I’m trying to setup custom auth triggers on cognito, but can’t seem to work out how to connect the lambda functions defined in my serverless.yml with my cognito stack being built with SST.
From what I can tell, I need to define the triggers when the stack is created, but I can’t quite work out how to pass the triggers in through props - how do I refer to the serverless functions in the creation of the stack?
My SST index:
import CognitoStack from "./CognitoStack";
export default function main(app) {
new CognitoStack(app, "cognito", { triggers: "WHAT GOES HERE?" });
}
My cognito stack:
export default class CognitoStack extends sst.Stack {
constructor(scope, id, props) {
super(scope, id, props);
const userPool = new cognito.UserPool(this, "UserPool", {
signInAliases: { username: true, email: true, phone: true },
lambdaTriggers: {
defineAuthChallenge: props.triggers.defineAuthChallenge,
createAuthChallenge: props.triggers.createAuthChallenge,
verifyAuthChallengeResponse: props.triggers.verifyAuthChallengeResponse,
},
selfSignUpEnabled: false,
});
const userPoolClient = new cognito.UserPoolClient(this, "UserPoolClient", {
userPool,
authFlows: {
custom: true,
refreshToken: true,
},
});
// Export values
new CfnOutput(this, "UserPoolId", {
value: userPool.userPoolId,
});
new CfnOutput(this, "UserPoolClientId", {
value: userPoolClient.userPoolClientId,
});
}
}
And my serverless.yml:
custom:
stage: ${opt:stage, self:provider.stage}
sstApp: ${self:custom.stage}-auth-infra
provider:
name: aws
runtime: nodejs12.x
stage: dev
region: eu-west-1
functions:
cognitoDefineAuthChallenge:
handler: handler.defineAuthChallenge
events:
- cognitoUserPool:
pool: !ImportValue ${self:custom.sstApp}-UserPoolId
trigger: defineAuthChallenge
cognitoCreateAuthChallenge:
handler: handler.createAuthChallenge
events:
- cognitoUserPool:
pool: !ImportValue ${self:custom.sstApp}-UserPoolId
trigger: createAuthChallenge
cognitoVerifyAuthChallengeResponse:
handler: handler.verifyAuthChallengeResponse
events:
- cognitoUserPool:
pool: !ImportValue ${self:custom.sstApp}-UserPoolId
trigger: verifyAuthChallengeResponse