Terraform-provider-aws: Cognito domain doesn't delete during destroy

Created on 24 Jul 2018  ·  18Comments  ·  Source: hashicorp/terraform-provider-aws

Terraform Version

Terraform v0.10.8
AWS provider 1.21.0

Affected Resource(s)

aws_cognito_user_pool_domain

Terraform Configuration Files


Below is an excerpt from terraform file to create aws_cognito_user_pool_domain .

# Pool domain
resource "aws_cognito_user_pool_domain" "domain" {
  domain       = "${var.userpooldomain}"
  user_pool_id = "${aws_cognito_user_pool.pool.id}"
}

Debug Output

Panic Output

Expected Behavior

domain should be deleted by terraform apply, when the resource is marked for destroy.

Actual Behavior

Domain isn't deleted and throws error message

aws_cognito_user_pool_domain.domain: InvalidParameter: 1 validation error(s) found.

  • minimum field size of 1, DeleteUserPoolDomainInput.UserPoolId.

Steps to Reproduce

  1. Change the module name
  2. Run terraform plan and apply(Module name is changed and existing pool is deleted and a new user pool(with new name) is created.
  3. Modify any change for the new user pool
  4. terraform plan
  5. terraform apply
bug serviccognito
Source
picture sciencey-sanjay
👍57

Most helpful comment

Similar workaround here as @haruharuharuby , but I'd recommend using the terraform state rm command, rather than manually messing with your state file directly.

eg.

terraform state rm aws_cognito_user_pool_domain.my_domain

For the record, I'm using TF v0.12.8, and aws provider v2.43.0

picture eschwartz on 6 Jan 2020
👍10

All 18 comments

I am facing the Same issue. Any Updates on this?

gurunathsane picture gurunathsane on 9 Oct 2018

any updates on this? facing this same issue

B2-DevOps picture B2-DevOps on 6 Nov 2018

+1

IrmantasM picture IrmantasM on 7 Nov 2018
👍1

+1
for now i solved this using a custom script, leveraging the aws cli, to delete the domain, on destroy and update.

smartinspereira picture smartinspereira on 7 Nov 2018
👍5

+1

Any updates on this issue? I am seeing the same behavior

rburke789 picture rburke789 on 11 Jan 2019

Is there any update on this. I'm facing the similar issue,

  • module.use1.aws_cognito_user_pool_domain.my_cognito_user_pool_domain (destroy): 1 error(s) occurred:

aws_cognito_user_pool_domain.domain: InvalidParameter: 1 validation error(s) found.

  • minimum field size of 1, DeleteUserPoolDomainInput.UserPoolId.
prashantrai picture prashantrai on 6 Feb 2019

I'm seeing this issue with the following versions. Would be great to have a fix, workaround or status.

Terraform v0.11.11
+ provider.aws v1.60.0
hobti01 picture hobti01 on 23 Feb 2019

have anyone checked if this is still the case in provider.aws ~> 2.0 ?

michalschott picture michalschott on 9 Aug 2019

I see this today.

λ terraform -v
Terraform v0.12.5
+ provider.aws v2.23.0
tomasaschan picture tomasaschan on 15 Aug 2019

I saw same issue. I fix this my work around.

  • terraform refresh
  • remove "aws_cognito_user_pool_domain" block in .tfstate
  • terraform apply

this is my environment
-> % terraform version
Terraform v0.11.13

  • provider.aws v2.41.0
haruharuharuby picture haruharuharuby on 12 Dec 2019
👍1

Similar workaround here as @haruharuharuby , but I'd recommend using the terraform state rm command, rather than manually messing with your state file directly.

eg.

terraform state rm aws_cognito_user_pool_domain.my_domain

For the record, I'm using TF v0.12.8, and aws provider v2.43.0

eschwartz picture eschwartz on 6 Jan 2020
👍10

Ran into this issue today. The solution of removing the domain from the state after deleting the domain manually worked. Just adding my two cents to hopefully get this fixed.

davidarmstronglewis picture davidarmstronglewis on 28 May 2020

The error is still there in:

→ terraform version
Terraform v0.12.20
+ provider.aws v2.61.0

I tried working around this with local-exec destroy-time provisioned and deleting the domain manualy, but it seems the problem is with terraform leaving some garbage information (namely: domain state, but without user_pool_id) in the statefile. This is why we see the:

minimum field size of 1, DeleteUserPoolDomainInput.UserPoolId.

error, and this is why terraform is unable to properly pass user_pool_id to the provisioner too.

mkielar picture mkielar on 19 Jun 2020

I have the same issue

YoniMataraso picture YoniMataraso on 18 Aug 2020

opened #14732 to address this.

DrFaust92 picture DrFaust92 on 19 Aug 2020
👍2

Hi folks 👋 A fix for a typical cause of this issue has been merged and will release with version 3.3.0 of the Terraform AWS Provider, likely tomorrow. Thanks to @DrFaust92 for the implementation. 👍

Please note that there may be other causes of this issue still present and if so, please file a new bug report after trying the upgrade when its released.

bflad picture bflad on 19 Aug 2020

This has been released in version 3.3.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks!

hashibot[bot] picture hashibot[bot] on 21 Aug 2020

I'm going to lock this issue because it has been closed for _30 days_ ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

hashibot[bot] picture hashibot[bot] on 18 Sep 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

hashibot picture hashibot  ·  3Comments
hashibot picture hashibot  ·  3Comments
dvishniakov picture dvishniakov  ·  3Comments
hazmeister picture hazmeister  ·  3Comments
gothrek22 picture gothrek22  ·  3Comments