Complete the code to create a new Cognito User Pool with a name.
resource "aws_cognito_user_pool" "[1]" { name = "MyUserPool" }
The resource name must be a valid identifier. "my_user_pool" is a clear and valid name for the Cognito User Pool resource.
Complete the code to enable email as a sign-in alias in the Cognito User Pool.
resource "aws_cognito_user_pool" "my_user_pool" { name = "MyUserPool" [1] = ["email"] }
The correct attribute to enable email as a sign-in alias is alias_attributes. This allows users to sign in using their email address.
Fix the error in the code to set password policy minimum length to 8.
resource "aws_cognito_user_pool" "my_user_pool" { name = "MyUserPool" password_policy { minimum_length = [1] } }
The minimum_length must be a number, not a string. So, use 8 without quotes.
Fill both blanks to configure MFA to be optional and enable SMS as a second factor.
resource "aws_cognito_user_pool" "my_user_pool" { name = "MyUserPool" mfa_configuration = "[1]" sms_configuration { [2] = "arn:aws:iam::123456789012:role/SMSRole" } }
Setting mfa_configuration to OPTIONAL allows users to choose MFA. The correct key for the SMS role ARN is sns_caller_arn.
Fill all three blanks to create a user pool client with no secret and enable refresh token validity for 30 days.
resource "aws_cognito_user_pool_client" "my_user_pool_client" { name = "MyUserPoolClient" user_pool_id = aws_cognito_user_pool.my_user_pool.id [1] = false refresh_token_validity = [2] token_validity_units { refresh_token = "[3]" } }
The correct attribute to disable client secret generation is generate_secret. The refresh token validity is set to 30, and the unit is 'days'.