Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Service definition(cognito-idp): Should `UserPoolAddOnsType.AdvancedSecurityMode` be optional?

See original GitHub issue

I am a maintainer of Amazonka, an unofficial Haskell SDK for AWS. We use botocore definitions to generate the bulk of the Haskell code. In https://github.com/brendanhay/amazonka/issues/473 , a user reported that calling CreateUserPool with no UserPoolAddOns field set (as permitted by API spec) resulted in a deserialisation failure. This was because the response appeared to contain "UserPoolAddOns": {}.

We have worked around this by making the AdvancedSecurityMode setting optional, so that {} can be parsed as a UserPoolAddOnsType, but it is not clear what the correct upstream fix is. All the remedies i can think of either duplicate definitions, admit malformed requests, or risk breaking clients who rely on the response from CreateUserPool to always include the UserPoolAddOns key in its UserPool structure.

Issue Analytics

  • State:closed
  • Created 2 years ago
  • Comments:7

github_iconTop GitHub Comments

1reaction
endgamecommented, Oct 6, 2021

I created a user pool with a body of {"PoolName":"test-pool"} in the request and get no UserPoolAddOns in the response. If I try {"PoolName": "test-pool", "UserPoolAddOns": {}} in the request, it is correctly rejected by AWS.

Based off our bug report, the request was reported to have no UserPoolAddOns and the response UserPoolAddOns: {}, but I cannot replicate this in either us-east-1 or ap-southeast-2. If Cognito was ever returning a response that disagreed with its own service definition, it has long since been fixed. Thanks very much for your time.

Closing - not a bug?

0reactions
stobrien89commented, Oct 6, 2021

No problem! Glad we were able to help.

Read more comments on GitHub >

github_iconTop Results From Across the Web

CreateUserPool - Amazon Cognito User Pools
Creates a new Amazon Cognito user pool and sets the password policy for the pool.
Read more >
aws-sdk-js/cognito-idp-2016-04-18.normal.json at master
</p> <p>You must make this API request with Amazon Web Services credentials that have <code>cognito-idp:AdminDisableUser</code> permissions.
Read more >
Paws::CognitoIdp - Perl Interface to AWS Amazon Cognito ...
DESCRIPTION. Using the Amazon Cognito User Pools API, you can create a user pool to manage directories and users. You can authenticate a...
Read more >
aws_cognito_user_pool | Resources | hashicorp/aws
account_recovery_setting - (Optional) Configuration block to define which verified ... Before you can delete a user pool that you have protected against ...
Read more >
Setup AWS Cognito User Pool with an Azure AD identity ...
Amazon Cognito — service that provides authentication, authorization, and user management for web and mobile apps. Users can sign-in directly with a ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Add host.docker.internal to ContainerMetadataFetcher list of approved hosts

Next page

Service Definition(autoscaling): AutoScalingGroupName marked required in Activity but is actually optional