diff --git a/config/externalname.go b/config/externalname.go index f7cd8feb04..a10b64a27a 100644 --- a/config/externalname.go +++ b/config/externalname.go @@ -2659,14 +2659,38 @@ var CLIReconciledExternalNameConfigs = map[string]config.ExternalName{ "aws_vpc_security_group_egress_rule": vpcSecurityGroupRule(), // Imported by using the id: sgr-02108b27edd666983 "aws_vpc_security_group_ingress_rule": vpcSecurityGroupRule(), - // us-west-2_abc123/3ho4ek12345678909nh3fmhpko - "aws_cognito_user_pool_client": FormattedIdentifierFromProvider("", "name"), + // Cognito User Pool clients can be imported using the user pool id and client id separated by a slash (/) + // However, the terraform id is just the client id. + "aws_cognito_user_pool_client": cognitoUserPoolClient(), // simpledb // // SimpleDB Domains can be imported using the name "aws_simpledb_domain": config.NameAsIdentifier, } +// cognitoUserPoolClient +// Note(mbbush) This resource has some unexpected behaviors that make it impossible to write a completely correct +// ExternalName config. Specifically, the terraform id returned in the terraform state is not the same as the +// identifier used to import it. Additionally, if the terraform id set to an empty string, the terraform +// provider passes the empty string through to the aws query during refresh, which returns an api error. +// This could be related to the fact that this resource is implemented using the terraform plugin framework, +// which introduces the concept of a null value as distinct from a zero value. +func cognitoUserPoolClient() config.ExternalName { + e := config.IdentifierFromProvider + // TODO: Uncomment when it's acceptable to remove fields from spec.initProvider (major release) + // e.IdentifierFields = []string{"user_pool_id"} + e.GetIDFn = func(ctx context.Context, externalName string, parameters map[string]interface{}, cfg map[string]interface{}) (string, error) { + if externalName == "" { + return "invalidnonemptystring", nil + } + // Ideally, we'd return parameters.user_pool_id/external_name if this is invoked during a call to terraform import, + // and the externalName if this is invoked during a call to terraform refresh. But I don't know how to distinguish + // between them inside this function. + return externalName, nil + } + return e +} + func lambdaFunctionURL() config.ExternalName { e := config.IdentifierFromProvider e.GetIDFn = func(ctx context.Context, externalName string, parameters map[string]interface{}, terraformProviderConfig map[string]interface{}) (string, error) { diff --git a/examples/cognitoidp/userpoolclient.yaml b/examples/cognitoidp/userpoolclient.yaml new file mode 100644 index 0000000000..4c867cd995 --- /dev/null +++ b/examples/cognitoidp/userpoolclient.yaml @@ -0,0 +1,31 @@ +apiVersion: cognitoidp.aws.upbound.io/v1beta1 +kind: UserPool +metadata: + annotations: + meta.upbound.io/example-id: cognitoidp/v1beta1/userpoolclient + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + name: example + region: us-west-1 + +--- + +apiVersion: cognitoidp.aws.upbound.io/v1beta1 +kind: UserPoolClient +metadata: + annotations: + meta.upbound.io/example-id: cognitoidp/v1beta1/userpoolclient + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + name: example + region: us-west-1 + userPoolIdSelector: + matchLabels: + testing.upbound.io/example-name: example + diff --git a/examples/cognitoidp/userpooluicustomization.yaml b/examples/cognitoidp/userpooluicustomization.yaml index 439a068acd..575587b796 100644 --- a/examples/cognitoidp/userpooluicustomization.yaml +++ b/examples/cognitoidp/userpooluicustomization.yaml @@ -56,7 +56,7 @@ metadata: name: main spec: forProvider: - domain: example-domain + domain: ${Rand.RFC1123Subdomain} region: us-west-1 userPoolIdSelector: matchLabels: