Terraform external data error calling aws cli

Question

trying to run a aws cli call as a terraform external data but getting a error for unmarshal string

Terraform:

data "external" "cognito" {
program = ["sh", "-c", "aws cognito-idp list-user-pool-clients --user-pool-id eu-west-xxx | jq '.UserPoolClients | .[] | select(.ClientName | contains(\"AmazonOpenSearchService\")) | .ClientId'"] 
}

running the command directly from bash returns:

"123456"

Via terraform errors with:

│ The data source received unexpected results after executing the program.
│ 
│ Program output must be a JSON encoded map of string keys and string values.
│ 
│ If the error is unclear, the output can be viewed by enabling Terraform's logging at TRACE level. Terraform documentation on logging: https://www.terraform.io/internals/debugging
│ 
│ Program: /bin/sh
│ Result Error: json: │ The data source received unexpected results after executing the program.
│ 
│ Program output must be a JSON encoded map of string keys and string values.
│ 
│ If the error is unclear, the output can be viewed by enabling Terraform's logging at TRACE level. Terraform documentation on logging: https://www.terraform.io/internals/debugging
│ 
│ Program: /bin/sh
│ Result Error: json: cannot unmarshal string into Go value of type map[string]string

Answer 1

When running an ad hoc script using the Terraform external data source you need to return a valid json object (The docs also mention a map of string) which "123456" is not. You'd need something such as '{"clientId":"123456"}'.

If you want to avoid the script completely, what Mark B suggested in his comment above is the best way to go about it.