Closed cmckni3 closed 2 years ago
Ran into a similar issue and commented on https://github.com/aws/aws-cdk/issues/12500 thinking it was related. Presently can't use CDK to deploy an API with a Cognito authorizer to GovCloud.
Ran into a similar issue and commented on aws/aws-cdk#12500 thinking it was related. Presently can't use CDK to deploy an API with a Cognito authorizer to GovCloud.
I worked around it by using CFN pseudo parameters and CFN functions.
There's also an issue with the IAM policy conditions for the identity pool #198
Have been running Cognito and application in GovCloud since July 2020.
@WaelA any updates? handy-wavy ETA?
Thank you for submitting this issue. We have addressed this issue in our CloudFormation templates so GovCloud user pools should now return the correct ARN.
I created a stack in
us-gov-west-1
and theArn
returned has the partition specified asaws
instead ofaws-us-gov
.Expected behavior
Arn returned via
GetAtt
should be valid.Suggest specific test cases
What I see in outputs and cross stack references (which fail!):
arn:aws:cognito-idp:us-gov-west-1:{AccountId}:userpool/us-gov-west-1_{UserPoolId}
Category (required) - Will help with tagging and be easier to find by other users to +1
Use the categories as displayed in the AWS Management Console (simplified):