将新对象添加到地图时

时间:2019-10-08 10:58:10

标签: amazon-web-services terraform amazon-cognito terraform-provider-aws

我有一个Terraform(0.12之前的版本)模块,该模块生成Amazon Cognito用户池+客户端和域。

resource "aws_cognito_user_pool" "pool" {
  count = "${var.user_pool_count}"
  name  = "${lookup(var.user_pools[count.index], "name")}"

  username_attributes      = ["email"]
  auto_verified_attributes = ["email"]

  password_policy {
    minimum_length    = "${lookup(var.user_pools[count.index], "password_minimum_length")}"
    require_lowercase = "${lookup(var.user_pools[count.index], "password_require_lowercase")}"
    require_numbers   = "${lookup(var.user_pools[count.index], "password_require_numbers")}"
    require_symbols   = "${lookup(var.user_pools[count.index], "password_require_symbols")}"
    require_uppercase = "${lookup(var.user_pools[count.index], "password_require_uppercase")}"
  }

  verification_message_template = {
    default_email_option = "CONFIRM_WITH_LINK"
  }

  lambda_config = {
    pre_token_generation = "${var.lambda_pre_token_generation}"
    custom_message       = "${var.lambda_custom_message}"
  }

  email_configuration = {
    reply_to_email_address = "${lookup(var.user_pools[count.index], "reply_to_email_address")}"
    source_arn             = "${lookup(var.user_pools[count.index], "source_arn")}"
    email_sending_account  = "${lookup(var.user_pools[count.index], "email_sending_account")}"
  }

  schema = [
    < REDACTED >
  ]
}

resource "aws_cognito_user_pool_client" "client" {
  count               = "${var.user_pool_count}"
  name                = "${lookup(var.user_pools[count.index], "name")}"
  user_pool_id        = "${element(aws_cognito_user_pool.pool.*.id,count.index)}"
  explicit_auth_flows = ["ADMIN_NO_SRP_AUTH", "USER_PASSWORD_AUTH"]
}

resource "aws_cognito_user_pool_domain" "main" {
  count        = "${var.user_pool_count}"
  domain       = "${lookup(var.user_pools[count.index], "domain")}"
  user_pool_id = "${element(aws_cognito_user_pool.pool.*.id,count.index)}"
}

这接受一个名为user_pools的映射列表,以定义所需的Cognito用户池。 不幸的是,当我添加带有新池定义的新映射时,Terraform强制为所有池重新创建aws_cognito_user_pool_client和aws_cognito_user_pool_domain。这似乎是因为它看到了以下变化:

user_pool_id: "eu-west-1_R8SDX8Yqj" => "${element(aws_cognito_user_pool.pool.*.id,count.index)}" (forces new resource)

我认为这是因为Terraform看到aws_cognito_user_pool.pool.*.id中的变化并迫使重新创建。谁能解释如何解决这个问题?重新生成所有域和客户端对我来说不是最佳选择。

1 个答案:

答案 0 :(得分:0)

供任何阅读此书的人使用。我在Github上发现了以下问题-https://github.com/hashicorp/terraform/issues/14357

将我的语法更改为以下内容似乎可以解决此问题。

user_pool_id = "${aws_cognito_user_pool.pool.*.id[count.index]}"

相关问题
最新问题