带有 CloudFormation 的 AWS Cognito - 架构属性上的 InvalidParameterException

AWS Cognito with CloudFormation - InvalidParameterException on schema sttributes

我正在尝试使用 CloudFormation 创建 Cognito 用户池,但在创建时不断出现以下错误:

Required custom attributes are not supported currently. (Service: AWSCognitoIdentityProviderService; Status Code: 400; Error Code: InvalidParameterException; Request ID: d21bec3f-adca-4c38-a91a-fa59f16a2cdc; Proxy: null)

错误消息说我正在尝试创建自定义属性,但我只是想为标准属性指定行为,例如emailusernamepreferred_username

AWS 文档在这里帮助不大。知道发生了什么事吗? 请参阅下面我的 CF 代码:

  CognitoUserPool:
    Type: AWS::Cognito::UserPool
    Properties: 
      AccountRecoverySetting: # Defines which verified available method a user can use to recover their password when they call ForgotPassword
         RecoveryMechanisms:
          - Name: "verified_email"
            Priority: 1
      AdminCreateUserConfig: 
        AllowAdminCreateUserOnly: False
      Policies: 
        PasswordPolicy: 
          MinimumLength: 6
          RequireLowercase: False
          RequireNumbers: False
          RequireSymbols: False
          RequireUppercase: False
          TemporaryPasswordValidityDays: 7
      Schema: 
        - AttributeDataType: "String"
          Mutable: False
          Name: "email"
          Required: True
        - AttributeDataType: "String"
          Mutable: False
          Name: "username"
          Required: True
        - AttributeDataType: "String"
          Mutable: True
          Name: "preferred_username"
          Required: True
      UsernameAttributes: # This user pool property cannot be updated
        - "email"
      UserPoolName: !Sub "${ProjectName}-userPool-${BranchName}"

感谢您的帮助, 乔尔

所以...更仔细地阅读所有内容后,我意识到 username 是一种奇怪的属性,因为它不是文档中标准属性列表的一部分 (here) 但是然而,它总是需要的,如文档中所述:

The username value is a separate attribute and not the same as the name attribute. A username is always required to register a user, and it cannot be changed after a user is created.

所以我从模式中取出了那个属性,认为无论如何它都会存在并且我可能无法更改它的属性。之后就正常了