Using a serverless function for cognito trigger

I have a serverless project which contains 2 lambda functions which I am calling from a cognito user pool as a pre signup trigger and a post confirmation trigger.

When attempt to register a user in that cognito user pool my pre sign up trigger should be called.

As explained here:

I have configured the user pool correctly - but am getting an AccessDeniedError.

I believe this is because the lambda does not have the correct IAM to speak with cognito. Currently my YAML only has these IAM permissions defined:


  • Effect: "Allow"
    • dynamodb:GetItem
    • dynamodb:PutItem
      Resource: “arn:aws:dynamodb:eu-west-1::

Does anyone know what I need to do … please?

This the is solution:

I’ve made a PR addressing this, hopefully we should be able to do this by v1.15.