diff --git a/packages/@aws-cdk/aws-cognito/README.md b/packages/@aws-cdk/aws-cognito/README.md index 9ffa940e469b7..da8d27e5d39ad 100644 --- a/packages/@aws-cdk/aws-cognito/README.md +++ b/packages/@aws-cdk/aws-cognito/README.md @@ -173,8 +173,8 @@ new UserPool(this, 'myuserpool', { }, customAttributes: { 'myappid': new StringAttribute({ minLen: 5, maxLen: 15, mutable: false }), - 'callingcode': new NumberAttribute({ min: 1, max: 3 }), - 'isEmployee': new BooleanAttribute({ developerOnly: true }), + 'callingcode': new NumberAttribute({ min: 1, max: 3, mutable: true }), + 'isEmployee': new BooleanAttribute({ mutable: true }), 'joinedOn': new DateTimeAttribute(), }, }); @@ -185,12 +185,8 @@ data types allow for further constraints on their length and values, respectivel Custom attributes cannot be marked as required. -All custom attributes share the common properties `developerOnly` and `mutable`. - - - `developerOnly` means that this attribute can only be modified by an administrator. The use of this property is discouraged - in favour of the use of write permissions for attributes in the user pool client (see [AppClients](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-client-apps.html)), - - - `mutable` allows the value to be changed after the value is set by the user. +All custom attributes share the property `mutable` that specifies whether the value of the attribute can be changed. +The default value is `false`. ### Security diff --git a/packages/@aws-cdk/aws-cognito/lib/user-pool-attr.ts b/packages/@aws-cdk/aws-cognito/lib/user-pool-attr.ts index 59d01f3296e75..6d1aa0c6c772d 100644 --- a/packages/@aws-cdk/aws-cognito/lib/user-pool-attr.ts +++ b/packages/@aws-cdk/aws-cognito/lib/user-pool-attr.ts @@ -142,14 +142,6 @@ export interface CustomAttributeConfig { */ readonly numberConstraints?: NumberAttributeConstraints; - /** - * Specifies whether the attribute type is developer only. This attribute can only be modified by an administrator. - * Users will not be able to modify this attribute using their access token. - * - * @default false - */ - readonly developerOnly?: boolean - /** * Specifies whether the value of the attribute can be changed. * For any user pool attribute that's mapped to an identity provider attribute, you must set this parameter to true. @@ -166,13 +158,6 @@ export interface CustomAttributeConfig { * Constraints that can be applied to a custom attribute of string type. */ export interface CustomAttributeProps { - /** - * Specifies whether the attribute type is developer only. This attribute can only be modified by an administrator. - * Users will not be able to modify this attribute using their access token. - * - * @default false - */ - readonly developerOnly?: boolean /** * Specifies whether the value of the attribute can be changed. @@ -191,7 +176,6 @@ export interface CustomAttributeProps { * should be used by subclasses to create base CustomAttributeConfig object inside the `bind()` method. */ export abstract class CustomAttribute implements ICustomAttribute { - protected readonly developerOnly?: boolean; protected readonly mutable?: boolean; /** @@ -200,7 +184,6 @@ export abstract class CustomAttribute implements ICustomAttribute { protected abstract readonly dataType: string; constructor(props: CustomAttributeProps = {}) { - this.developerOnly = props.developerOnly; this.mutable = props.mutable; } @@ -215,7 +198,6 @@ export abstract class CustomAttribute implements ICustomAttribute { protected baseAttributeConfig(): CustomAttributeConfig { return { dataType: this.dataType, - developerOnly: this.developerOnly, mutable: this.mutable, }; } @@ -277,7 +259,6 @@ export class StringAttribute extends CustomAttribute { return { dataType: aux.dataType, - developerOnly: aux.developerOnly, mutable: aux.mutable, stringConstraints, }; @@ -334,7 +315,6 @@ export class NumberAttribute extends CustomAttribute { return { dataType: aux.dataType, - developerOnly: aux.developerOnly, mutable: aux.mutable, numberConstraints, }; diff --git a/packages/@aws-cdk/aws-cognito/lib/user-pool.ts b/packages/@aws-cdk/aws-cognito/lib/user-pool.ts index 39161004acdd6..3543d13b49425 100644 --- a/packages/@aws-cdk/aws-cognito/lib/user-pool.ts +++ b/packages/@aws-cdk/aws-cognito/lib/user-pool.ts @@ -852,7 +852,6 @@ export class UserPool extends Resource implements IUserPool { attributeDataType: attrConfig.dataType, numberAttributeConstraints: (attrConfig.numberConstraints) ? numberConstraints : undefined, stringAttributeConstraints: (attrConfig.stringConstraints) ? stringConstraints : undefined, - developerOnlyAttribute: attrConfig.developerOnly, mutable: attrConfig.mutable, }; }); diff --git a/packages/@aws-cdk/aws-cognito/test/user-pool-attr.test.ts b/packages/@aws-cdk/aws-cognito/test/user-pool-attr.test.ts index 0bd5a6fec06c5..7246a49454343 100644 --- a/packages/@aws-cdk/aws-cognito/test/user-pool-attr.test.ts +++ b/packages/@aws-cdk/aws-cognito/test/user-pool-attr.test.ts @@ -18,7 +18,6 @@ describe('User Pool Attributes', () => { // THEN bounds.forEach((bound) => { - expect(bound.developerOnly).toBeUndefined(); expect(bound.mutable).toBeUndefined(); }); }); @@ -26,7 +25,6 @@ describe('User Pool Attributes', () => { describe('CustomAttribute base properties are set true as expected', () => { // GIVEN const allTrueProps = { - developerOnly: true, mutable: true, }; const allAttributeTypes: ICustomAttribute[] = [ @@ -42,7 +40,6 @@ describe('User Pool Attributes', () => { // THEN bounds.forEach((bound) => { test(`in attribute of type ${bound.dataType}:`, () => { - expect(bound.developerOnly).toEqual(true); expect(bound.mutable).toEqual(true); }); }); @@ -51,7 +48,6 @@ describe('User Pool Attributes', () => { describe('CustomAttribute base properties are set false as expected', () => { // GIVEN const allFalseProps = { - developerOnly: false, mutable: false, }; const allAttributeTypes: ICustomAttribute[] = [ @@ -67,7 +63,6 @@ describe('User Pool Attributes', () => { // THEN bounds.forEach((bound) => { test(`in attribute of type ${bound.dataType}`, () => { - expect(bound.developerOnly).toEqual(false); expect(bound.mutable).toEqual(false); }); });