Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
aws-cognito: Invalid write attribute for client
See original GitHub issueDescribe the bug
Creating a writeable custom attribute on a User Pool Client results in an error when deploying.
Expected Behavior
Custom attributes are able to be made writeable in User Pool Clients just like standard attributes are.
Current Behavior
Error output from deploy command:
8:37:09 AM | CREATE_FAILED | AWS::Cognito::UserPoolClient | LocalUserPoolEncoreClientD9A7741D
Invalid write attributes specified while creating a client (Service: AWSCognitoIdentityProviderService; Status Code: 400; Error Code: InvalidParameterException; Request ID: ef50ac13-2935-4fc2-91e4-216daad7f183; Proxy: null)
❌ EncoreStack-local failed: Error: The stack named EncoreStack-local failed creation, it may need to be manually deleted from the AWS console: ROLLBACK_COMPLETE: Invalid write attributes specified while creating a client (Service: AWSCognitoIdentityProviderService; Status Code: 400; Error Code: InvalidParameterException; Request ID: ef50ac13-2935-4fc2-91e4-216daad7f183; Proxy: null)
at prepareAndExecuteChangeSet (/Users/jackson/dev/enc-perf-web/cdk/node_modules/aws-cdk/lib/api/deploy-stack.ts:385:13)
at processTicksAndRejections (node:internal/process/task_queues:96:5)
at CdkToolkit.deploy (/Users/jackson/dev/enc-perf-web/cdk/node_modules/aws-cdk/lib/cdk-toolkit.ts:209:24)
at initCommandLine (/Users/jackson/dev/enc-perf-web/cdk/node_modules/aws-cdk/lib/cli.ts:341:12)
The stack named EncoreStack-local failed creation, it may need to be manually deleted from the AWS console: ROLLBACK_COMPLETE: Invalid write attributes specified while creating a client (Service: AWSCognitoIdentityProviderService; Status Code: 400; Error Code: InvalidParameterException; Request ID: ef50ac13-2935-4fc2-91e4-216daad7f183; Proxy: null)
Reproduction Steps
Create an instance of this class as part of a Stack
export class EncoreUserPool extends Construct {
readonly userPool: cognito.UserPool;
readonly userPoolClient: cognito.UserPoolClient;
constructor(scope: Construct, id: string, props: EncoreUserPoolProps) {
super(scope, id);
this.userPool = new cognito.UserPool(this, "UserPool", {
// ...rest
standardAttributes: {
email: { required: true, mutable: true },
},
customAttributes: {
existsInDjango: new cognito.StringAttribute({ mutable: true }),
},
});
// source of the error
const clientWriteAttributes = new cognito.ClientAttributes().withCustomAttributes("existsInDjango");
const clientReadAttributes = clientWriteAttributes.withStandardAttributes(
// some standard attributes here
);
this.userPoolClient = this.userPool.addClient("ClientPool", {
// ...rest
readAttributes: clientReadAttributes,
writeAttributes: clientWriteAttributes,
});
}
}
Possible Solution
No response
Additional Information/Context
The User Pool is being created no problem, the issues arises from trying to make the existsInDjango custom attribute writeable. Stack deploys just fine when that line is not included.
CDK CLI Version
2.28.0
Framework Version
aws-cdk@2.28.0
Node.js Version
16.13.1
OS
macOS 12.4
Language
Typescript
Language Version
typescript@3.9.10
Other information
No response
Issue Analytics
- State:
- Created a year ago
- Comments:5 (2 by maintainers)
Top Results From Across the Web
Cannot update read/write attributes of UserPoolClient via ...
I have been able to do so successfully for custom attributes but built-in attributes always return an error of "Invalid write attributes ......
Read more >Can't set writeable or readable properties on user pool client
But when I leave it in, I get this error: An error occurred while provisioning your stack: WebAppUserPoolWebClient - Invalid write attributes ......
Read more >User pool attributes - Amazon Cognito
Attributes are pieces of information that help you identify individual users, such as name, email address, and phone number. A new user pool...
Read more >create-user-pool-client — AWS CLI 2.9.8 Command Reference
The user pool attributes that the app client can write to. ... Possible values provided by Amazon Web Services are aws.cognito.signin.user.admin .
Read more >Cognito User Pool Example in AWS CDK - Complete Guide
In this article we provision a Cognito User Pool and a User Pool Client in AWS ... error is - "Invalid write attributes...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Awesome, will do soon, thanks!
In case this helps anyone, I had a custom attribute “name”. I didn’t notice it already existed in the standard cognito attributes (I thought it only used givenName and familyName). This error message could be more helpful if it included which attribute is the one causing the issue.