Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Cognito Trigger templates' return and permissions issue

See original GitHub issue

Before opening, please confirm:

I have installed the latest version of the Amplify CLI (see above), and confirmed that the issue still persists.
I have searched for duplicate or closed issues.
I have read the guide for submitting bug reports.
I have done my best to include a minimal, self-contained set of instructions for consistently reproducing the issue.

How did you install the Amplify CLI?

yarn

If applicable, what version of Node.js are you using?

16.3

Amplify CLI Version

5.0.1

What operating system are you using?

Mac

Amplify Categories

auth

Amplify Commands

Not applicable

Describe the bug

Return Issue

Trigger’s index.js file calls module handlers by passing handler(event, context, callback) without a return, and inside the “module” file (i.e. add-to-group.js) callback is not utilized and response is not returned.

message: “Invalid lambda function output : Invalid JSON” __type: “InvalidLambdaResponseException”

cognito add-to-user trigger https://github.com/aws-amplify/amplify-cli/issues/7576#issuecomment-865924364
mock-related https://github.com/aws-amplify/amplify-cli/issues/7531
https://github.com/aws-amplify/amplify-cli/issues/7179

Permission Issue

In the add-to-group Cognito trigger template, it makes a call to create a group, however these permissions are missing https://github.com/aws-amplify/amplify-cli/issues/7576#issuecomment-865912228

Expected behavior

Template trigger files should return out-of-the-box and appropriate permissions are attached.

Reproduction steps

(follow steps in issues noted above)

GraphQL schema(s)

# Put schemas below this line

Log output

# Put your logs below this line

Additional information

No response

Issue Analytics

State:
Created 2 years ago
Reactions:2
Comments:14 (3 by maintainers)

Top GitHub Comments

8reactions

scottmcmastercommented, Mar 9, 2022

I “solved” this by modifying custom-policies.json as follows:

[
  {
    "Effect": "Allow",
    "Action": [
      "cognito-idp:CreateGroup",
      "cognito-idp:AdminAddUserToGroup"
    ],
    "Resource": [
      "<MY HARD-CODED USERPOOL ARN FROM THE ERROR MESSAGE>"
    ]
  }
]

7reactions

jerocosiocommented, Sep 22, 2022

I’m having the same issue with the circular dependencies, but trying to get access to a DynamoDB table with still no luck, only getting errors when trying to deploy.

I think it’s extremely bad that this issues has been around since 2019 and there’s still no actual fix in the roadmap, we need to do this ‘hacky’ way to do things as simple as reading from a database before a user signs-up.

Even the official documentation has a way of doing this use case, but this wouldn’t work on a real world scenario as the selected triggers through the console will be overwritten every time you update any other. I think this should be prioritized as it renders the trigger functions basically useless except for really basic operations like sending e-mails.