Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add option to prevent accidental deletion of a user pool #53

Closed
philippta opened this issue Apr 28, 2021 · 8 comments · Fixed by #102
Closed

Add option to prevent accidental deletion of a user pool #53

philippta opened this issue Apr 28, 2021 · 8 comments · Fixed by #102
Assignees
@lgallard
Labels
enhancement New feature or request Needs implementation on AWS provider

Comments

@philippta
Copy link

User pools, like databases are a critical infrastructure resource. Because of that it would be only reasonable to have an option to prevent it from being accidentally destroyed by terraform (and uncautions users).

One way to achieve this would be to add the prevent_destroy lifecycle argument to the user pool:

resource "aws_cognito_user_pool" "pool" {
  # ...

  lifecycle {
    prevent_destroy = var.prevent_destroy
  }
}

It would be great if this module could offer this feature.
@lgallard lgallard self-assigned this Apr 30, 2021
@lgallard lgallard added the enhancement New feature or request label Apr 30, 2021
@lgallard
Copy link
Owner

@philippta I like the idea. I'll include in the next release!

@Waschnick Waschnick mentioned this issue May 21, 2021
Merged
@lgallard
Copy link
Owner

lgallard commented May 21, 2021
edited
Loading

@philippta this issue was addressed in release 0.11.0

@lgallard
Copy link
Owner

@philippta I had to revert it due to #54. As soon as it fixed in the provider I will include @Waschnick implementation

@lgallard lgallard reopened this May 21, 2021
@Waschnick
Copy link
Contributor

@philippta I had to revert it due to #54. As soon as it fixed in the provider I will include @Waschnick implementation

Hey @lgallard sorry if I hadn't tested the changes enough. Your link is not correct, can you tell me what the issue was?

@lgallard
Copy link
Owner

lgallard commented May 24, 2021
edited
Loading

@Waschnick I reverted it because there were reports about people unable to do plan/apply because of prevent_destroy using a variable. The root cause seem to be reported here in the AWS provider for other resources as well.

You are right, the correct issue where it was reported in this project was #58!

And no worries, I will include these changes as soon as the iss is fixed in the provider. Thanks for the PR!!

@AutomationD
Copy link

AutomationD commented Aug 29, 2022
edited
Loading

This is a pretty critical issue to us as well.

@lgallard do you think we could create some special fork/version history that would have it enabled by default statically? Maybe 10.18.2 for the most recent one or maybe you'd be interested to maintain a fork like terraform-aws-cognito-user-pool-protected?

@pb0101
Copy link

pb0101 commented Oct 26, 2022

https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-deletion-protection.html

may be add support for this

@lgallard
Copy link
Owner

@pb0101 It seems is not yet implemented in the Terraform provider, or is not documented here , and there's a open issued about using variables to handle this here.

As soon it implemented in the provider, I'll be more that happy to include it

@dmcgillen dmcgillen mentioned this issue Nov 3, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lgallard lgallard

Labels
enhancement New feature or request Needs implementation on AWS provider
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add support for user pool deletion_protection
5 participants
@AutomationD @Waschnick @lgallard @philippta @pb0101