Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[aws-cognito] Change domainPrefix after initial deploy #10062

Open
niklaswallerstedt opened this issue Aug 30, 2020 · 6 comments
Open

[aws-cognito] Change domainPrefix after initial deploy #10062

niklaswallerstedt opened this issue Aug 30, 2020 · 6 comments
Labels
@aws-cdk/aws-cognito Related to Amazon Cognito blocked Work is blocked on this issue for this codebase. Other labels or comments may indicate why. bug This issue is a bug. needs-cfn This issue is waiting on changes to CloudFormation before it can be addressed. p2

Comments

@niklaswallerstedt
Copy link
Contributor

I wanted to change the hosted UI domain prefix after an initial deploy (userPoolCognitoDomainPrefix), but I'm getting a 400 on subsequent deploys. (I've just recently started to work with Cognito with CDK, so there might be some constraints in Cognito I'm not aware of. Keep up the good work!)

User pool already has a domain configured. (Service: AWSCognitoIdentityProviderService; Status Code: 400; Error Code: InvalidParameterException; Request ID: 8e2a6c6e-c9c3-443c-b09c-f95abc71843e; Proxy: null)

Reproduction Steps

import * as cdk from '@aws-cdk/core';
import * as cognito from '@aws-cdk/aws-cognito';

export class IdentityStack extends cdk.Stack {
  userPool: cognito.UserPool;
  userPoolClientName = 'Identity';
  userPoolCognitoDomainPrefix = 'identity-dev'

  constructor(scope: cdk.Construct, id: string, props?: cdk.StackProps) {
    super(scope, id, props);

    this.userPool = new cognito.UserPool(this, 'UserPool', {});

    this.userPool.addClient('UserPoolClient', {
      userPoolClientName: 'Identity',
      oAuth: {
        callbackUrls: [
          'http://localhost:3005'
        ]
      }
    });

    this.userPool.addDomain('UserPoolDomain', {
      cognitoDomain: {
        domainPrefix: this.userPoolCognitoDomainPrefix
      }
    });
  }
}

What did you expect to happen?

The domain should update and remove the old one as it's no longer specified.

What actually happened?

identity:  1/3 | 7:55:51 AM | UPDATE_FAILED        | AWS::Cognito::UserPoolDomain | UserPool/UserPoolDomain (UserPoolUserPoolDomain9F01E991)
User pool already has a domain configured. (Service: AWSCognitoIdentityProviderService; Status Code: 400; Error Code: InvalidParameterException; Request ID: 8e2a6c6e-c9c3-443c-b09c-f95abc71843e; Proxy: null)

Environment

  • CLI Version : 1.61.1
  • Framework Version:
  • Node.js Version: v12.18.3
  • OS : MacOS 10.15.3
  • Language (Version): TypeScript 3.7.5

Other

identity: 1.61.1 (build 347918f)
identity: IdentityStack: deploying...
identity: IdentityStack: creating CloudFormation changeset...
identity:  0/3 | 7:55:44 AM | UPDATE_IN_PROGRESS   | AWS::CloudFormation::Stack   | IdentityStack User Initiated
identity:  0/3 | 7:55:49 AM | UPDATE_IN_PROGRESS   | AWS::Cognito::UserPoolClient | UserPool/UserPoolClient (UserPoolUserPoolClient40176907) 
identity:  1/3 | 7:55:50 AM | UPDATE_COMPLETE      | AWS::Cognito::UserPoolClient | UserPool/UserPoolClient (UserPoolUserPoolClient40176907) 
identity:  1/3 | 7:55:50 AM | UPDATE_IN_PROGRESS   | AWS::Cognito::UserPoolDomain | UserPool/UserPoolDomain
(UserPoolUserPoolDomain9F01E991)
Requested update requires the creation of a new physical resource; hence creating one.
identity:  1/3 | 7:55:51 AM | UPDATE_FAILED        | AWS::Cognito::UserPoolDomain | UserPool/UserPoolDomain (UserPoolUserPoolDomain9F01E991)
User pool already has a domain configured. (Service: AWSCognitoIdentityProviderService; Status Code: 400; Error Code: InvalidParameterException; Request ID: 8e2a6c6e-c9c3-443c-b09c-f95abc71843e; Proxy: null)

