From 88f63f88dd1b80216949058e83518e96ba0ea47b Mon Sep 17 00:00:00 2001 From: Matt Bush Date: Wed, 13 Dec 2023 12:07:03 -0800 Subject: [PATCH] Update external name config for cognito user pool client --- config/externalname.go | 27 ++++++++++++++++-- examples/cognitoidp/userpoolclient.yaml | 28 +++++++++++++++++++ .../cognitoidp/userpooluicustomization.yaml | 2 +- 3 files changed, 54 insertions(+), 3 deletions(-) create mode 100644 examples/cognitoidp/userpoolclient.yaml diff --git a/config/externalname.go b/config/externalname.go index c3afe3e77b..e88bac766a 100644 --- a/config/externalname.go +++ b/config/externalname.go @@ -2657,14 +2657,37 @@ var CLIReconciledExternalNameConfigs = map[string]config.ExternalName{ // AppConfig Environments can be imported by using the environment ID and application ID separated by a colon (:) // terraform-plugin-framework "aws_appconfig_environment": config.IdentifierFromProvider, - // us-west-2_abc123/3ho4ek12345678909nh3fmhpko - "aws_cognito_user_pool_client": FormattedIdentifierFromProvider("", "name"), + // Cognito User Pool clients can be imported using the user pool id and client id separated by a slash (/) + // However, the terraform id is just the client id. + "aws_cognito_user_pool_client": cognitoUserPoolClient(), // simpledb // // SimpleDB Domains can be imported using the name "aws_simpledb_domain": config.NameAsIdentifier, } +// cognitoUserPoolClient +// Note(mbbush) This resource has some unexpected behaviors that make it impossible to write a completely correct +// ExternalName config. Specifically, the terraform id returned in the terraform state is not the same as the +// identifier used to import it. Additionally, if the terraform id set to an empty string, the terraform +// provider passes the empty string through to the aws query during refresh, which returns an api error. +// This could be related to the fact that this resource is implemented using the terraform plugin framework, +// which introduces the concept of a null value as distinct from a zero value. +func cognitoUserPoolClient() config.ExternalName { + e := config.IdentifierFromProvider + e.IdentifierFields = []string{"user_pool_id"} + e.GetIDFn = func(ctx context.Context, externalName string, parameters map[string]interface{}, cfg map[string]interface{}) (string, error) { + if externalName == "" { + return "invalidnonemptystring", nil + } + // Ideally, we'd return parameters.user_pool_id/external_name if this is invoked during a call to terraform import, + // and the externalName if this is invoked during a call to terraform refresh. But I don't know how to distinguish + // between them inside this function. + return externalName, nil + } + return e +} + func lambdaFunctionURL() config.ExternalName { e := config.IdentifierFromProvider e.GetIDFn = func(ctx context.Context, externalName string, parameters map[string]interface{}, terraformProviderConfig map[string]interface{}) (string, error) { diff --git a/examples/cognitoidp/userpoolclient.yaml b/examples/cognitoidp/userpoolclient.yaml new file mode 100644 index 0000000000..6c6fbc9ac4 --- /dev/null +++ b/examples/cognitoidp/userpoolclient.yaml @@ -0,0 +1,28 @@ +--- +apiVersion: cognitoidp.aws.upbound.io/v1beta1 +kind: UserPool +metadata: + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + name: example + region: us-west-1 + +--- + +apiVersion: cognitoidp.aws.upbound.io/v1beta1 +kind: UserPoolClient +metadata: + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + name: example + region: us-west-1 + userPoolIdSelector: + matchLabels: + testing.upbound.io/example-name: example + diff --git a/examples/cognitoidp/userpooluicustomization.yaml b/examples/cognitoidp/userpooluicustomization.yaml index 439a068acd..575587b796 100644 --- a/examples/cognitoidp/userpooluicustomization.yaml +++ b/examples/cognitoidp/userpooluicustomization.yaml @@ -56,7 +56,7 @@ metadata: name: main spec: forProvider: - domain: example-domain + domain: ${Rand.RFC1123Subdomain} region: us-west-1 userPoolIdSelector: matchLabels: