Drew B
Reputation: 117
Why does terraform aws_cognito_user_pool always show as "updated in-place" on every single terraform plan?
# aws_cognito_user_pool.user_pool will be updated in-place
~ resource "aws_cognito_user_pool" "user_pool" {
id = "us-east-1_xxxyyy"
name = "my-user-pool"
tags = {
"Name" = "my-user-pool"
}
# (10 unchanged attributes hidden)
~ password_policy {
- temporary_password_validity_days = 7 -> null
# (5 unchanged attributes hidden)
}
# (4 unchanged blocks hidden)
}
Whenever I run terraform plan, my user pool always appears as a change. There are no changes to this resource at all. Is this some bug? How can I prevent this?
Upvotes: 0
Views: 220
Answers (1)
Mark B
Reputation: 200998
That plan output says you have temporary_password_validity_days set to 7 in AWS Cognito, but you have no value for that in your Terraform template, so it is being changed from 7 to null. I'm guessing that when you don't set that explicitly, AWS defaults it to 7, so this keeps happening to you.
You should update your Terraform template to include temporary_password_validity_days = 7
Upvotes: 2
Related Questions
- Does terraform plan refresh the state?
- Terraform resource "aws_ecr_repository_policy" always wants to be updated in version 1.5.7
- My Terraform Plan always shows changes to my cloud storage buckets even when I don't make changes?
- Terraform reports a change to Application Insights key on every plan that is run
- Tagging using Azure Policy and Terraform templates ignoring tags
- Terraform plan does not include all of my .tf changes
- How to show a warning/error when running 'terraform plan'?