It's worth noting that *MOST* of these "consent" implementations are flat out *wrong* … what you are supposed to do, is *NOT* include 3rd party tracking scripts that use cookies until *AFTER* you've gotten consent. In practice, you aren't getting consent as you've already tracked the user in a meaningful way by including your analytics, ads etc.
When using this, you should only put in tracking/analytics/ads after the user hits the consent option.
In my experience, the main difficulty is identifying, classifying, and documenting the cookies that are used... and then updating the codebase so that they are only set once the visitor has opted in. This is especially difficult when Google Tag Manager is involved, and/or swathes of tracking scripts have recklessly been bundled in over the years.
Projects and services that tout "automatic cookie consent with minimal config" are extremely frustrating, because they hide the actual issue. Implementing a cookie consent UI is itself not a particularly difficult task.