search

lgallard / terraform-aws-cognito-user-pool

Terraform module to create Amazon Cognito User Pools, configure its attributes and resources such as app clients, domain, resource servers. Amazon Cognito User Pools provide a secure user directory that scales to hundreds of millions of users.
Apache License 2.0
89 stars 95 forks source link

FYI: Terraform AWS Provider 4.58.0 requires recovery_mechanism #113

Closed dhoppe closed 1 year ago

dhoppe commented 1 year ago

The following error message is caused by the latest version of the Terraform AWS Provider. 

Terraform will perform the following actions:

  # aws_cognito_identity_provider.identity_provider[0] will be updated in-place
  ~ resource "aws_cognito_identity_provider" "identity_provider" {
        id                = "eu-west-1_w5o31Ioby:auth0-dev"
      ~ provider_details  = (sensitive value)
        # (5 unchanged attributes hidden)
    }

  # aws_cognito_identity_provider.identity_provider[1] will be updated in-place
  ~ resource "aws_cognito_identity_provider" "identity_provider" {
        id                = "eu-west-1_w5o31Ioby:pingid-dev"
      ~ provider_details  = (sensitive value)
        # (5 unchanged attributes hidden)
    }

  # aws_cognito_user_pool.pool[0] will be updated in-place
  ~ resource "aws_cognito_user_pool" "pool" {
        id                         = "eu-west-1_w5o31Ioby"
        name                       = "confluence-dev"
        tags                       = {
            "Contact"     = "Dennis Hoppe"
            "Environment" = "dev"
            "Owner"       = "SICO"
            "Project"     = "Atlassian"
        }
        # (13 unchanged attributes hidden)

      ~ account_recovery_setting {
          - recovery_mechanism {
              - name     = "verified_email" -> null
              - priority = 1 -> null
            }
          - recovery_mechanism {
              - name     = "verified_phone_number" -> null
              - priority = 2 -> null
            }
        }

        # (16 unchanged blocks hidden)
    }

Plan: 0 to add, 3 to change, 0 to destroy.
aws_cognito_user_pool.pool[0]: Modifying... [id=eu-west-1_w5o31Ioby]
╷
│ Error: updating Cognito User pool (eu-west-1_w5o31Ioby): InvalidParameter: 1 validation error(s) found.
│ - minimum field size of 1, UpdateUserPoolInput.AccountRecoverySetting.RecoveryMechanisms.
│
│
│   with aws_cognito_user_pool.pool[0],
│   on main.tf line 1, in resource "aws_cognito_user_pool" "pool":
│    1: resource "aws_cognito_user_pool" "pool" {
│
╵
ERRO[0070] Terraform invocation failed in /Users/dhoppe/Customers/_REDACTED_/terragrunt-aws-atlassian/stacks/dev/eu-west-1/confluence/cognito/.terragrunt-cache/xHv5-BJMHVQytE_vi51vNgSP5cU/c_2QZ4BzEhEbpfllRPzfL-I6xic  prefix=[/Users/dhoppe/Customers/_REDACTED_/terragrunt-aws-atlassian/stacks/dev/eu-west-1/confluence/cognito]
ERRO[0070] Module /Users/dhoppe/Customers/_REDACTED_/terragrunt-aws-atlassian/stacks/dev/eu-west-1/confluence/cognito has finished with an error: 1 error occurred:
    * exit status 1
  prefix=[/Users/dhoppe/Customers/_REDACTED_/terragrunt-aws-atlassian/stacks/dev/eu-west-1/confluence/cognito]
ERRO[0070] 1 error occurred:
    * exit status 1

This issue has already been solved by a pull request:

Until a new version of the Terraform AWS Provider has been released, you can solve this issue by adding these lines to your config:

  recovery_mechanisms = [
    {
      name     = "verified_email"
      priority = 1
    },
    {
      name     = "verified_phone_number"
      priority = 2
    }
  ]
dhoppe commented 1 year ago

Fixed since Terraform AWS Provider 4.59.0 has been released.