terraform-aws-cognito-user-pool
terraform-aws-cognito-user-pool copied to clipboard
lgallard
Add option to prevent accidental deletion of a user pool
User pools, like databases are a critical infrastructure resource. Because of that it would be only reasonable to have an option to prevent it from being accidentally destroyed by terraform (and uncautions users).
One way to achieve this would be to add the prevent_destroy lifecycle argument to the user pool:
resource "aws_cognito_user_pool" "pool" {
# ...
lifecycle {
prevent_destroy = var.prevent_destroy
}
}
It would be great if this module could offer this feature.
@philippta I had to revert it due to #54. As soon as it fixed in the provider I will include @Waschnick implementation
@philippta I had to revert it due to #54. As soon as it fixed in the provider I will include @Waschnick implementation
Hey @lgallard sorry if I hadn't tested the changes enough. Your link is not correct, can you tell me what the issue was?
@Waschnick I reverted it because there were reports about people unable to do plan/apply because of prevent_destroy using a variable. The root cause seem to be reported here in the AWS provider for other resources as well.
You are right, the correct issue where it was reported in this project was #58!
And no worries, I will include these changes as soon as the iss is fixed in the provider. Thanks for the PR!!
This is a pretty critical issue to us as well.
@lgallard do you think we could create some special fork/version history that would have it enabled by default statically? Maybe 10.18.2 for the most recent one or maybe you'd be interested to maintain a fork like terraform-aws-cognito-user-pool-protected?
https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-deletion-protection.html
may be add support for this
