search

aws-amplify / amplify-cli

The AWS Amplify CLI is a toolchain for simplifying serverless web and mobile development.
Apache License 2.0
2.8k stars 819 forks source link

`amplify add storage` with an imported User Pool (no identity pool) errors with stack trace #13240

Open josefaidt opened 9 months ago

josefaidt commented 9 months ago

How did you install the Amplify CLI?

pnpm

If applicable, what version of Node.js are you using?

20.x

Amplify CLI Version

12.4.0

What operating system are you using?

mac

Did you make any manual changes to the cloud resources managed by Amplify? Please describe the changes made.

n/a

Describe the bug

➜  amplify add storage
? Select from one of the below mentioned services: Content (Images, audio, video, etc.)
✔ Provide a friendly name for your resource that will be used to label this category in the project: · s36fd2fba9

✔ Provide bucket name: · importauthwithstorag3c42c9878f8744c7a9c5be63582
✔ Who should have access: · Auth users only
✔ What kind of access do you want for Authenticated users? · create/update
✔ Do you want to add a Lambda Trigger for your S3 Bucket? (y/N) · no
🛑 The imported auth config is not compatible with the specified storage config
🛑 An error occurred when adding the storage resource
ConfigurationError: The imported auth config is not compatible with the specified storage config
    at checkStorageAuthenticationRequirements (/snapshot/amplify-cli/build/node_modules/@aws-amplify/amplify-category-storage/lib/provider-utils/awscloudformation/service-walkthroughs/s3-auth-api.js:45:11)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async addWalkthrough (/snapshot/amplify-cli/build/node_modules/@aws-amplify/amplify-category-storage/lib/provider-utils/awscloudformation/service-walkthroughs/s3-walkthrough.js:90:5)
    at async Object.executeAmplifyCommand (/snapshot/amplify-cli/build/node_modules/@aws-amplify/amplify-category-storage/lib/index.js:252:3)
    at async executePluginModuleCommand (/snapshot/amplify-cli/build/node_modules/@aws-amplify/cli-internal/lib/execution-manager.js:139:5)
    at async executeCommand (/snapshot/amplify-cli/build/node_modules/@aws-amplify/cli-internal/lib/execution-manager.js:37:9)
    at async Object.run (/snapshot/amplify-cli/build/node_modules/@aws-amplify/cli-internal/lib/index.js:121:5)

Expected behavior

  1. stack trace is not printed when running amplify add storage 
    🛑 The imported auth config is not compatible with the specified storage config
🛑 An error occurred when adding the storage resource
  2. stack trace is printed when running amplify add storage with --debug 
    🛑 The imported auth config is not compatible with the specified storage config
🛑 An error occurred when adding the storage resource
ConfigurationError: The imported auth config is not compatible with the specified storage config
    at checkStorageAuthenticationRequirements (/snapshot/amplify-cli/build/node_modules/@aws-amplify/amplify-category-storage/lib/provider-utils/awscloudformation/service-walkthroughs/s3-auth-api.js:45:11)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async addWalkthrough (/snapshot/amplify-cli/build/node_modules/@aws-amplify/amplify-category-storage/lib/provider-utils/awscloudformation/service-walkthroughs/s3-walkthrough.js:90:5)
    at async Object.executeAmplifyCommand (/snapshot/amplify-cli/build/node_modules/@aws-amplify/amplify-category-storage/lib/index.js:252:3)
    at async executePluginModuleCommand (/snapshot/amplify-cli/build/node_modules/@aws-amplify/cli-internal/lib/execution-manager.js:139:5)
    at async executeCommand (/snapshot/amplify-cli/build/node_modules/@aws-amplify/cli-internal/lib/execution-manager.js:37:9)
    at async Object.run (/snapshot/amplify-cli/build/node_modules/@aws-amplify/cli-internal/lib/index.js:121:5)
  3. Auth configuration is validated at the start amplify add storage rather than at the end

Reproduction steps

  1. create an Amazon Cognito User Pool in the AWS Console
  2. create a new Amplify project with amplify init -y
  3. amplify import auth > Cognito User Pool only
  4. amplify add storage
  5. step through prompts
  6. observe error

Project Identifier

No response

Log output

``` # Put your logs below this line ```

Additional information

No response

Before submitting, please confirm:

ykethan commented 9 months ago

Marking as bug due to stack trace.

ykethan commented 9 months ago

similar error message will occur on amplify add analytics with an imported auth resource.


ConfigurationError: The imported auth config is not compatible with the specified analytics config
    at configure (C:\snapshot\amplify-cli\build\node_modules\@aws-amplify\amplify-category-analytics\lib\provider-utils\awscloudformation\service-walkthroughs\pinpoint-walkthrough.js:61:11)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async Object.executeAmplifyCommand (C:\snapshot\amplify-cli\build\node_modules\@aws-amplify\amplify-category-analytics\lib\index.js:169:3)
    at async executePluginModuleCommand (C:\snapshot\amplify-cli\build\node_modules\@aws-amplify\cli-internal\lib\execution-manager.js:139:5)
    at async executeCommand (C:\snapshot\amplify-cli\build\node_modules\@aws-amplify\cli-internal\lib\execution-manager.js:37:9)
    at async Object.run (C:\snapshot\amplify-cli\build\node_modules\@aws-amplify\cli-internal\lib\index.js:121:5)
🛑 There was an error adding the analytics resource

mitigation steps: enable allowUnauthenticatedIdentities on Cognito identity pool. https://github.com/aws-amplify/amplify-cli/blob/52aea18fddd95af6f855d1c6d9e3e4b16a8d1146/packages/amplify-category-analytics/src/provider-utils/awscloudformation/service-walkthroughs/pinpoint-walkthrough.ts#L67

fourman-alex commented 7 months ago

Can someone clarify what is the solution if auth was imported with amplify import auth and now amplify add anayltics throws The imported auth config is not compatible with the specified analytics config?

fourman-alex commented 7 months ago

mitigation steps: enable allowUnauthenticatedIdentities on Cognito identity pool.

@ykethan what if identity pool is not configured, any ideas what can be done in that case?

qndrey commented 7 months ago

We just faced this error as well. Any workarounds ?

rendermouse commented 6 months ago

I get the same issue, but when I run "amplify update storage" after linking a User Pool (with an identity pool) in Amplify Studio, configuring Storage in Studio, and pulling to my local machine.

Studio gives me this message in Storage, Identity Pool is configured: image

izner32 commented 4 months ago

We just faced this error as well. Any workarounds ?

-> Create an identity pool. -> Connect it with the user pool you imported. -> Remove the imported auth with 'amplify remove auth' -> Re-import the auth along with the created identity pool using 'amplify import auth'

PopBot commented 3 months ago

So we still must create a new User pool, or can we remove the old, attach the identity pool, and re-add it?

sumitsahoo commented 3 months ago

We are also getting the same error. We are using a custom cognito user pool with Azure AD SAML provider.

PopBot commented 3 months ago

I got it working by creating the S3 storage bucket, and assigning proper role permissions to the Cognito user pool for access. Then the import worked.