Cognito User/Identity Pools as serverless.yml resource defs

kgoedecke · July 19, 2018, 4:55pm

Is there any update on the issue? I still want to reference the user pool using the ARN dynamically.

prd · September 13, 2018, 1:26pm

Something that caught me out on this – Cognito Identity Pools cannot have hyphens in the pool name (unlike user pools and many other named elements).

I was getting a regex error when trying to deploy:
1 validation error detected: Value 'XXXXX; at ‘identityPoolName’ failed to satisfy constraint: Member must satisfy regular expression pattern: [\w ]+ (Service: AmazonCognitoIdentity; Status Code: 400;

Removed the hyphens from the name and it deployed without issue:
‘’’
CognitoIdentityPool:
Type: AWS::Cognito::IdentityPool
Properties:
IdentityPoolName: ${self:custom.stage}SomeNameIdentityPool
AllowUnauthenticatedIdentities: false
CognitoIdentityProviders:
- ClientId:
Ref: CognitoUserPoolClient
ProviderName:
‘Fn::GetAtt’: [“CognitoUserPool”,“ProviderName”]

‘’’

RobertBrewitz · September 23, 2018, 9:38pm

Have a look here, may help you, unless you provide a string to arn, the resource build in serverless assumes you’re trying to reference a lambda function to make the authorization, and can only build that kind of authorizer for you: https://github.com/serverless/serverless/blob/master/lib/plugins/aws/package/compile/events/apiGateway/lib/authorizers.js#L27

I managed to dynamically build an Authorizer reference like this:

RobertBrewitz · December 31, 2018, 9:40am

caleb-vear · January 22, 2019, 5:00am

Thanks, you’re a lifesaver

mrowles · February 3, 2019, 8:57pm

This is great, thanks @jonsmirl!

It looks like this might not facilitate multiple environments, however, as the error I’m getting seems to be from the ‘Outputs’:

service-prod - Export with name UserPoolClient::Id is already exported by stack service-pre.

The only alternative I can think of doing, since we cannot use strings as key/property names in YAML, perhaps exporting both versions of pre/prod:

Outputs:
    UserPoolIdpre:
      Value:
        Ref: UserPoolpre
      Export:
        Name: 'UserPool::Id'
    UserPoolIdprod:
      Value:
        Ref: UserPoolprod
      Export:
        Name: 'UserPool::Id'

UserPoolClient:
  Type: 'AWS::Cognito::UserPoolClient'
  Properties:
    ClientName: service-${self:provider.stage}-web-client
    GenerateSecret: false
    UserPoolId:
      Ref: "UserPool${self:provider.stage}"

Has anyone else figured this one out because this is not scalable, looks ugly and probably doesn’t even work?

Topic		Replies	Views
Custom authorizer with cognito user pool service Serverless Framework aws	2	11396	February 13, 2018
Cognito User Pool with User Groups? Serverless Framework	6	3653	February 5, 2020
Cloud Formation Resources Reference Serverless Framework aws	2	2622	December 7, 2019
How to specify an existing cognito user pool in servreless.yml? Serverless Framework aws	18	11991	February 20, 2023
Store generated user pool id into environment variable Serverless Architectures	3	1227	October 19, 2021

Cognito User/Identity Pools as serverless.yml resource defs

Related topics