bypass MFA for trusted devices "YES" Option device_configuration = { challenge_required_on_new_device = true device_only_remembered_on_user_prompt = true } ### 3) "User opt-in", Allows users to bypass MFA for trusted devices "NO" Option device_configuration = { challenge_required_on_new_device = false device_only_remembered_on_user_prompt = true } ### 4) "Always remember", Allow users to bypass MFA for trusted devices "NO" Option device_configuration = { challenge_required_on_new_device = false device_only_remembered_on_user_prompt = false } ### 5) "Always remember", Allow users to bypass MFA for trusted devices "YES" Option device_configuration = { challenge_required_on_new_device = true device_only_remembered_on_user_prompt = false } ### Modify "main.tf" file ### Commented the Line 40 device_configuration # device_configuration # dynamic "device_configuration" { # for_each = local.device_configuration # content { # challenge_required_on_new_device = lookup(device_configuration.value, "challenge_required_on_new_device") # device_only_remembered_on_user_prompt = lookup(device_configuration.value, "device_only_remembered_on_user_prompt") # } # } ### Replaced with the following as Hotfix device_configuration { challenge_required_on_new_device = try(var.device_configuration.challenge_required_on_new_device, null) device_only_remembered_on_user_prompt = try(var.device_configuration.device_only_remembered_on_user_prompt, null) }
@xronz I'm closing this issue as release 0.32.0 fixes it.
If you have any comment, suggestions or doubts, just let me know.
lgallard
commented
1 month ago
https://github.com/aws-cloudformation/cloudformation-coverage-roadmap/issues/448#issuecomment-673222930 https://github.com/lgallard/terraform-aws-cognito-user-pool/blob/8130daedce8faf3f20ae5f18a7f07dc8544f0f09/main.tf#L257