https://serverless-stack.com/ logo
#help
Title
# help
k

Kevin Cole

04/20/2022, 10:46 PM
Hey. Currently on SST version .61. I am using aws-cdk-lib’s
custom_resources.AwsCustomResource
and
Custom::UpdateUserPool
to update an existing cognito userPool instance, and I am having trouble getting some of the values to update. I only needed to update one of the lambda triggers, and that worked perfectly, but it also did a “factory” reset for some of the pool’s other properties. Most problematically it set
AutoVerifiedAttributes
from
phone_number
to
none
which would completely break our sign-up flow. I then added these values into the
AwsCustomResource
dictionary, but they did not update on the next build (i do see them in the cloud-formation though.) Any help would be greatly appreciated. I’ll add code snippet in comments.
Copy code
import { custom_resources } from 'aws-cdk-lib'

// cognitoPostConfirmation = sst.Function
// userPool the existing pool retrieved with id using cognito.UserPool.fromUserPoolId() 

new custom_resources.AwsCustomResource(this, 'UpdateUserPool', {
  resourceType: 'Custom::UpdateUserPool',
  onCreate: {
    region: this.region, // our region
    service: 'CognitoIdentityServiceProvider',
    action: 'updateUserPool',
    parameters: {
      UserPoolId: userPool.userPoolId,
      AutoVerifiedAttributes: ['phone_number'],
      SmsVerificationMessage:
        'Your Company Name Here authentication code is {####}.',
      LambdaConfig: {
        PostConfirmation: cognitoPostConfirmation.functionArn,
      },
    },
    physicalResourceId: custom_resources.PhysicalResourceId.of(
      userPool.userPoolId
    ),
  },
  policy: custom_resources.AwsCustomResourcePolicy.fromSdkCalls({
    resources: custom_resources.AwsCustomResourcePolicy.ANY_RESOURCE,
  }),
})
f

Frank

04/21/2022, 1:14 AM
Hey @Kevin Cole
but it also did a “factory” reset for some of the pool’s other properties
If you go into ur AWS CloudTrail console, u can look at all the CREATE/UPDATE/DELETE queries made to ur AWS account. That should show what the custom resource tried to do to ur User Pool, and hopefully it shines some light on why the settings were reset.
but they did not update on the next build
onCreate
only gets run once. Try using
onUpdate
k

Kevin Cole

04/21/2022, 1:16 AM
@Frank Thanks for the reply. I will check the cloudtrail, but the
onUpdate
vs
onCreate
sounds like it may be the ticket. I’ll update here, once I validate. Thanks again : )
Yeah, this was my bad not understanding that
AwsCustomResource
had
onUpdate
. Of course the first time I ran it it only had the lambda trigger defined, so that got updated. All the subsequent builds after adding the other attributes to the
onCreate
did nothing 🤦‍♂️. Thanks again. You’re the best.
2 Views