Closed javabrad closed 2 years ago
I just follow the examples/complete with this config, and I suggest that you should add the kms_key_id manually here:
lambda_config = {
create_auth_challenge = "arn:aws:lambda:ap-southeast-1:xxxxxx:function:cognito-create-auth-challenge"
custom_message = "arn:aws:lambda:ap-southeast-1:xxxxxx:function:cognito-custom-message"
define_auth_challenge = "arn:aws:lambda:ap-southeast-1:xxxxxx:function:cognito-define-auth-challenge"
post_authentication = "arn:aws:lambda:ap-southeast-1:xxxxxx:function:cognito-post-authentication"
post_confirmation = "arn:aws:lambda:ap-southeast-1:xxxxxx:function:cognito-post-confirmation"
pre_authentication = "arn:aws:lambda:ap-southeast-1:xxxxxx:function:cognito-pre-authentication"
pre_sign_up = "arn:aws:lambda:ap-southeast-1:xxxxxx:function:cognito-pre-sign-up"
pre_token_generation = "arn:aws:lambda:ap-southeast-1:xxxxxx:function:cognito-pre_token-generation"
user_migration = "arn:aws:lambda:ap-southeast-1:xxxxxx:function:cognito-user-migration"
verify_auth_challenge_response = "arn:aws:lambda:ap-southeast-1:xxxxxx:function:cognito-verify-auth-challenge-response"
kms_key_id = "arn:aws:kms:ap-southeast-1:xxxxxx:key/xxxx"
custom_sms_sender = {
lambda_arn = "arn:aws:lambda:ap-southeast-1:xxxxxx:function:cognito-custom-sms-sender"
lambda_version = "V1_0"
}
}
After you are deployed, then check the Lambda Config correct via this command:
aws cognito-idp describe-user-pool --user-pool-id YOUR-Cognito-ID --region ap-southeast-1 |jq -r '.UserPool.LambdaConfig'
It should be:
{
"PreSignUp": "arn:aws:lambda:ap-southeast-1:xxxxxx:function:cognito-pre-sign-up",
"CustomMessage": "arn:aws:lambda:ap-southeast-1:xxxxxx:function:cognito-custom-message",
"PostConfirmation": "arn:aws:lambda:ap-southeast-1:xxxxxx:function:cognito-post-confirmation",
"CustomSMSSender": {
"LambdaVersion": "V1_0",
"LambdaArn": "arn:aws:lambda:ap-southeast-1:xxxxxx:function:cognito-custom-sms-sender"
},
"KMSKeyID": "arn:aws:kms:ap-southeast-1:xxxxxx:key/xxxx"
}
@javabrad lambda_config
is defined as any
, therefore it accepts different types (string, objects, etc. Please check the complete example and the latest version.
@javabrad I'm closing this issue because the latest version lambda_config
is defined as any
. In case you still have the issue, please leave a comment.
see https://github.com/hashicorp/terraform/issues/21384
lambda example configuration fails due to map (any) definitions.
"All must be the same type" see the link provided to see an explanation of the error. email_sender is an object, not a string, and as such will fail validation.
lambda_config = { create_auth_challenge = "arn:aws:lambda:us-east-1:123456789012:function:create_auth_challenge" custom_message = "arn:aws:lambda:us-east-1:123456789012:function:custom_message" define_auth_challenge = "arn:aws:lambda:us-east-1:123456789012:function:define_auth_challenge" post_authentication = "arn:aws:lambda:us-east-1:123456789012:function:post_authentication" post_confirmation = "arn:aws:lambda:us-east-1:123456789012:function:post_confirmation" pre_authentication = "arn:aws:lambda:us-east-1:123456789012:function:pre_authentication" pre_sign_up = "arn:aws:lambda:us-east-1:123456789012:function:pre_sign_up" pre_token_generation = "arn:aws:lambda:us-east-1:123456789012:function:pre_token_generation" user_migration = "arn:aws:lambda:us-east-1:123456789012:function:user_migration" verify_auth_challenge_response = "arn:aws:lambda:us-east-1:123456789012:function:verify_auth_challenge_response" kms_key_id = "" custom_email_sender = { lambda_arn = "arn:aws:lambda:us-east-1:123456789012:function:custom_email_sender" lambda_version = "V1_0" } custom_sms_sender = { lambda_arn = "arn:aws:lambda:us-east-1:123456789012:function:custom_sms_sender" lambda_version = "V1_0" } }