Terraform Cognito User Pool can't run update

Question

Im trying to use Terraform to deploy a AWS Cognito User Pool.

Everything runs fine on first deploy, but when i try to run a terraform apply-all for a second time without modifying anything on my config, i get:

Error: error updating Cognito User Pool (us-east-1_XXX): cannot modify or remove schema items

Need help please!

Im using terraform version 0.13.0 with Terragrunt 0.25.0.

here is the terraform config ressource, i use s3 as backend.

terraform {
  required_providers {
    aws = {
      version = ">= 3.0"
      source  = "hashicorp/aws"
    }
  }
}

provider "aws" {
    region  = var.region
    profile = var.aws_profile
}

resource "aws_cognito_user_pool" "pool" {
  name = "my-user-pool"

  mfa_configuration = "OFF"
  username_attributes = ["email"]

  password_policy {
    minimum_length = 8
  }

  schema {
    name                     = "name"
    attribute_data_type      = "String"
    developer_only_attribute = false
    mutable                  = true
    required                 = true

    string_attribute_constraints {
      max_length = 256
    }
  }

  schema {
    name                     = "family_name"
    attribute_data_type      = "String"
    developer_only_attribute = false
    mutable                  = true
    required                 = true

    string_attribute_constraints {
      max_length = 256
    }
  }

  schema {
    name                     = "phone_number"
    attribute_data_type      = "String"
    developer_only_attribute = false
    mutable                  = true  // false for "sub"
    required                 = true // true for "sub"

    string_attribute_constraints {
      max_length = 256
    }
  }

  account_recovery_setting {
    recovery_mechanism {
      name     = "verified_email"
      priority = 1
    }
  }

  auto_verified_attributes = [
    "email"
  ]

  user_pool_add_ons {
    advanced_security_mode = "OFF"
  }
}

Thanks

Hi, which version of terraform (and aws provider) are you using? Can we see your terraform code? — Jaime S, Sep 28 '21 at 09:55
@JaimeS hi! thanks for your answer. I updated my question with the versions i use and my terraform config. — Olivier Castro-Perrier, Sep 28 '21 at 23:20

score 1 · Answer 1 · answered Nov 12 '21 at 09:40

1

It is not possible to edit the existing user pool, you need to create a new one and then migrate users.

See this video from AWS https://www.youtube.com/watch?v=uoZ3l0CG4uw

answered Nov 12 '21 at 09:40

PuzzledReptile

11
1
1

1

While this link may answer the question, it is better to include the essential parts of the answer here and provide the link for reference. Link-only answers can become invalid if the linked page changes. - [From Review](/review/late-answers/30323071) – Flair Nov 12 '21 at 21:31

Terraform Cognito User Pool can't run update

1 Answers1