Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

[aws-cognito] Change domainPrefix after initial deploy

See original GitHub issue

I wanted to change the hosted UI domain prefix after an initial deploy (userPoolCognitoDomainPrefix), but I’m getting a 400 on subsequent deploys. (I’ve just recently started to work with Cognito with CDK, so there might be some constraints in Cognito I’m not aware of. Keep up the good work!)

User pool already has a domain configured. (Service: AWSCognitoIdentityProviderService; Status Code: 400; Error Code: InvalidParameterException; Request ID: 8e2a6c6e-c9c3-443c-b09c-f95abc71843e; Proxy: null)

Reproduction Steps

import * as cdk from '@aws-cdk/core';
import * as cognito from '@aws-cdk/aws-cognito';

export class IdentityStack extends cdk.Stack {
  userPool: cognito.UserPool;
  userPoolClientName = 'Identity';
  userPoolCognitoDomainPrefix = 'identity-dev'

  constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
    super(scope, id, props);

    this.userPool = new cognito.UserPool(this, 'UserPool', {});

    this.userPool.addClient('UserPoolClient', {
      userPoolClientName: 'Identity',
      oAuth: {
        callbackUrls: [
          'http://localhost:3005'
        ]
      }
    });

    this.userPool.addDomain('UserPoolDomain', {
      cognitoDomain: {
        domainPrefix: this.userPoolCognitoDomainPrefix
      }
    });
  }
}

What did you expect to happen?

The domain should update and remove the old one as it’s no longer specified.

What actually happened?

identity:  1/3 | 7:55:51 AM | UPDATE_FAILED        | AWS::Cognito::UserPoolDomain | UserPool/UserPoolDomain (UserPoolUserPoolDomain9F01E991)
User pool already has a domain configured. (Service: AWSCognitoIdentityProviderService; Status Code: 400; Error Code: InvalidParameterException; Request ID: 8e2a6c6e-c9c3-443c-b09c-f95abc71843e; Proxy: null)

Environment

  • CLI Version : 1.61.1
  • Framework Version:
  • Node.js Version: v12.18.3
  • OS : MacOS 10.15.3
  • Language (Version): TypeScript 3.7.5

Other

identity: 1.61.1 (build 347918f)
identity: IdentityStack: deploying...
identity: IdentityStack: creating CloudFormation changeset...
identity:  0/3 | 7:55:44 AM | UPDATE_IN_PROGRESS   | AWS::CloudFormation::Stack   | IdentityStack User Initiated
identity:  0/3 | 7:55:49 AM | UPDATE_IN_PROGRESS   | AWS::Cognito::UserPoolClient | UserPool/UserPoolClient (UserPoolUserPoolClient40176907) 
identity:  1/3 | 7:55:50 AM | UPDATE_COMPLETE      | AWS::Cognito::UserPoolClient | UserPool/UserPoolClient (UserPoolUserPoolClient40176907) 
identity:  1/3 | 7:55:50 AM | UPDATE_IN_PROGRESS   | AWS::Cognito::UserPoolDomain | UserPool/UserPoolDomain
(UserPoolUserPoolDomain9F01E991)
Requested update requires the creation of a new physical resource; hence creating one.
identity:  1/3 | 7:55:51 AM | UPDATE_FAILED        | AWS::Cognito::UserPoolDomain | UserPool/UserPoolDomain (UserPoolUserPoolDomain9F01E991)
User pool already has a domain configured. (Service: AWSCognitoIdentityProviderService; Status Code: 400; Error Code: InvalidParameterException; Request ID: 8e2a6c6e-c9c3-443c-b09c-f95abc71843e; Proxy: null)

This is 🐛 Bug Report

Issue Analytics

  • State:open
  • Created 3 years ago
  • Reactions:5
  • Comments:5 (4 by maintainers)

github_iconTop GitHub Comments

5reactions
nija-atcommented, Sep 3, 2020

Internal tracking: i/CFN-33216

2reactions
nija-atcommented, Sep 2, 2020

It seems like this is a limitation of the Cognito backend service that does not let user pool domain be updated.

Can you try a 2-stage deploy? First, remove the addDomain() method call from your CDK app and deploy, then, add the addDomain() back but with the new settings and deploy again.

Read more comments on GitHub >

github_iconTop Results From Across the Web

AWS::Cognito::UserPoolDomain - AWS CloudFormation
The AWS::Cognito::UserPoolDomain resource creates a new domain for a user pool. ... entity in your AWS CloudFormation template, use the following syntax: ...
Read more >
Amazon Cognito - A Complete Beginner Guide - Be a Better Dev
Learn about the fundamentals of Amazon Cognito including User Pools and Identity Pools from a complete beginner perspective.
Read more >
CognitoIdentityProvider — Boto3 Docs 1.26.36 documentation
An app client must be enabled to use this flow. NEW_PASSWORD_REQUIRED : For users who are required to change their passwords after successful...
Read more >
AWS COGNITO AUTHENTICATION FOR PHP APPLICATION
Step by step instructions to implement AWS Cognito authentication to a simple PHP ... Replace the following in the above source code,.
Read more >
Single Sign-On (SSO) using AWS Cognito and Azure AD
How to implement SSO using AWS Cognito and Azure AD ... “App integration” -> “Domain name” -> fill in the domain prefix ->...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

[aws-codepipeline-actions] Cannot assume role by code pipeline on code pipeline action AWS CDK

Next page

[appmesh] VirtualNode in separate stack from Mesh creates circular dependency