Aws-cdk: [aws-cognito] Change domainPrefix after initial deploy
I wanted to change the hosted UI domain prefix after an initial deploy (userPoolCognitoDomainPrefix), but I'm getting a 400 on subsequent deploys. (I've just recently started to work with Cognito with CDK, so there might be some constraints in Cognito I'm not aware of. Keep up the good work!)
User pool already has a domain configured. (Service: AWSCognitoIdentityProviderService; Status Code: 400; Error Code: InvalidParameterException; Request ID: 8e2a6c6e-c9c3-443c-b09c-f95abc71843e; Proxy: null)
Reproduction Steps
import * as cdk from '@aws-cdk/core';
import * as cognito from '@aws-cdk/aws-cognito';
export class IdentityStack extends cdk.Stack {
userPool: cognito.UserPool;
userPoolClientName = 'Identity';
userPoolCognitoDomainPrefix = 'identity-dev'
constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
super(scope, id, props);
this.userPool = new cognito.UserPool(this, 'UserPool', {});
this.userPool.addClient('UserPoolClient', {
userPoolClientName: 'Identity',
oAuth: {
callbackUrls: [
'http://localhost:3005'
]
}
});
this.userPool.addDomain('UserPoolDomain', {
cognitoDomain: {
domainPrefix: this.userPoolCognitoDomainPrefix
}
});
}
}
What did you expect to happen?
The domain should update and remove the old one as it's no longer specified.
What actually happened?
identity: 1/3 | 7:55:51 AM | UPDATE_FAILED | AWS::Cognito::UserPoolDomain | UserPool/UserPoolDomain (UserPoolUserPoolDomain9F01E991)
User pool already has a domain configured. (Service: AWSCognitoIdentityProviderService; Status Code: 400; Error Code: InvalidParameterException; Request ID: 8e2a6c6e-c9c3-443c-b09c-f95abc71843e; Proxy: null)
Environment
- CLI Version : 1.61.1
- Framework Version:
- Node.js Version: v12.18.3
- OS : MacOS 10.15.3
- Language (Version): TypeScript 3.7.5
Other
identity: 1.61.1 (build 347918f)
identity: IdentityStack: deploying...
identity: IdentityStack: creating CloudFormation changeset...
identity: 0/3 | 7:55:44 AM | UPDATE_IN_PROGRESS | AWS::CloudFormation::Stack | IdentityStack User Initiated
identity: 0/3 | 7:55:49 AM | UPDATE_IN_PROGRESS | AWS::Cognito::UserPoolClient | UserPool/UserPoolClient (UserPoolUserPoolClient40176907)
identity: 1/3 | 7:55:50 AM | UPDATE_COMPLETE | AWS::Cognito::UserPoolClient | UserPool/UserPoolClient (UserPoolUserPoolClient40176907)
identity: 1/3 | 7:55:50 AM | UPDATE_IN_PROGRESS | AWS::Cognito::UserPoolDomain | UserPool/UserPoolDomain
(UserPoolUserPoolDomain9F01E991)
Requested update requires the creation of a new physical resource; hence creating one.
identity: 1/3 | 7:55:51 AM | UPDATE_FAILED | AWS::Cognito::UserPoolDomain | UserPool/UserPoolDomain (UserPoolUserPoolDomain9F01E991)
User pool already has a domain configured. (Service: AWSCognitoIdentityProviderService; Status Code: 400; Error Code: InvalidParameterException; Request ID: 8e2a6c6e-c9c3-443c-b09c-f95abc71843e; Proxy: null)
This is :bug: Bug Report
niklaswallerstedt
All 3 comments
It seems like this is a limitation of the Cognito backend service that does not let user pool domain be updated.
Can you try a 2-stage deploy? First, remove the addDomain() method call from your CDK app and deploy, then, add the addDomain() back but with the new settings and deploy again.
nija-at
on 2 Sep 2020
Yeah, I tried that workaround when I was trying to update the domain and it works.
I was posting the bug report because I felt that it didn't behave as I was expecting it to.
niklaswallerstedt
on 2 Sep 2020
Internal tracking: i/CFN-33216
nija-at
on 3 Sep 2020
Related issues
eladb
路
3Comments
nzspambot
路
3Comments
EduardTheThird
路
3Comments
vgribok
路
3Comments
mirazmamun
路
3Comments
Most helpful comment
Internal tracking: i/CFN-33216