如何配置无服务器 Cognito Lambda 触发器
How to configure Serverless Cognito Lambda Triggers
使用无服务器框架创建一个 Cognito 用户池以及几个 lambda 用于 TOPT SMS 授权期间的认知事件。一切都已创建,但 lambda 函数未在 Cognito 中注册。
对无服务器来说相对较新,但似乎无法让它们建立连接。尝试过池名称,因为其他人试图在创建结束时将池名称标记为已经存在池在那里并且 lambda 在那里但没有连接。
目前正在关注另一个 post 尝试将用户池更改为 CognitoUserPoolMyUserPool,然后在 lambda 中将其引用为 MyUserPool。还在两个位置尝试了 CognitoUserPool,但都不起作用。
示例 serverless.yaml 文件:
service: cognito-authentication
frameworkVersion: ">=1.1.0 <2.0.0"
package:
individually: false
plugins:
- serverless-bundle
custom:
stage: ${opt:stage, self:provider.stage}
poolName: ${self:custom.stage}-user-pool
provider:
name: aws
runtime: nodejs10.x
stage: dev
iamRoleStatements:
- Effect: Allow
Action:
- sns:*
Resource:
- "*"
functions:
preSignUp:
handler: functions/pre-signup.main
events:
- cognitoUserPool:
pool: MyUserPool
trigger: PreSignUp
defineAuthChallenge:
handler: functions/define-auth-challenge.main
events:
- cognitoUserPool:
pool: MyUserPool
trigger: DefineAuthChallenge
createAuthChallenge:
handler: functions/create-auth-challenge.main
events:
- cognitoUserPool:
pool: MyUserPool
trigger: CreateAuthChallenge
verifyAuthChallengeResponse:
handler: functions/verify-auth-challenge-response.main
events:
- cognitoUserPool:
pool: MyUserPool
trigger: VerifyAuthChallengeResponse
resources:
Resources:
CognitoUserPoolMyUserPool:
Type: "AWS::Cognito::UserPool"
Properties:
# Generate a name based on the stage
UserPoolName: ${self:custom.poolName}
# Set phone_number as an alias
UsernameAttributes:
- phone_number
Policies:
PasswordPolicy:
MinimumLength: 6
RequireLowercase: False
RequireNumbers: False
RequireSymbols: False
RequireUppercase: False
CognitoUserPoolClient:
Type: "AWS::Cognito::UserPoolClient"
Properties:
# Generate an app client name based on the stage
ClientName: ${self:custom.stage}-sms-auth-client
UserPoolId:
Ref: CognitoUserPoolMyUserPool
ExplicitAuthFlows:
- CUSTOM_AUTH_FLOW_ONLY
GenerateSecret: false
期望用户池已正确创建并配置为使用 lambda 执行触发的工作流。
我已经复制粘贴了您的代码(并添加了相关的 Lambda 函数),它对我有用。
我已经使用以下命令测试了 PreSignUp:
aws cognito-idp admin-create-user --region <region> --user-pool-id <user-pool-id> --username <phone>
虽然没有显示在 AWS 控制台 Lambda 中 UI,但触发器确实显示在 Cognito->User Pools->dev-user-pool->Triggers 中,这令人困惑。
示例回购:https://github.com/erezrokah/serverless-cognito-triggers
我在您的 serverless.yml 中发现了问题。您在 cognitoUserPool 下缺少缩进。我尝试了两种方法,并且它可以使用额外的缩进。
preSignUp:
handler: functions/pre-signup.main
events:
- cognitoUserPool:
pool: MyUserPool
trigger: PreSignUp
使用无服务器框架创建一个 Cognito 用户池以及几个 lambda 用于 TOPT SMS 授权期间的认知事件。一切都已创建,但 lambda 函数未在 Cognito 中注册。
对无服务器来说相对较新,但似乎无法让它们建立连接。尝试过池名称,因为其他人试图在创建结束时将池名称标记为已经存在池在那里并且 lambda 在那里但没有连接。
目前正在关注另一个 post 尝试将用户池更改为 CognitoUserPoolMyUserPool,然后在 lambda 中将其引用为 MyUserPool。还在两个位置尝试了 CognitoUserPool,但都不起作用。
示例 serverless.yaml 文件:
service: cognito-authentication
frameworkVersion: ">=1.1.0 <2.0.0"
package:
individually: false
plugins:
- serverless-bundle
custom:
stage: ${opt:stage, self:provider.stage}
poolName: ${self:custom.stage}-user-pool
provider:
name: aws
runtime: nodejs10.x
stage: dev
iamRoleStatements:
- Effect: Allow
Action:
- sns:*
Resource:
- "*"
functions:
preSignUp:
handler: functions/pre-signup.main
events:
- cognitoUserPool:
pool: MyUserPool
trigger: PreSignUp
defineAuthChallenge:
handler: functions/define-auth-challenge.main
events:
- cognitoUserPool:
pool: MyUserPool
trigger: DefineAuthChallenge
createAuthChallenge:
handler: functions/create-auth-challenge.main
events:
- cognitoUserPool:
pool: MyUserPool
trigger: CreateAuthChallenge
verifyAuthChallengeResponse:
handler: functions/verify-auth-challenge-response.main
events:
- cognitoUserPool:
pool: MyUserPool
trigger: VerifyAuthChallengeResponse
resources:
Resources:
CognitoUserPoolMyUserPool:
Type: "AWS::Cognito::UserPool"
Properties:
# Generate a name based on the stage
UserPoolName: ${self:custom.poolName}
# Set phone_number as an alias
UsernameAttributes:
- phone_number
Policies:
PasswordPolicy:
MinimumLength: 6
RequireLowercase: False
RequireNumbers: False
RequireSymbols: False
RequireUppercase: False
CognitoUserPoolClient:
Type: "AWS::Cognito::UserPoolClient"
Properties:
# Generate an app client name based on the stage
ClientName: ${self:custom.stage}-sms-auth-client
UserPoolId:
Ref: CognitoUserPoolMyUserPool
ExplicitAuthFlows:
- CUSTOM_AUTH_FLOW_ONLY
GenerateSecret: false
期望用户池已正确创建并配置为使用 lambda 执行触发的工作流。
我已经复制粘贴了您的代码(并添加了相关的 Lambda 函数),它对我有用。
我已经使用以下命令测试了 PreSignUp:
aws cognito-idp admin-create-user --region <region> --user-pool-id <user-pool-id> --username <phone>
虽然没有显示在 AWS 控制台 Lambda 中 UI,但触发器确实显示在 Cognito->User Pools->dev-user-pool->Triggers 中,这令人困惑。
示例回购:https://github.com/erezrokah/serverless-cognito-triggers
我在您的 serverless.yml 中发现了问题。您在 cognitoUserPool 下缺少缩进。我尝试了两种方法,并且它可以使用额外的缩进。
preSignUp:
handler: functions/pre-signup.main
events:
- cognitoUserPool:
pool: MyUserPool
trigger: PreSignUp