Terraform-provider-aws: Set account recovery preference
Description
It'll be useful if we can set the user account recovery preference. The default without specification selects an option that's no longer recommended by AWS.
For example, I may want to set this to _Email only_ instead, as annotated by the red rectangle in the image below:
As per my understanding, this doesn't yet appear to be supported by this resource.
New or Affected Resource(s)
- aws_cognito_user_pool
References
- My original query on SO; https://stackoverflow.com/questions/59120055
Community Note
- Please vote on this issue by adding a 馃憤 reaction to the original issue to help the community and maintainers prioritize this request
- Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
- If you are interested in working on this issue or have submitted a pull request, please leave a comment
pjlangley
All 11 comments
+1
hildoer
on 21 Dec 2019
+1
omarelsaid
on 19 Jan 2020
+1
mtraynham
on 10 Feb 2020
+1
tonesp
on 12 Feb 2020
+1. On the plus side, there's been a recent change (for the better) to the defaults for Account Recovery. See https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html#CognitoUserPools-CreateUserPool-request-AccountRecoverySetting.
Starting February 1, 2020, the value of AccountRecoverySetting will default to verified_email first and verified_phone_number as the second option for newly created user pools if no value is provided.
davesalomon
on 18 Feb 2020
@davesalomon I created a few user pools today and they defaulted to the Not Recommended option.
kdubmartins
on 3 Jun 2020
+1
AlejandroGalAtSportBLX
on 25 Jun 2020
Did the above issue resolved ? Do we have any new parameters in terraform in order to update the recovery of account configuration in cognito . If so kindly update the newly added parameter over here.
jeffrystev
on 28 Aug 2020
Fairly sure this is still outstanding. AWS have also reverted their documentation back to 'Prefer SMS' 馃槥
In the absence of this setting, Cognito uses the legacy behavior to determine the recovery method where SMS is preferred over email.
davesalomon
on 28 Aug 2020
Has there been any communication with regards to this ?
Am I correct in assuming that the only work around is the local exec route ? I've seen quite a few people mentioning they would prefer not to use local exec - is there a reason for this ?
thanks a bunch
ScratZa
on 27 Oct 2020
Hi all! :wave: Just wanted to direct you to our public roadmap for this quarter (Nov-Jan) in which this item has been mentioned.
Due to the significant community interest in support for this feature, we will be looking at merging existing contributions soon.
We appreciate all the contributions and feedback thus far.
Look out for support in the provider soon!
breathingdust
on 6 Nov 2020
Related issues
ccslamstack
路
3Comments
hashibot
路
3Comments
hashibot
路
3Comments
dvishniakov
路
3Comments
blaltarriba
路
3Comments
Most helpful comment
@davesalomon I created a few user pools today and they defaulted to the Not Recommended option.