Terraform: I create a aws_cognito_user_pool_domain with a custom domain. But how get I the data for the record?

Created on 20 Sep 2019 · 7Comments · Source: hashicorp/terraform

Terraform Version

Terraform v0.12.8

Terraform Configuration Files

...

Debug Output

Crash Output

Expected Behavior

I would like to get a hint how I generate the Route53 alias record out of the aws_cognito_user_pool_domain?
The aws_cognito_user_pool_domain is creating a CloudFront instance and I get the arn out of that (aws_cognito_user_pool_domain.auth.cloudfront_distribution_arn).
But then? There is no data provider for a aws_cloudfront.
And I need for the aws_route53_record alias record the zone_id and cloudfront fqdn.

Actual Behavior

I am currently not able to access the the needed information from the generated CloudFront distribution to generate the needed route53 alias record.

Steps to Reproduce

create a aws_cognito_user_pool
create a aws_acm_certificate for eg. auth.test.com
create aws_cognito_user_pool_domain with the domain auth.test.com and the certificate

try to create the aws_route53_record for the CloudFront distribution

Additional Context

References

Thanks for your help

Source

tzahari

All 7 comments

Hello!

We use GitHub issues for tracking bugs and enhancements, rather than for questions. While we can sometimes help with certain simple problems here, it's better to use the community forum where there are more people ready to help. The GitHub issues here are monitored only by our few core maintainers.

Since this issue doesn't represent a specific bug or feature request, We're going to close it. Please do feel free to ask your question in the community forum. Thanks!

teamterraform on 20 Sep 2019

I have the exact same question. I think that this issue can be re-interpreted as a bug because with the missing information there is no way to create an alias record, which is the natural step after registering a custom domain with Cognito.

Expected Behavior:
Get information enough to create an A alias record: zone_id, and cloud front distribution url (these are available from Cognito UI, I suppose they might be available through the API as well)

renatoargh on 21 Sep 2019

👍1

Hi @teamterraform,
As @renatoargh mention this is more a bug than a question.
It seems there are missing information in the aws_cognito_user_pool_domain resource.
We need the zone_id and the url from the generated cloud front distribution.

tzahari on 22 Sep 2019

Hey @tzahari I figured out that this is definitely a naming bug. Where aws_cognito_user_pool_domain returns cloud_front_arn it is actually the url you can use to create the record on R53, and regarding the zone_id you can use the one hardcoded from AWS which is Z2FDTNDATAQYW2 (read more here: https://github.com/hashicorp/terraform/issues/6489).

This is definitely a naming bug. Also would be very helpful that terraform provided this hardcoded zone_id the same way it provided for s3 websites and cloud fornt distributions in general.

renatoargh on 22 Sep 2019

🎉1

IMHO this issue should be re-opened and addressed, except if there is a similar one already on the workings.
And by the way, thanks a lot from the folks at @hashicorp - terraform is beyond awesome!

renatoargh on 22 Sep 2019

Thanks @renatoargh ! Your hint helped me a lot.
Please @teamterraform I would asking for reopen this and:

add the missing variable of the cloud_front zone_id
rename cloud_front_arn to for example cloud_front_url
update documentation with an example creation of a aws_route53_record

tzahari on 23 Sep 2019

👍1

I'm going to lock this issue because it has been closed for _30 days_ ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.