search

aditmalik-synechron / serverless-nested-stack

Serverless nested stack
42 stars 10 forks source link

Deployment of Permissions stack with Cognito trigger fails #3

Open kos2nov opened 6 years ago

kos2nov commented 6 years ago

Deployment of my stack fails with:

An error occurred: PermissionStack - Template error: instance of Fn::GetAtt references undefined resource CognitoUserPoolDevuserpool.

I have a Cognito trigger defined in my serverless.yml as:

functions:
  PostConfirmation:
    name: ${self:provider.stage}-cognito-postconfirmation
    handler: index.postConfirmation
    events:
      - cognitoUserPool:
          pool: ${self:provider.stage}-user-pool
          trigger: PostConfirmation

serverless creates CloudFormation objects for the pool:

    "CognitoUserPoolDevuserpool": {
      "Type": "AWS::Cognito::UserPool",
      "Properties": {
        "UserPoolName": "dev-user-pool",
        "LambdaConfig": {
          "PostConfirmation": {
            "Fn::GetAtt": [
              "PostConfirmationLambdaFunction",
              "Arn"
            ]
          }
        }
      },
      "DependsOn": [
        "PostConfirmationLambdaFunction"
      ]
    },
    "PostConfirmationLambdaPermissionCognitoUserPoolDevuserpoolTriggerSourcePostConfirmation": {
      "Type": "AWS::Lambda::Permission",
      "Properties": {
        "FunctionName": {
          "Fn::GetAtt": [
            "PostConfirmationLambdaFunction",
            "Arn"
          ]
        },
        "Action": "lambda:InvokeFunction",
        "Principal": "cognito-idp.amazonaws.com",
        "SourceArn": {
          "Fn::GetAtt": [
            "CognitoUserPoolDevuserpool",
            "Arn"
          ]
        }
      }
    }

serverless-nested-stack moves CognitoUserPoolDevuserpool to ApiStack and PostConfirmationLambdaPermissionCognitoUserPoolDevuserpoolTriggerSourcePostConfirmation to the permisson stack. But permissons stack cannot see the pool definition from the ApiStack as it's not added to the Output.