I have created a lambda that should be triggered whenever a cognito user does a sync on my application.
I have checked in the console, under the lambda section that it has indeed a sync trigger set to that identity pool.
I have also performed a simple test in that lambda to make sure it adds logs to Cloud Watch. Which it does (It fails because it does not have the cognito information when triggering it, but that was expected)
I have checked in the console, under federated identities that it has indeed a cognito event sync trigger pointing to the correct lambda.
In my application (Unity application) I create a new cognito user and do a sync, I receive the sync success callback.
The logs don't get updated, which means the event is not firing when I sync.
I have looked around the internet a lot about this, but all I can find are old topics about it that are not relevant to my situation. Has anyone successfully got this working? I could use some help on why it's not firing the event.
Cheers,
Cai
Related
whenever the new user is added to database the particular API should be called which triggers the associated lambda function and check for pending approvals and send the push notification to the pending user. how to implement this using aws services?
i created api and lambda function..but still confusing
I am creating a web app using AWS amplify, and one of its features will be integration with AWS IoT for live MQTT data. I successfully setup Cognito to work with IoT, but there is one step that I currently have to do manually: attach the iot policy to a cognito identity. In all the AWS tutorials on this, they have you manually attach the policy for the user via the command line, but obviously in a production app this needs to be automated with something like a Lambda as part of the user signup flow. I know that lambda triggers are available with the user pools side of Cognito, but I don't see any documentation on them being available for identity pools. If I'm correct the user signup happens first in the user pool and then the identity pool, and since I need the identity ID to link to IoT, using user pool lambda triggers won't work for this. Of course I could always add this to my own API which is called after sign up, the only issue with that is that it relies on the client to call the API, which adds complexity, i.e. the client could disconnect after signup but before the API call is made, in which case the user would never get the policy attached. Is there any better server-side way to trigger this?
I have 2 AWS Cognito UserPools. One of them is in my "old" Account and one is in the "new" Account. Now I want to migrate users using a lambda trigger but the lambda wouldn't be executed, even when I make a simple HTTP request and check if this was sent. I also can't find any logs on this issue.
The only error I got is that my frontend is showing an error called "UserNotFoundException".
I want to setup event triggers when user is created. At the moment we are creating user in the online AWS user pool console. I'm wondering if such events will trigger the custom lambda operations, namely:
Pre-Sign-up Lambda Trigger
Post Confirmation Lambda Trigger (to add user to group, add user data to DynamoDB etc.)
References:
Creating a New User in the AWS Management Console
Customizing User Pool Workflows with Lambda Triggers
Found the list of triggers that are specifically related to admin actions (both online and programatically). For persisting user data somewhere one has to hook into a lambda that handles the CustomMessage. Other triggers might work but I haven't extensively tested all of them.
PreSignUp_AdminCreateUser
CustomMessage_AdminCreateUser
I am facing a strange problem in saving the triggers in cognito pool
I have an angular UI that authenticates using cognito pool, and the pool calls a lambda configured under PRE Token generator.
I am creating the pool using AWS CLI. Below the command used.
aws cognito-idp create-user-pool --pool-name "${CLIENT}-app" --admin-create-user-config AllowAdminCreateUserOnly=true --policies "$PASSWORD_POLICY" --email-verification-subject "$EMAIL_VERIFICATION_SUBJECT" --auto-verified-attributes email --lambda-config PreTokenGeneration="$PRE_TOKEN_LAMBDA_REF" --schema "$CUSOM_ATTR_VALUES"
I see the trigger is created properly. I verified in aws console (UI) and I queried the pool using aws list-pools, Both cases the lambda is referenced properly in Pre token generator.
But using the Angular UI while accessing the pool , i am getting Access Denied exception.
I am able to resolve the problem by manually visiting the pool and simply press "Save Changes" under Triggers. I am not updating any information in the pool. After this step the UI is able to work without any issues.
Kindly provide your suggestions.
Regards
Viji
Battled with this myself just today, and found the solution here:
https://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html
I.e. when configuring through the API, you have to explicitly give the user pool the permission to execute the trigger lambda. When configuring through console, this happens implicitly, and that is why you are seeing the strange behavior with "Save changes".