I can't believe how difficult this is. Following the official docs found here (https://docs.amplify.aws/guides/functions/cognito-trigger-lambda-dynamodb/q/platform/js/#create-the-lambda-function). Also reviewed some other community builder type posts...
Set up a lambda to write to an existing dynamodb table (set up in amplify graphql schema) which does not trigger. Also the docs do not make any mention of permissions. I tried without them and also by adding permissions to the lambda execution role in the specific lambda's foo-cloudformation-template.json. Since the lambda doesn't run, there are no logs to review.
Specific steps were:
1/ set up ddb table in graphql schema
2/ added lambda with access to dynamodb resources
3/ amplify push
4/ go to cognito, add post-confirmation trigger to above lambda
5/ test and fails
6/ visit lambda, no permissions to write to ddb table (none mentioned in docs but i have had to do using other lambdas with amplify)
7/ added resource permissions to write to ddb in cloudformation-template.json
8/ amplify push
9/ verified permissions exist as does the lambda invoke function from cognito.
10/ still fails
Have used node.js 18 and 16 versions. Other lambdas in my amplify app work fine connecting to backend resources.
Please advise. Thanks.
V.
Addendum: I have self-sign up turned off and am adding users in the cognito userl pools section but I don't see how that should make a difference as the user signs in successfully.
Will give it a try and report back.
Oddly the lambda worked fine right away, Multiple attempts to get the cognito trigger to fire failed after adjusting permissions on the console multiple times. More testing...