Added interpreter to all local-exec blocks

seanturner026 · May 26, 2021 · a847e2e · a847e2e
1 parent e065e38
commit a847e2e
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 6 deletions.
diff --git a/README.md b/README.md
@@ -86,7 +86,7 @@ No requirements.
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | admin\_user\_email | Controls the creation of an admin user that is required to initially gain access to the<br>dashboard.<br><br>If access to the dashboard is completely lost, do the following<br>• `var.enable_delete_admin_user = true`<br>• `terraform apply`<br>• `var.enable_delete_admin_user = false`<br>• `terraform apply`<br><br>If the initial admin user should no longer be able to access the dashboard, revoke access by<br>setting `var.enable_delete_admin_user = true` and running `terraform apply` | `string` | `""` | no |
-| aws\_profile | AWS Profile Name from `~/.aws/config that can be used for local execution. This profile is used<br>to preform the following actions:<br><br>• `aws s3 sync`: Sync bundle produced by `yarn` to build to s3<br>• `cognito-idp admin-create-user`: Creates an admin cognito user for dashboard access<br>• `cognito-idp admin-delete-user`: Deletes an admin cognito user if the user should not <br>have access to the dashboard anymore, OR, if there is no way for the user to regain access.<br>• `cognito-idp list-users`: Obtains the admin user's ID in order to write the ID to the <br>DynamodDB table.<br>` | `string` | `""` | no |
+| aws\_profile | AWS Profile Name from ~/.aws/config that can be used for local execution. This profile is used<br>to preform the following actions:<br><br>• `aws s3 sync`: Sync bundle produced by `yarn` to build to s3<br><br>• `cognito-idp admin-create-user`: Creates an admin cognito user for dashboard access<br><br>• `cognito-idp admin-delete-user`: Deletes an admin cognito user if the user should not<br>have access to the dashboard anymore, OR, if there is no way for the user to regain access.<br><br>• `cognito-idp list-users`: Obtains the admin user's ID in order to write the ID to the<br>DynamodDB table. | `string` | `""` | no |
 | enable\_api\_gateway\_access\_logs | Enables API Gateway access logging to cloudwatch for the default stage. | `bool` | `false` | no |
 | enable\_delete\_admin\_user | Destroys the admin user.<br><br>Set this value to true to destroy the user, and to false to recreate the user. | `bool` | `false` | no |
 | fqdn\_alias | ALIAS for the Cloudfront distribution, S3, Cognito and API Gateway. Must be in the form of<br>`example.com`. | `string` | `""` | no |

diff --git a/r_null.tf b/r_null.tf
@@ -93,14 +93,16 @@ resource "null_resource" "create_admin_user" {
   count = var.admin_user_email != "" && !var.enable_delete_admin_user ? 1 : 0
 
   provisioner "local-exec" {
-    command = "aws --region ${data.aws_region.current.name} cognito-idp admin-create-user --user-pool-id ${aws_cognito_user_pool.this.id} --username ${var.admin_user_email} --user-attributes Name=email,Value=${var.admin_user_email}"
+    interpreter = ["/bin/bash", "-c"]
+    command     = "aws --region ${data.aws_region.current.name} cognito-idp admin-create-user --user-pool-id ${aws_cognito_user_pool.this.id} --username ${var.admin_user_email} --user-attributes Name=email,Value=${var.admin_user_email}"
   }
 }
 
 resource "null_resource" "delete_admin_user" {
   count = var.admin_user_email != "" && var.enable_delete_admin_user ? 1 : 0
 
   provisioner "local-exec" {
-    command = "aws --region ${data.aws_region.current.name} cognito-idp admin-delete-user --user-pool-id ${aws_cognito_user_pool.this.id} --username ${var.admin_user_email}"
+    interpreter = ["/bin/bash", "-c"]
+    command     = "aws --region ${data.aws_region.current.name} cognito-idp admin-delete-user --user-pool-id ${aws_cognito_user_pool.this.id} --username ${var.admin_user_email}"
   }
 }
diff --git a/variables.tf b/variables.tf
@@ -13,14 +13,17 @@ variable "tags" {
 variable "aws_profile" {
   type        = string
   description = <<-DESC
-  AWS Profile Name from `~/.aws/config that can be used for local execution. This profile is used
+  AWS Profile Name from ~/.aws/config that can be used for local execution. This profile is used
   to preform the following actions:
 
   • `aws s3 sync`: Sync bundle produced by `yarn` to build to s3
+
   • `cognito-idp admin-create-user`: Creates an admin cognito user for dashboard access
-  • `cognito-idp admin-delete-user`: Deletes an admin cognito user if the user should not 
+
+  • `cognito-idp admin-delete-user`: Deletes an admin cognito user if the user should not
   have access to the dashboard anymore, OR, if there is no way for the user to regain access.
-  • `cognito-idp list-users`: Obtains the admin user's ID in order to write the ID to the 
+
+  • `cognito-idp list-users`: Obtains the admin user's ID in order to write the ID to the
   DynamodDB table.
   DESC
   default     = ""