aws_cognito_identity_pool providers wiped on updates to other arguments

[matthewmann-RL]

When updating an aws_cognito_identity_pool, identity providers are being deleted despite terraform plan not showing them to be deleted.

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform CLI and Terraform AWS Provider Version

Terraform v0.13.6
+ provider registry.terraform.io/hashicorp/aws v3.69.0
+ provider registry.terraform.io/hashicorp/external v2.1.1
+ provider registry.terraform.io/hashicorp/time v0.7.2

Affected Resource(s)

• aws_cognito_identity_pool

Terraform Configuration Files

resource "aws_cognito_identity_pool" "identity_pool" {
  identity_pool_name               = "my_identity_pool"
  allow_unauthenticated_identities = false

  cognito_identity_providers {
    client_id               = "<insert a user pool client id>"
    provider_name           = "<insert a user pool endpoint>"
  }
  tags = {
    mock_tag = var.tag_value
  }
}

Debug Output

Debug output contains sensitive information.

Expected Behavior

Terraform should have just updated the tags on the Identity Pool on the second apply.

Actual Behavior

The identity provider on the identity pool was deleted on the subsequent apply, despite not being specified to be deleted in the plan.

Steps to Reproduce

1. TF_VAR_tag_value=mock_value_1 terraform apply
2. TF_VAR_tag_value=mock_value_2 terraform apply

Important Factoids

We've confirmed that this behavior does not occur on v3.68 of the AWS provider.

References

• We believe the bug was introduced in https://github.com/hashicorp/terraform-provider-aws/commit/aab94a4bd50d9058258b575bfac5f71404637021#diff-4c72bfe6035d4a0572c0c358859848900e76450973c0761f1fbc3d7672fc7faeR236

[github-actions[bot]]

Marking this issue as stale due to inactivity. This helps our maintainers find and focus on the active issues. If this issue receives no comments in the next 30 days it will automatically be closed. Maintainers can also remove the stale label.

If this issue was automatically closed and you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thank you!

[github-actions[bot]]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.