aws_cognito_user_group id should contain the user pool id

Also added debug output as per pull request feedback.
hashicorp · Jan 21, 2018 · abf8f48 · abf8f48
1 parent 9d7e620
commit abf8f48
Show file tree

Hide file tree

Showing 2 changed files with 37 additions and 21 deletions.
diff --git a/aws/resource_aws_cognito_user_group.go b/aws/resource_aws_cognito_user_group.go
@@ -1,6 +1,9 @@
 package aws
 
 import (
+	"fmt"
+	"log"
+
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/service/cognitoidentityprovider"
 	"github.com/hashicorp/errwrap"
@@ -14,6 +17,7 @@ func resourceAwsCognitoUserGroup() *schema.Resource {
 		Update: resourceAwsCognitoUserGroupUpdate,
 		Delete: resourceAwsCognitoUserGroupDelete,
 
+		// https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateGroup.html
 		Schema: map[string]*schema.Schema{
 			"description": {
 				Type:         schema.TypeString,
@@ -65,12 +69,14 @@ func resourceAwsCognitoUserGroupCreate(d *schema.ResourceData, meta interface{})
 		params.RoleArn = aws.String(v.(string))
 	}
 
+	log.Print("[DEBUG] Creating Cognito User Group")
+
 	resp, err := conn.CreateGroup(params)
 	if err != nil {
 		return errwrap.Wrapf("Error creating Cognito User Group: {{err}}", err)
 	}
 
-	d.SetId(*resp.Group.GroupName)
+	d.SetId(fmt.Sprintf("%s/%s", *resp.Group.UserPoolId, *resp.Group.GroupName))
 
 	return resourceAwsCognitoUserGroupRead(d, meta)
 }
@@ -83,22 +89,21 @@ func resourceAwsCognitoUserGroupRead(d *schema.ResourceData, meta interface{}) e
 		UserPoolId: aws.String(d.Get("user_pool_id").(string)),
 	}
 
+	log.Print("[DEBUG] Reading Cognito User Group")
+
 	resp, err := conn.GetGroup(params)
 	if err != nil {
+		if isAWSErr(err, "ResourceNotFoundException", "") {
+			log.Printf("[WARN] Cognito User Group %s is already gone", d.Id())
+			d.SetId("")
+			return nil
+		}
 		return errwrap.Wrapf("Error reading Cognito User Group: {{err}}", err)
 	}
 
-	if resp.Group.Description != nil {
-		d.Set("description", *resp.Group.Description)
-	}
-
-	if resp.Group.Precedence != nil {
-		d.Set("precedence", *resp.Group.Precedence)
-	}
-
-	if resp.Group.RoleArn != nil {
-		d.Set("role_arn", *resp.Group.RoleArn)
-	}
+	d.Set("description", resp.Group.Description)
+	d.Set("precedence", resp.Group.Precedence)
+	d.Set("role_arn", resp.Group.RoleArn)
 
 	return nil
 }
@@ -123,6 +128,8 @@ func resourceAwsCognitoUserGroupUpdate(d *schema.ResourceData, meta interface{})
 		params.RoleArn = aws.String(d.Get("description").(string))
 	}
 
+	log.Print("[DEBUG] Updating Cognito User Group")
+
 	_, err := conn.UpdateGroup(params)
 	if err != nil {
 		return errwrap.Wrapf("Error updating Cognito User Group: {{err}}", err)
@@ -139,8 +146,9 @@ func resourceAwsCognitoUserGroupDelete(d *schema.ResourceData, meta interface{})
 		UserPoolId: aws.String(d.Get("user_pool_id").(string)),
 	}
 
-	_, err := conn.DeleteGroup(params)
+	log.Print("[DEBUG] Deleting Cognito User Group")
 
+	_, err := conn.DeleteGroup(params)
 	if err != nil {
 		return errwrap.Wrapf("Error deleting Cognito User Group: {{err}}", err)
 	}

diff --git a/aws/resource_aws_cognito_user_group_test.go b/aws/resource_aws_cognito_user_group_test.go
@@ -14,9 +14,9 @@ import (
 )
 
 func TestAccAWSCognitoUserGroup_basic(t *testing.T) {
-	poolName := fmt.Sprintf("%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum))
-	groupName := fmt.Sprintf("%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum))
-	updatedGroupName := fmt.Sprintf("%s", acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum))
+	poolName := acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)
+	groupName := acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)
+	updatedGroupName := acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum)
 
 	resource.Test(t, resource.TestCase{
 		PreCheck:     func() { testAccPreCheck(t) },
@@ -82,18 +82,26 @@ func testAccCheckAWSCognitoUserGroupExists(name string) resource.TestCheckFunc {
 			return fmt.Errorf("Not found: %s", name)
 		}
 
-		if rs.Primary.ID == "" {
+		id := rs.Primary.ID
+		name := rs.Primary.Attributes["name"]
+		userPoolId := rs.Primary.Attributes["user_pool_id"]
+
+		if name == "" {
 			return errors.New("No Cognito User Group Name set")
 		}
 
-		if rs.Primary.Attributes["user_pool_id"] == "" {
+		if userPoolId == "" {
 			return errors.New("No Cognito User Pool Id set")
 		}
 
+		if id != fmt.Sprintf("%s/%s", userPoolId, name) {
+			return errors.New(fmt.Sprintf("ID should be user_pool_id/name. ID was %s. name was %s, user_pool_id was %s", id, name, userPoolId))
+		}
+
 		conn := testAccProvider.Meta().(*AWSClient).cognitoidpconn
 
 		params := &cognitoidentityprovider.GetGroupInput{
-			GroupName:  aws.String(rs.Primary.ID),
+			GroupName:  aws.String(rs.Primary.Attributes["name"]),
 			UserPoolId: aws.String(rs.Primary.Attributes["user_pool_id"]),
 		}
 
@@ -136,7 +144,7 @@ func testAccCheckAWSCognitoUserGroupDestroy(s *terraform.State) error {
 func testAccAWSCognitoUserGroupConfig_basic(poolName, groupName string) string {
 	return fmt.Sprintf(`
 resource "aws_cognito_user_pool" "main" {
-  name = "identity pool %s"
+  name = "%s"
 }
 
 resource "aws_cognito_user_group" "main" {
@@ -149,7 +157,7 @@ resource "aws_cognito_user_group" "main" {
 func testAccAWSCognitoUserGroupConfig_complex(poolName, groupName, groupDescription string, precedence int) string {
 	return fmt.Sprintf(`
 resource "aws_cognito_user_pool" "main" {
-  name = "identity pool %s"
+  name = "%s"
 }
 
 resource "aws_iam_role" "group_role" {