amplify-cli: UPDATE_FAILED UpdateRolesWithIDPFunctionOutputs Custom::LambdaCallout 'IdentityPoolId' not found in stack
Describe the bug I am using
amplify --version 1.12.0
At any create or update on any configuration, which is not the default configuration, the amplify update fail with:
UPDATE_FAILED UpdateRolesWithIDPFunctionOutputs Custom::LambdaCallout Tue Aug 20 2019 17:40:30 GMT+0200 (GMT+02:00) Output ‘IdentityPoolId’ not found in stack ‘…’
or
CREATE_FAILED UpdateRolesWithIDPFunctionOutputs Custom::LambdaCallout Tue Aug 20 2019 16:33:25 GMT+0200 (GMT+02:00) Output ‘IdentityPoolId’ not found in stack ‘…’
Although I chose
? Do you want to configure Lambda Triggers for Cognito? No
This behavior appears after update of amplify cli on version 1.12.0 comping from 1.11.0
To Reproduce Steps to reproduce the behavior:
- Go to console in project directory
- amplify init
- amplify add auth ` What do you want to do? Walkthrough all the auth configurations Select the authentication/authorization services that you want to use: User Sign-Up & Sign-In only (Best used with a cloud API only) Multifactor authentication (MFA) user login options: OFF Email based user registration/forgot password: Enabled (Requires per-user email entry at registration) Please specify an email verification subject: Your verification code Please specify an email verification message: Your verification code is {####} Do you want to override the default password policy for this User Pool? No Specify the app’s refresh token expiration period (in days): 1 Do you want to specify the user attributes this app can read and write? Yes Specify read attributes: (Press <space> to select, to toggle all, to invert selection)Address, Birthdate, Email, Family Name, Middle Name, Gender, Locale, Given Name, Name, Nickname, Phone Number, Preferred Username, Picture, Prof ile, Updated At, Website, Zone Info, Email Verified?, Phone Number Verified? Specify write attributes: (Press <space> to select, to toggle all, to invert selection)Address, Birthdate, Family Name, Middle Name, Gender, Locale, Given Name, Name, Nickname, Phone Number, Preferred Username, Picture, Profile, U pdated At, Website, Zone Info Do you want to enable any of the following capabilities? (Press <space> to select, to toggle all, to invert selection) Do you want to use an OAuth flow? Yes What domain name prefix you want us to create for you? ******** Which redirect signin URIs do you want to edit? (Press <space> to select, to toggle all, to invert selection) Do you want to add redirect signin URIs? Yes Enter your new redirect signin URI: http://localhost:5000/ ? Do you want to add another redirect signin URI No Which redirect signout URIs do you want to edit? (Press <space> to select, to toggle all, to invert selection) Do you want to add redirect signout URIs? No Select the OAuth flows enabled for this project. Authorization code grant Select the OAuth scopes enabled for this project. (Press <space> to select, to toggle all, to invert selection)Phone, Email, OpenID, Profile, aws.cognito.signin.user.admin Select the identity providers you want to configure for your user pool: (Press <space> to select, to toggle all, to invert selection) ? Do you want to configure Lambda Triggers for Cognito? Yes ? Which triggers do you want to enable for Cognito (Press <space> to select, to toggle all, to invert selection) Successfully updated resource gbe01reactclient locally
Some next steps: “amplify push” will build all your local backend resources and provision it in the cloud “amplify publish” will build all your local backend and frontend resources (if you have hosting category added) and provision it in the cloud ` 4. amplify push 5. Cloudformation script fail with: CREATE_FAILED UpdateRolesWithIDPFunctionOutputs Custom::LambdaCallout Tue Aug 20 2019 16:33:25 GMT+0200 (GMT+02:00) Output ‘IdentityPoolId’ not found in stack ‘arn:aws:cloudformation:eu-central-1:****’
Cloudformation template rollback is executed afterwards.
Interesting is, if I just use defaults and publish, everything works fine. If I start to add my callback URL’s or the read/write attributes I always fail in this step.
This behavior appears after update of amplify cli on version 1.12.0 comping from 1.11.0
Expected behavior Create/update succeed with
√ All resources are updated in the cloud
Desktop (please complete the following information):
- OS: Win10 (although the error happens at AWS CloudFormation)
About this issue
- Original URL
- State: closed
- Created 5 years ago
- Reactions: 12
- Comments: 29 (7 by maintainers)
@GuidoBeutlerHRS & @timhere The issue is tied to the selection of this option -
Select the authentication/authorization services that you want to use: User Sign-Up & Sign-In only (Best used with a cloud API only)which creates just theUserPooland not theIdentityPoolwhich the rootstack is looking for. It’s a bug and we’ll fix that. To unblock, for just the first question, you could select -❯ User Sign-Up, Sign-In, connected with AWS IAM controls (Enables per-user Storage features for images or other content, Analytics, and more)which would create a user pool as well as as the identity pool and then choose any of the other configurations that you’ve mentioned above.I’m abandoning this framework. After almost a month trying to get it to work I am giving up. There are not enough helpfull error messages especially when it comes to syncing appsync with Datastore and using the appsync queries page. It doesn’t sync and I have no idea why because there is no error message or notice. I have followed all the docs but it still doesn’t work, I think there are a lot of bugs also. The generated code from my schema does not seem to be correct and has NONE datasources. Why? Goodbye!
stucks at MFALambdaInputs amplify --v 4.12.0
Thanks for reporting this error, I thought I was going insane. Just adding to the chorus here to say that the
amplify auth updateworked, followed by, of course,amplify push.Same here… ran
amplify auth updateand did the trick.I am using amplify 4.18.1 and having the same issue. Originally I was using “User Sign-Up & Sign-In only (Best used with a cloud API only)” and everything working fine. I have a few groups defined. After I added a S3 storage and have restriction on Individual Groups, then nightmare starts. I think adding S3 will force the auth using “User Sign-Up, Sign-In, connected with AWS IAM controls (Enables per-user Storage features for images or other content, Analytics, and more)”. I got the IdentityPoolId not exist error when I run amplify push, even I walkthrough the auth update and selected the “User Sign-Up, Sign-In, connected with AWS IAM controls (Enables per-user Storage features for images or other content, Analytics, and more)” option:
UPDATE_FAILED authuserPoolGroups AWS::CloudFormation::Stack Sat May 16 2020 13:21:52 GMT-0700 (Pacific Daylight Time) Parameters: [authproceptgql5d4b5c6dIdentityPoolId] do not exist in the templateI have tried all combinations of update auth options and update storage, it is no luck. Please help.Update: I solved the problem by adding a new user group. It seems simply walkthrough the auth update does not correctly update the authuserPoolGroups setting. Adding a new user group forces amplify cli tool to generate the correct template or parameter files.
Yup, abandoning Amplify too for the time being 😦
If amplify fails in fixing an issue like this within a short period of time (and basically ignoring customers without huge support plans, as is AWS policy), how can we possibly have enough confidence to base our products (which are our families bread earners) on it?
I really hope that one day AWS adopts a more open, honest and inclusive relationship with their customers, developers and users of their services.
Tried multiple times by deleting resources and re-creating but the same error (Output ‘IdentityPoolId’ not found in stack) in Cloud Formation, even re-install was-amplify cli however no luck.