search

aws / aws-cdk

The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code
https://aws.amazon.com/cdk
Apache License 2.0
11.35k stars 3.77k forks source link

aws-cdk/aws-cognito-identitypool-alpha: IdentityPool.fromIdentityPool* static methods do not support Fn.importValue #28184

Open uyrussell21 opened 7 months ago

uyrussell21 commented 7 months ago

Describe the bug

Using Fn.importValue method from aws-cdk-lib as input for IdentityPool.fromIdentityPoolArn or IdentityPool.fromIdentityPoolId will error out:

Error: Invalid Identity Pool Id: Identity Pool Ids must follow the format <region>:<id>

Expected Behavior

I expected for Fn.importValue to be a supported argument for fromIdentityPoolArn or fromIdentityPoolId static methods

Current Behavior

Using Fn.importValue('outputName') as ARN or Id arg throws out:

Error: Invalid Identity Pool Id: Identity Pool Ids must follow the format <region>:<id>

Reproduction Steps

// StackWithIdPool
import * as cognito_identitypool_alpha from "@aws-cdk/aws-cognito-identitypool-alpha";

const existingIdentityPool = new cognito_identitypool_alpha.IdentityPool(
  this,
  "IdentityPool",
  {
    identityPoolName: "some-id-pool",
    allowUnauthenticatedIdentities: true,
  }
);

new cdk.CfnOutput(this, "ExistingIdentityPoolArn", {
  value: existingIdentityPool.identityPoolArn,
  exportName: "existingIdentityPoolArn",
});
// AnotherStack

cognito_identitypool_alpha.IdentityPool.fromIdentityPoolArn(
  scope,
  'ExistingIdentityPool',
  Fn.importValue('existingIdentityPoolArn'),
);

Possible Solution

No response

Additional Information/Context

No response

CDK CLI Version

2.110.1-1

Framework Version

No response

Node.js Version

18.13.0

OS

Windows 10

Language

TypeScript

Language Version

No response

Other information

No response

BwL1289 commented 4 months ago

This is also true if using an SSM parameter.

BwL1289 commented 4 months ago

I'm pretty sure the static methods are completely broken. Im not sure how it's possible, but if I hardcode the ARN value directly into identity_pool_arn, it works.

If i pass a variable of any kind (even if that variable is hardcoded), it errors RuntimeError: Error: ARNs must start with "arn:" and have at least 6 components:

For example, this works:

self._cognito_identity_pool = IdentityPool.from_identity_pool_arn(
    self,
    "CognitoIdentityPool",
    identity_pool_arn="XXXXXXX",
)

This does not work:

identity_pool_arn="XXXXXXX"
self._cognito_identity_pool = IdentityPool.from_identity_pool_arn(
    self,
    "CognitoIdentityPool",
    identity_pool_arn=identity_pool_arn,
)
dylan-westbury commented 4 weeks ago

How is it possible to achieve without hardcoding value? Tried SSM and cfnExport

dummy-value-for-identityPoolId is what's set which is against validation