https://serverless-stack.com/ logo
Join Slack
Powered by
Hey. Currently on SST version .61. I am using aws-...
# help
k
Hey. Currently on SST version .61. I am using aws-cdk-lib’s 
custom_resources.AwsCustomResource
and 
Custom::UpdateUserPool
to update an existing cognito userPool instance, and I am having trouble getting some of the values to update. I only needed to update one of the lambda triggers, and that worked perfectly, but it also did a “factory” reset for some of the pool’s other properties. Most problematically it set 
AutoVerifiedAttributes
from 
phone_number
to 
none
which would completely break our sign-up flow. I then added these values into the 
AwsCustomResource
dictionary, but they did not update on the next build (i do see them in the cloud-formation though.) Any help would be greatly appreciated. I’ll add code snippet in comments.
Copy code
import { custom_resources } from 'aws-cdk-lib'

// cognitoPostConfirmation = sst.Function
// userPool the existing pool retrieved with id using cognito.UserPool.fromUserPoolId() 

new custom_resources.AwsCustomResource(this, 'UpdateUserPool', {
  resourceType: 'Custom::UpdateUserPool',
  onCreate: {
    region: this.region, // our region
    service: 'CognitoIdentityServiceProvider',
    action: 'updateUserPool',
    parameters: {
      UserPoolId: userPool.userPoolId,
      AutoVerifiedAttributes: ['phone_number'],
      SmsVerificationMessage:
        'Your Company Name Here authentication code is {####}.',
      LambdaConfig: {
        PostConfirmation: cognitoPostConfirmation.functionArn,
      },
    },
    physicalResourceId: custom_resources.PhysicalResourceId.of(
      userPool.userPoolId
    ),
  },
  policy: custom_resources.AwsCustomResourcePolicy.fromSdkCalls({
    resources: custom_resources.AwsCustomResourcePolicy.ANY_RESOURCE,
  }),
})
f
Hey @Kevin Cole
but it also did a “factory” reset for some of the pool’s other properties
If you go into ur AWS CloudTrail console, u can look at all the CREATE/UPDATE/DELETE queries made to ur AWS account. That should show what the custom resource tried to do to ur User Pool, and hopefully it shines some light on why the settings were reset.
but they did not update on the next build
onCreate
only gets run once. Try using 
onUpdate
k
@Frank Thanks for the reply. I will check the cloudtrail, but the 
onUpdate
vs 
onCreate
sounds like it may be the ticket. I’ll update here, once I validate. Thanks again : )
Yeah, this was my bad not understanding that 
AwsCustomResource
had 
onUpdate
. Of course the first time I ran it it only had the lambda trigger defined, so that got updated. All the subsequent builds after adding the other attributes to the 
onCreate
did nothing 🤦‍♂️. Thanks again. You’re the best.
2 Views
Open in Slack
PreviousNext
Powered by