amplify-cli: Unable to set Pre Sign-up lambda trigger
Before opening, please confirm:
- I have installed the latest version of the Amplify CLI (see above), and confirmed that the issue still persists.
- I have searched for duplicate or closed issues.
- I have read the guide for submitting bug reports.
- I have done my best to include a minimal, self-contained set of instructions for consistently reproducing the issue.
How did you install the Amplify CLI?
yarn
If applicable, what version of Node.js are you using?
No response
Amplify CLI Version
7.6.4
What operating system are you using?
mac
Amplify Categories
auth, storage, function, api
Amplify Commands
update
Describe the bug
The trigger generated by amplify-cli contains typo. Instead of PreSignup name the PreSignUp is being generated which causes the trigger not being recognised in Cognito console. When I try manually set that function as Pre Sign-up trigger there is an error (404), ResourceNotFound. It turns out that the required policy for this lambda isn’t generated.
This doesn’t happen for PostConfirmation trigger. I’m guessing that the name Pre Sign-up is affected by some cam-case logic.
The problem is visible in backend/api/auth/<name>/cli-inputs.json and backend/api/auth/<name>/build/parameters.json
"triggers": {
"PostConfirmation": [
"add-to-group"
],
"PreSignup": [
"custom"
]
},
"authRoleArn": {
"Fn::GetAtt": [
"AuthRole",
"Arn"
]
},
"unauthRoleArn": {
"Fn::GetAtt": [
"UnauthRole",
"Arn"
]
},
"breakCircularDependency": false,
"useEnabledMfas": false,
"dependsOn": [
{
"category": "function",
"resourceName": "**********PostConfirmation",
"triggerProvider": "Cognito",
"attributes": [
"Arn",
"Name"
]
},
{
"category": "function",
"resourceName": "*******PreSignup",
"triggerProvider": "Cognito",
"attributes": [
"Arn",
"Name"
]
}
],
"permissions": [
"{\n \"policyName\": \"AddToGroupCognito\",\n \"trigger\": \"PostConfirmation\",\n \"effect\": \"Allow\",\n \"actions\": [\n \"cognito-idp:AdminAddUserToGroup\",\n \"cognito-idp:GetGroup\",\n \"cognito-idp:CreateGroup\"\n ],\n \"resource\": {\n \"paramType\": \"!GetAtt\",\n \"keys\": [\n \"UserPool\",\n \"Arn\"\n ]\n }\n}"
],
"authTriggerConnections": [
"{\"triggerType\":\"PostConfirmation\",\"lambdaFunctionName\":\"*******PostConfirmation\"}",
"{\"triggerType\":\"PreSignUp\",\"lambdaFunctionName\":\"********PreSignup\"}"
],
"parentStack": {
"Ref": "AWS::StackId"
}
I believe similar policy to PostConfirmation should be generated in /amplify/backend/auth/<name>/build/******-cloudformation-template.json:
...
"UserPoolPostConfirmationLambdaInvokePermission": {
"Type": "AWS::Lambda::Permission",
"Properties": {
"Action": "lambda:invokeFunction",
"FunctionName": {
"Ref": "function******PostConfirmationName"
},
"Principal": "cognito-idp.amazonaws.com",
"SourceArn": {
"Fn::GetAtt": [
"UserPool",
"Arn"
]
}
}
}
...
- but it’s missing
Also, the reference to Pre Sign-up trigger is missing in LambdaConfig but it is generated for PostConfirmation:
...
"LambdaConfig": {
"PostConfirmation": {
"Ref": "function*******PostConfirmationArn"
}
},
...
Expected behavior
The Pre sign-up naming consistent and the trigger is visible in console, as well as proper policy ic generated for the trigger.
Reproduction steps
update cognito auth and add pre sign-up trigger:
% amplify update auth
Please note that certain attributes may not be overwritten if you choose to use defaults settings.
You have configured resources that might depend on this Cognito resource. Updating this Cognito resource could have unintended side effects.
Using service: Cognito, provided by: awscloudformation
What do you want to do? Walkthrough all the auth configurations
Select the authentication/authorization services that you want to use: User Sign-Up, Sign-In, connected with AWS IAM controls (Enables per-user Storage features for images or other content, Analytics, and more)
Allow unauthenticated logins? (Provides scoped down permissions that you can control via AWS IAM) No
Do you want to enable 3rd party authentication providers in your identity pool? No
Do you want to add User Pool Groups? No
Do you want to add an admin queries API? No
Email based user registration/forgot password: Enabled (Requires per-user email entry at registration)
Specify an email verification subject: Your verification code
Specify an email verification message: Your verification code is {####}
Do you want to override the default password policy for this User Pool? No
Specify the app's refresh token expiration period (in days): 30
Do you want to specify the user attributes this app can read and write? No
Do you want to enable any of the following capabilities? Add User to Group
Do you want to use an OAuth flow? No
? Do you want to configure Lambda Triggers for Cognito? Yes
? Which triggers do you want to enable for Cognito Post Confirmation, Pre Sign-up
? What functionality do you want to use for Post Confirmation Add User To Group
? What functionality do you want to use for Pre Sign-up Create your own module
✅ Successfully updated AdminQueriese**** function locally
✅ Successfully updated AdminQueries API locally
Successfully updated the Cognito trigger locally
Successfully added resource *****PreSignup locally.
GraphQL schema(s)
# Put schemas below this line
Log output
# Put your logs below this line
Additional information
No response
About this issue
- Original URL
- State: closed
- Created 3 years ago
- Comments: 17 (6 by maintainers)
Ah understandable @jk171505. I’ll close this issue for now, but if you run into this again when adding a trigger please feel free to reply back to this thread and we can re-open to investigate further 🙂