I have a serverless project which contains 2 lambda functions which I am calling from a cognito user pool as a pre signup trigger and a post confirmation trigger.
When attempt to register a user in that cognito user pool my pre sign up trigger should be called.
As explained here: http://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html
I have configured the user pool correctly - but am getting an AccessDeniedError.
I believe this is because the lambda does not have the correct IAM to speak with cognito. Currently my YAML only has these IAM permissions defined:
iamRoleStatements:
- Effect: "Allow"
Action:- dynamodb:GetItem
- dynamodb:PutItem
Resource: “arn:aws:dynamodb:eu-west-1::”
Does anyone know what I need to do … please?