Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cognito identity pool - Dont update unrelated changes on tag changes #27669

Merged
merged 5 commits into from
Nov 7, 2022
Merged

Cognito identity pool - Dont update unrelated changes on tag changes #27669

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
1d4a7e1
change only on related changes
DrFaust92 Nov 6, 2022
8c6938e
cosmetic
DrFaust92 Nov 6, 2022
5ef355e
align tests
DrFaust92 Nov 6, 2022
97753b7
changelog
DrFaust92 Nov 6, 2022
ecef3c3
Update 27669.txt
ewbankkit Nov 7, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .changelog/27669.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
resource/aws_cognito_identity_pool: Fix deletion of identity pool on tags-only update
```
40 changes: 17 additions & 23 deletions internal/service/cognitoidentity/pool.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -230,36 +230,30 @@ func resourcePoolUpdate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*conns.AWSClient).CognitoIdentityConn
log.Print("[DEBUG] Updating Cognito Identity Pool")

params := &cognitoidentity.IdentityPool{
IdentityPoolId: aws.String(d.Id()),
AllowUnauthenticatedIdentities: aws.Bool(d.Get("allow_unauthenticated_identities").(bool)),
AllowClassicFlow: aws.Bool(d.Get("allow_classic_flow").(bool)),
IdentityPoolName: aws.String(d.Get("identity_pool_name").(string)),
}

if d.HasChanges(
"cognito_identity_providers",
"supported_login_providers",
"openid_connect_provider_arns",
"saml_provider_arns",
) {
params.CognitoIdentityProviders = expandIdentityProviders(d.Get("cognito_identity_providers").(*schema.Set))
params.SupportedLoginProviders = expandSupportedLoginProviders(d.Get("supported_login_providers").(map[string]interface{}))
params.OpenIdConnectProviderARNs = flex.ExpandStringSet(d.Get("openid_connect_provider_arns").(*schema.Set))
params.SamlProviderARNs = flex.ExpandStringList(d.Get("saml_provider_arns").([]interface{}))
}
if d.HasChangesExcept("tags_all", "tags") {
params := &cognitoidentity.IdentityPool{
IdentityPoolId: aws.String(d.Id()),
AllowUnauthenticatedIdentities: aws.Bool(d.Get("allow_unauthenticated_identities").(bool)),
AllowClassicFlow: aws.Bool(d.Get("allow_classic_flow").(bool)),
IdentityPoolName: aws.String(d.Get("identity_pool_name").(string)),
CognitoIdentityProviders: expandIdentityProviders(d.Get("cognito_identity_providers").(*schema.Set)),
SupportedLoginProviders: expandSupportedLoginProviders(d.Get("supported_login_providers").(map[string]interface{})),
OpenIdConnectProviderARNs: flex.ExpandStringSet(d.Get("openid_connect_provider_arns").(*schema.Set)),
SamlProviderARNs: flex.ExpandStringList(d.Get("saml_provider_arns").([]interface{})),
}

_, err := conn.UpdateIdentityPool(params)
if err != nil {
return fmt.Errorf("Error updating Cognito Identity Pool: %s", err)
_, err := conn.UpdateIdentityPool(params)
if err != nil {
return fmt.Errorf("error updating Cognito Identity Pool (%s): %w", d.Id(), err)
}
}

arn := d.Get("arn").(string)
if d.HasChange("tags_all") {
o, n := d.GetChange("tags_all")

if err := UpdateTags(conn, arn, o, n); err != nil {
return fmt.Errorf("error updating Cognito Identity Pool (%s) tags: %s", arn, err)
return fmt.Errorf("error updating Cognito Identity Pool (%s) tags: %w", arn, err)
}
}

Expand All @@ -275,7 +269,7 @@ func resourcePoolDelete(d *schema.ResourceData, meta interface{}) error {
})

if err != nil {
return fmt.Errorf("Error deleting Cognito identity pool: %s", err)
return fmt.Errorf("Error deleting Cognito identity pool (%s): %w", d.Id(), err)
}
return nil
}
66 changes: 45 additions & 21 deletions internal/service/cognitoidentity/pool_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,13 +14,14 @@ import (
"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
"github.com/hashicorp/terraform-provider-aws/internal/acctest"
"github.com/hashicorp/terraform-provider-aws/internal/conns"
tfcognitoidentity "github.com/hashicorp/terraform-provider-aws/internal/service/cognitoidentity"
)

func TestAccCognitoIdentityPool_basic(t *testing.T) {
var v1, v2 cognitoidentity.IdentityPool
name := sdkacctest.RandString(10)
updatedName := sdkacctest.RandString(10)
resourceName := "aws_cognito_identity_pool.main"
resourceName := "aws_cognito_identity_pool.test"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { acctest.PreCheck(t); testAccPreCheck(t) },
