-
Notifications
You must be signed in to change notification settings - Fork 4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(cognito): changing installLatestAwsSdk
breaks Client Secret reference
#23798
Changes from all commits
837b8b0
ce0ddfb
d5ff298
2a98289
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -451,7 +451,7 @@ export class UserPoolClient extends Resource implements IUserPoolClient { | |
'DescribeCognitoUserPoolClient', | ||
{ | ||
resourceType: 'Custom::DescribeCognitoUserPoolClient', | ||
onCreate: { | ||
onUpdate: { | ||
region: Stack.of(this).region, | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Is there any circumstance where the custom resources wouldn't be in the same region? Probably a dumb question on my end, but I just want to check. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @TheRealAmazonKendra That's a great question and honestly I am not entirely sure... So the User Pool and the Client always have to be in the same region. There also isn't (currently) a And then I am not sure that there's any situation where the So I guess Which, I think, means the options are to either:
Let me know which you'd prefer in this PR and if you'd like a second PR to make another change! |
||
service: 'CognitoIdentityServiceProvider', | ||
action: 'describeUserPoolClient', | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
{"version":"22.0.0"} | ||
{"version":"29.0.0"} |
Large diffs are not rendered by default.
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
{"version":"29.0.0"} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
{ | ||
"version": "29.0.0", | ||
"files": { | ||
"a268caa53756f51bda8ad5f499be4ed8484a81b314811806fbb66f874837c476": { | ||
"source": { | ||
"path": "asset.a268caa53756f51bda8ad5f499be4ed8484a81b314811806fbb66f874837c476", | ||
"packaging": "zip" | ||
}, | ||
"destinations": { | ||
"current_account-current_region": { | ||
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", | ||
"objectKey": "a268caa53756f51bda8ad5f499be4ed8484a81b314811806fbb66f874837c476.zip", | ||
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" | ||
} | ||
} | ||
}, | ||
"23470f9d0cab672bb28f93d0b4cc009f579dd49d76249b541091db889df6aaae": { | ||
"source": { | ||
"path": "integ-user-pool-client-secret.template.json", | ||
"packaging": "file" | ||
}, | ||
"destinations": { | ||
"current_account-current_region": { | ||
"bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}", | ||
"objectKey": "23470f9d0cab672bb28f93d0b4cc009f579dd49d76249b541091db889df6aaae.json", | ||
"assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}" | ||
} | ||
} | ||
} | ||
}, | ||
"dockerImages": {} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should
onCreate
be completely removed?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yep! It seems to be relatively unknown that
onCreate
defaults to the value of ononUpdate
when not specified (see@default
for https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.custom_resources.AwsCustomResource.html#oncreate).Please check me on this and confirm that the changes to integration test snapshots add
Update
but do not removeCreate
?aws-cdk/packages/@aws-cdk/custom-resources/lib/aws-custom-resource/aws-custom-resource.ts
Lines 435 to 446 in 4c62f0b
I think this is actually a common bug (specifying
onCreate
but notonUpdate
forAwsCustomResource
), even within@aws-cdk/*
.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I did not know that, thanks for the clarification!
Yep,
OnCreate
is still in the snapshots