Hello all,
I'm deploying my Next.js app via SST, a...
# helpw
Wael Zoaiter
09/23/2021, 8:52 PMHello all,
I'm deploying my Next.js app via SST, and I'm proxying all requests to the API through Next.js server
/api/graphqlpages/api/graphql.jssst startsst deploy503f
Frank
09/23/2021, 8:54 PM
Hey @Wael Zoaiter, it’s likely that the Lambda function doesn’t have permission to Cognito.
Frank
09/23/2021, 8:54 PM
Can I see how you are creating the
NextjsSitew
Wael Zoaiter
09/23/2021, 8:56 PMI tried to give it all permissions and I still got the same error
Wael Zoaiter
09/23/2021, 8:56 PMSure
Copy code
.
.
const elvira = new sst.NextjsSite(this, 'Elvira', {
path: 'ui/elvira',
customDomain: {
domainName: `elvira-sst-${scope.stage}.${host}`,
hostedZone: host,
},
defaultFunctionProps: {
timeout: 30,
},
environment: {
NEXT_PUBLIC_API_URL: api.cordovaUrl,
NEXT_PUBLIC_AWS_COGNITO_USER_POOL_ID: api.userPoolId,
NEXT_PUBLIC_AWS_COGNITO_CLIENT_ID: api.elviraUserPoolClientId,
NEXT_PUBLIC_AWS_COGNITO_ADMIN_USER_NAME: process.env.AWS_COGNITO_ADMIN_USER_NAME,
NEXT_PUBLIC_AWS_COGNITO_ADMIN_PASSWORD: process.env.AWS_COGNITO_ADMIN_PASSWORD,
NEXT_PUBLIC_VEHICLES_API: process.env.VEHICLES_API,
NEXT_PUBLIC_ROBOTS_TXT: process.env.ROBOTS_TXT,
NEXT_PUBLIC_CONFIGCAT_TOKEN: process.env.CONFIGCAT_TOKEN,
NEXT_PUBLIC_GOOGLE_RECAPTCHA_KEY: process.env.GOOGLE_RECAPTCHA_KEY,
NEXT_PUBLIC_STRIPE_TOKEN: process.env.STRIPE,
NEXT_PUBLIC_ELVIRA_GOOGLE_TRACKING_ID: process.env.ELVIRA_GOOGLE_TRACKING_ID,
NEXT_PUBLIC_PUBLIC_GOOGLE_TRACKING_ID: process.env.PUBLIC_GOOGLE_TRACKING_ID,
NEXT_PUBLIC_GOOGLE_MAPS_API_KEY: process.env.GOOGLE_MAPS_API_KEY,
NEXT_PUBLIC_ENVIRONMENT: process.env.ENVIRONMENT,
NEXT_PUBLIC_GOOGLE_ANALYTICS: process.env.GOOGLE_ANALYTICS,
NEXT_PUBLIC_ALEXA_KEY: process.env.ALEXA_KEY,
NEXT_PUBLIC_PAYPAL_CLIENT_ID: process.env.PAYPAL_CLIENT_ID,
},
});
elvira.attachPermissions(sst.PermissionType.ALL);
.
.f
Frank
09/23/2021, 9:03 PM
That looks right! Let’s try this:
1. go into ur Lambda console;
2. look for a Lambda function that starts with
ApiFunctionConfigurationPermissionsw
Wael Zoaiter
09/23/2021, 9:08 PM Copy code
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:GetObject*",
"s3:GetBucket*",
"s3:List*",
"s3:DeleteObject*",
"s3:PutObject*",
"s3:Abort*"
],
"Resource": [
"arn:aws:s3:::dev-cordova-web-elvirabucketdce49cc2-1rbnluolf0tv6",
"arn:aws:s3:::dev-cordova-web-elvirabucketdce49cc2-1rbnluolf0tv6/*"
],
"Effect": "Allow"
},
{
"Action": [
"sqs:SendMessage",
"sqs:GetQueueAttributes",
"sqs:GetQueueUrl"
],
"Resource": "arn:aws:sqs:us-east-1:763610264561:dev-cordova-web-elvirabucketdce49cc2-1rbnluolf0tv6.fifo",
"Effect": "Allow"
},
{
"Action": "lambda:InvokeFunction",
"Resource": "arn:aws:lambda:us-east-1:763610264561:function:dev-cordova-Web-ElviraRegenerationFunction091C74EC-4HNy9O0ab4z2",
"Effect": "Allow"
},
{
"Action": "*",
"Resource": "*",
"Effect": "Allow"
}
]
}f
Frank
09/23/2021, 9:15 PM
That looks right as well. What’s the name of your Lambda function?
w
Wael Zoaiter
09/23/2021, 9:15 PM Copy code
dev-cordova-Web-ElviraApiFunctionE01E71E9-MC0BUVyFdPuhf
Frank
09/23/2021, 9:22 PM
Alright, let’s take a quick look at the log for this function. Try this:
1. go to CloudWatch console > select Log Groups on the left
2. because this is a Lambda@Edge function, you need to switch to the AWS region you made the request from, ie.
eu-west-1dev-cordova-Web-ElviraApiFunctionE01E71E9-MC0BUVyFdPuh/aws/lambda/us-east-1.dev-cordova-Web-ElviraApiFunctionE01E71E9-MC0BUVyFdPuhw
Wael Zoaiter
09/23/2021, 9:27 PMYes
Wael Zoaiter
09/23/2021, 9:28 PMLooks like it's the cognito auth middleware, it's throwing
"UserNotFoundException: User does not exist."Wael Zoaiter
09/23/2021, 9:30 PMSo this is what causing the
503f
Frank
09/23/2021, 9:30 PM
Yup
Frank
09/23/2021, 9:30 PM
Better error message will definitely help here.
w
Wael Zoaiter
09/23/2021, 9:31 PMGot it
Thanks a lot @Frank
I appreciate your help 🙏
f
Frank
09/23/2021, 9:59 PM
All good @Wael Zoaiter. Just opened an issue for making it easier to debug such issues https://github.com/serverless-stack/serverless-stack/issues/851