Expand Down Expand Up @@ -60,7 +61,7 @@ func TestAccCognitoIdentityPool_DeveloperProviderName(t *testing.T) {
name := sdkacctest.RandString(10)
developerProviderName := sdkacctest.RandString(10)
developerProviderNameUpdated := sdkacctest.RandString(10)
resourceName := "aws_cognito_identity_pool.main"
resourceName := "aws_cognito_identity_pool.test"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { acctest.PreCheck(t); testAccPreCheck(t) },
Expand Down Expand Up @@ -97,7 +98,7 @@ func TestAccCognitoIdentityPool_DeveloperProviderName(t *testing.T) {
func TestAccCognitoIdentityPool_supportedLoginProviders(t *testing.T) {
var v1, v2, v3 cognitoidentity.IdentityPool
name := sdkacctest.RandString(10)
resourceName := "aws_cognito_identity_pool.main"
resourceName := "aws_cognito_identity_pool.test"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { acctest.PreCheck(t); testAccPreCheck(t) },
Expand Down Expand Up @@ -146,7 +147,7 @@ func TestAccCognitoIdentityPool_supportedLoginProviders(t *testing.T) {
func TestAccCognitoIdentityPool_openidConnectProviderARNs(t *testing.T) {
var v1, v2, v3 cognitoidentity.IdentityPool
name := sdkacctest.RandString(10)
resourceName := "aws_cognito_identity_pool.main"
resourceName := "aws_cognito_identity_pool.test"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { acctest.PreCheck(t); testAccPreCheck(t) },
Expand Down Expand Up @@ -194,7 +195,7 @@ func TestAccCognitoIdentityPool_samlProviderARNs(t *testing.T) {
name := sdkacctest.RandString(10)
idpEntityId := fmt.Sprintf("https://%s", acctest.RandomDomainName())
secondaryIdpEntityId := fmt.Sprintf("https://%s", acctest.RandomDomainName())
resourceName := "aws_cognito_identity_pool.main"
resourceName := "aws_cognito_identity_pool.test"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { acctest.PreCheck(t); testAccPreCheck(t) },
Expand Down Expand Up @@ -242,7 +243,7 @@ func TestAccCognitoIdentityPool_samlProviderARNs(t *testing.T) {
func TestAccCognitoIdentityPool_cognitoIdentityProviders(t *testing.T) {
var v1, v2, v3 cognitoidentity.IdentityPool
name := sdkacctest.RandString(10)
resourceName := "aws_cognito_identity_pool.main"
resourceName := "aws_cognito_identity_pool.test"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { acctest.PreCheck(t); testAccPreCheck(t) },
Expand Down Expand Up @@ -303,7 +304,7 @@ func TestAccCognitoIdentityPool_cognitoIdentityProviders(t *testing.T) {
func TestAccCognitoIdentityPool_addingNewProviderKeepsOldProvider(t *testing.T) {
var v1, v2, v3 cognitoidentity.IdentityPool
name := sdkacctest.RandString(10)
resourceName := "aws_cognito_identity_pool.main"
resourceName := "aws_cognito_identity_pool.test"

resource.Test(t, resource.TestCase{
PreCheck: func() { acctest.PreCheck(t); testAccPreCheck(t) },
Expand Down Expand Up @@ -351,7 +352,7 @@ func TestAccCognitoIdentityPool_addingNewProviderKeepsOldProvider(t *testing.T)
func TestAccCognitoIdentityPool_tags(t *testing.T) {
var v1, v2, v3 cognitoidentity.IdentityPool
name := sdkacctest.RandString(10)
resourceName := "aws_cognito_identity_pool.main"
resourceName := "aws_cognito_identity_pool.test"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { acctest.PreCheck(t); testAccPreCheck(t) },
Expand Down Expand Up @@ -395,6 +396,29 @@ func TestAccCognitoIdentityPool_tags(t *testing.T) {
})
}

func TestAccCognitoIdentityPool_disappears(t *testing.T) {
var v1 cognitoidentity.IdentityPool
name := sdkacctest.RandString(10)
resourceName := "aws_cognito_identity_pool.test"

resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { acctest.PreCheck(t); testAccPreCheck(t) },
ErrorCheck: acctest.ErrorCheck(t, cognitoidentity.EndpointsID),
ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
CheckDestroy: testAccCheckPoolDestroy,
Steps: []resource.TestStep{
{
Config: testAccPoolConfig_basic(name),
Check: resource.ComposeAggregateTestCheckFunc(
testAccCheckPoolExists(resourceName, &v1),
acctest.CheckResourceDisappears(acctest.Provider, tfcognitoidentity.ResourcePool(), resourceName),
),
ExpectNonEmptyPlan: true,
},
},
})
}

func testAccCheckPoolExists(n string, identityPool *cognitoidentity.IdentityPool) resource.TestCheckFunc {
return func(s *terraform.State) error {
rs, ok := s.RootModule().Resources[n]