This is 🐛 Bug Report
@niklaswallerstedt niklaswallerstedt added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Aug 30, 2020
@github-actions github-actions bot added the @aws-cdk/aws-cognito Related to Amazon Cognito label Aug 30, 2020
@nija-at
Copy link
Contributor

nija-at commented Sep 2, 2020

It seems like this is a limitation of the Cognito backend service that does not let user pool domain be updated.

Can you try a 2-stage deploy? First, remove the addDomain() method call from your CDK app and deploy, then, add the addDomain() back but with the new settings and deploy again.

@nija-at nija-at added the response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. label Sep 2, 2020
@niklaswallerstedt
Copy link
Contributor Author

Yeah, I tried that workaround when I was trying to update the domain and it works.

I was posting the bug report because I felt that it didn't behave as I was expecting it to.

@github-actions github-actions bot removed the response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. label Sep 3, 2020
@nija-at nija-at added the needs-cfn This issue is waiting on changes to CloudFormation before it can be addressed. label Sep 3, 2020
@nija-at
Copy link
Contributor

nija-at commented Sep 3, 2020

Internal tracking: i/CFN-33216

@SomayaB SomayaB removed the needs-triage This issue or PR still needs to be triaged. label Sep 3, 2020
douglasnaphas added a commit to douglasnaphas/madliberation that referenced this issue Feb 9, 2021
@douglasnaphas
Remove the User Pool Domain so I can rename it
aaf39a2 
gh-274

This is based on the workaround for the exact problem described here:

aws/aws-cdk#10062

Basically I got the error "User pool already has a domain configured."
when I tried to rename the User Pool Domain.

So here I'm deleting the user pool domain so I can re-deploy it with a
new name. It's the workaround described as a "2-stage deploy" in the
issue comments.
douglasnaphas added a commit to douglasnaphas/madliberation that referenced this issue Feb 9, 2021
@douglasnaphas
Re-deploy the Cognito domain with a new name
f9465f4 
gh-274

This is to complete the 2-step deploy described here:

aws/aws-cdk#10062 (comment)

I'm renaming the Cognito User Pool Domain with a fixed-size string with
acceptable letters for a Domain prefix, and that varies based on the
repo namespace, repo name, branch, and account.
@calebvarghese
Copy link

It seems like this is a limitation of the Cognito backend service that does not let user pool domain be updated.

Can you try a 2-stage deploy? First, remove the addDomain() method call from your CDK app and deploy, then, add the addDomain() back but with the new settings and deploy again.

The 2 stage deployment worked with me, weird that the cdk has this issue

@peterwoodworth
Copy link
Contributor

I've reached out on the original ticket posted by niranjan. Hopefully will get a response soon

@peterwoodworth peterwoodworth self-assigned this Jun 21, 2022
@peterwoodworth peterwoodworth added the blocked Work is blocked on this issue for this codebase. Other labels or comments may indicate why. label Mar 15, 2023
@peterwoodworth peterwoodworth removed their assignment Mar 15, 2023
@pahud pahud added the p2 label Mar 21, 2023
@sobolk sobolk mentioned this issue Jul 18, 2023
Merged
6 tasks
@sobolk
Copy link

sobolk commented Jul 18, 2023
edited
Loading

The inability to update domainPrefix is blocking us (AWS Amplify) from replacing our custom lambda callout with proper CFN resource.
The workaround in form of 2 deployments is not feasible for us.
Can we get this bug fixed ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
@aws-cdk/aws-cognito Related to Amazon Cognito blocked Work is blocked on this issue for this codebase. Other labels or comments may indicate why. bug This issue is a bug. needs-cfn This issue is waiting on changes to CloudFormation before it can be addressed. p2
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@pahud @niklaswallerstedt @sobolk @nija-at @SomayaB @peterwoodworth @calebvarghese