[Bug]: DecodeIdentityProviderID breaks when valid IdP names have a colon

[maxschae4]

Terraform Core Version

1.1.8

AWS Provider Version

5.2.0

Affected Resource(s)

aws_cognito_identity_provider

Expected Behavior

Successful rectification of successfully created IdP resource.

Actual Behavior

Terraform bailed out after successfully provisioning the IdP resource.

Relevant Error/Panic Output Snippet

Error: reading Amazon Cognito IDP (Identity Provider) Identity Provider (us-west-2_foobar:FOO-SSO:UAT:SAML2.0): expected ID in format UserPoolID:ProviderName, received: us-west-2_foobar:FOO-SSO:UAT:SAML2.0

Terraform Configuration Files

resource "aws_cognito_identity_provider" "federated_idp" {

  user_pool_id  = aws_cognito_user_pool.this.id
  # error happens because of the colon in the provider name
  provider_name = "foo:bar"
  provider_type = "SAML"

  provider_details = {
    MetadataFile = var.metadata_xml
  }

  lifecycle {
    ignore_changes = [
      provider_details["SSORedirectBindingURI"]
    ]
  }

  attribute_mapping = {
    "email"       = "urn:oid:0.9.2342.19200300.100.1.3"
    "family_name" = "urn:oid:2.5.4.4"
    "given_name"  = "urn:oid:2.5.4.42"
  }
}

Steps to Reproduce

Create an identity provider using a colon in the "name."

Debug Output

No response

Panic Output

No response

Important Factoids

The : (colon) in the name is what is breaking this for us. The aws-terraform-provider is splitting the resulting Id field returned by the SDK on : and bailing out if there are more than 2 entries in the resulting list. This is in contravention of the \p{P} regex allowance in the validation rule.

Terraform bug exists in the DecodeIdentityProviderID function used by the main action functions: https://github.com/hashicorp/terraform-provider-aws/blob/main/internal/service/cognitoidp/identity_provider.go#L244C6

The Decode function should be using strings.Cut instead, or at least strings.SplitN (for compatibility earlier than golang 1.18).

References

No response

Would you like to implement a fix?

None

[github-actions[bot]]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.