Expand Down Expand Up @@ -495,7 +519,7 @@ func poolIdentityEqual(i, j *cognitoidentity.IdentityPool) bool {

func testAccPoolConfig_basic(name string) string {
return fmt.Sprintf(`
resource "aws_cognito_identity_pool" "main" {
resource "aws_cognito_identity_pool" "test" {
identity_pool_name = "identity pool %s"
allow_unauthenticated_identities = false
}
Expand All @@ -504,7 +528,7 @@ resource "aws_cognito_identity_pool" "main" {

func testAccPoolConfig_developerProviderName(name, developerProviderName string) string {
return fmt.Sprintf(`
resource "aws_cognito_identity_pool" "main" {
resource "aws_cognito_identity_pool" "test" {
identity_pool_name = "identity pool %[1]s"
allow_unauthenticated_identities = false
developer_provider_name = %[2]q
Expand All @@ -514,7 +538,7 @@ resource "aws_cognito_identity_pool" "main" {

func testAccPoolConfig_supportedLoginProviders(name string) string {
return fmt.Sprintf(`
resource "aws_cognito_identity_pool" "main" {
resource "aws_cognito_identity_pool" "test" {
identity_pool_name = "identity pool %s"
allow_unauthenticated_identities = false

Expand All @@ -527,7 +551,7 @@ resource "aws_cognito_identity_pool" "main" {

func testAccPoolConfig_supportedLoginProvidersModified(name string) string {
return fmt.Sprintf(`
resource "aws_cognito_identity_pool" "main" {
resource "aws_cognito_identity_pool" "test" {
identity_pool_name = "identity pool %s"
allow_unauthenticated_identities = false

Expand All @@ -543,7 +567,7 @@ func testAccPoolConfig_openidConnectProviderARNs(name string) string {
return fmt.Sprintf(`
data "aws_partition" "current" {}

resource "aws_cognito_identity_pool" "main" {
resource "aws_cognito_identity_pool" "test" {
identity_pool_name = "identity pool %s"
allow_unauthenticated_identities = false

Expand All @@ -556,7 +580,7 @@ func testAccPoolConfig_openidConnectProviderARNsModified(name string) string {
return fmt.Sprintf(`
data "aws_partition" "current" {}

resource "aws_cognito_identity_pool" "main" {
resource "aws_cognito_identity_pool" "test" {
identity_pool_name = "identity pool %s"
allow_unauthenticated_identities = false

Expand All @@ -572,7 +596,7 @@ resource "aws_iam_saml_provider" "default" {
saml_metadata_document = templatefile("./test-fixtures/saml-metadata.xml.tpl", { entity_id = %[2]q })
}

resource "aws_cognito_identity_pool" "main" {
resource "aws_cognito_identity_pool" "test" {
identity_pool_name = "identity pool %[1]s"
allow_unauthenticated_identities = false

Expand All @@ -593,7 +617,7 @@ resource "aws_iam_saml_provider" "secondary" {
saml_metadata_document = templatefile("./test-fixtures/saml-metadata.xml.tpl", { entity_id = %[3]q })
}

resource "aws_cognito_identity_pool" "main" {
resource "aws_cognito_identity_pool" "test" {
identity_pool_name = "identity pool %[1]s"
allow_unauthenticated_identities = false

Expand All @@ -608,7 +632,7 @@ data "aws_partition" "current" {}

data "aws_region" "current" {}

resource "aws_cognito_identity_pool" "main" {
resource "aws_cognito_identity_pool" "test" {
identity_pool_name = "identity pool %s"
allow_unauthenticated_identities = false

Expand All @@ -633,7 +657,7 @@ data "aws_partition" "current" {}

data "aws_region" "current" {}

resource "aws_cognito_identity_pool" "main" {
resource "aws_cognito_identity_pool" "test" {
identity_pool_name = "identity pool %s"
allow_unauthenticated_identities = false

Expand All @@ -652,7 +676,7 @@ data "aws_partition" "current" {}

data "aws_region" "current" {}

resource "aws_cognito_identity_pool" "main" {
resource "aws_cognito_identity_pool" "test" {
identity_pool_name = "identity pool %s"
allow_unauthenticated_identities = false

Expand All @@ -675,7 +699,7 @@ resource "aws_cognito_identity_pool" "main" {

func testAccPoolConfig_tags1(name, tagKey1, tagValue1 string) string {
return fmt.Sprintf(`
resource "aws_cognito_identity_pool" "main" {
resource "aws_cognito_identity_pool" "test" {
identity_pool_name = %q
allow_unauthenticated_identities = false

Expand All @@ -688,7 +712,7 @@ resource "aws_cognito_identity_pool" "main" {

func testAccPoolConfig_tags2(name, tagKey1, tagValue1, tagKey2, tagValue2 string) string {
return fmt.Sprintf(`
resource "aws_cognito_identity_pool" "main" {
resource "aws_cognito_identity_pool" "test" {
identity_pool_name = %q
allow_unauthenticated_identities = false

Expand Down