Cognito domain doesn't delete during destroy

[sciencey-sanjay]

Terraform Version

Terraform v0.10.8
AWS provider 1.21.0

Affected Resource(s)

aws_cognito_user_pool_domain

Terraform Configuration Files

Below is an excerpt from terraform file to create aws_cognito_user_pool_domain .

# Pool domain
resource "aws_cognito_user_pool_domain" "domain" {
  domain       = "${var.userpooldomain}"
  user_pool_id = "${aws_cognito_user_pool.pool.id}"
}

Debug Output

Panic Output

Expected Behavior

domain should be deleted by terraform apply, when the resource is marked for destroy.

Actual Behavior

Domain isn't deleted and throws error message

aws_cognito_user_pool_domain.domain: InvalidParameter: 1 validation error(s) found.

• minimum field size of 1, DeleteUserPoolDomainInput.UserPoolId.

Steps to Reproduce

1. Change the module name
2. Run terraform plan and apply(Module name is changed and existing pool is deleted and a new user pool(with new name) is created.
3. Modify any change for the new user pool
4. terraform plan
5. terraform apply

[gurunathsane]

I am facing the Same issue. Any Updates on this?

[B2-DevOps]

any updates on this? facing this same issue

[ghost]

+1

[smartinspereira]

+1
for now i solved this using a custom script, leveraging the aws cli, to delete the domain, on destroy and update.

[rburke789]

+1

Any updates on this issue? I am seeing the same behavior

[prashantrai]

Is there any update on this. I'm facing the similar issue,

• module.use1.aws_cognito_user_pool_domain.my_cognito_user_pool_domain (destroy): 1 error(s) occurred:

aws_cognito_user_pool_domain.domain: InvalidParameter: 1 validation error(s) found.

• minimum field size of 1, DeleteUserPoolDomainInput.UserPoolId.

[hobti01]

I'm seeing this issue with the following versions. Would be great to have a fix, workaround or status.

Terraform v0.11.11
+ provider.aws v1.60.0

[michalschott]

have anyone checked if this is still the case in provider.aws ~> 2.0 ?

[tomasaschan]

I see this today.

λ terraform -v
Terraform v0.12.5
+ provider.aws v2.23.0

[haruharuharuby]

I saw same issue. I fix this my work around.

• terraform refresh
• remove "aws_cognito_user_pool_domain" block in .tfstate
• terraform apply

this is my environment
-> % terraform version
Terraform v0.11.13

• provider.aws v2.41.0

[eschwartz]

Similar workaround here as @haruharuharuby , but I'd recommend using the terraform state rm command, rather than manually messing with your state file directly.

eg.

terraform state rm aws_cognito_user_pool_domain.my_domain

For the record, I'm using TF v0.12.8, and aws provider v2.43.0

[oceanlewis]

Ran into this issue today. The solution of removing the domain from the state after deleting the domain manually worked. Just adding my two cents to hopefully get this fixed.

[mkielar]

The error is still there in:

→ terraform version
Terraform v0.12.20
+ provider.aws v2.61.0

I tried working around this with local-exec destroy-time provisioned and deleting the domain manualy, but it seems the problem is with terraform leaving some garbage information (namely: domain state, but without user_pool_id) in the statefile. This is why we see the:

minimum field size of 1, DeleteUserPoolDomainInput.UserPoolId.

error, and this is why terraform is unable to properly pass user_pool_id to the provisioner too.

[YoniMataraso]

I have the same issue

[DrFaust92]

opened #14732 to address this.

[bflad]

Hi folks 👋 A fix for a typical cause of this issue has been merged and will release with version 3.3.0 of the Terraform AWS Provider, likely tomorrow. Thanks to @DrFaust92 for the implementation. 👍

Please note that there may be other causes of this issue still present and if so, please file a new bug report after trying the upgrade when its released.

[ghost]

This has been released in version 3.3.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks!

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!