By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Cognito User Pool custom SMS sender

0

Hello,

I'm trying to customise a particular User Pool (let's call it UserPoolA) to send text messages (eg, sms) from a particular number, instead of the default one.

Requirements:

  1. all other sms activity from our account needs to stay as is (eg, NO changing the default sms settings).

What works:
The user pool is configured properly, I can signup with a phone number and I get a text message with the verifying code. Then I can login with my phone number (and password) and go on with my day.

What I tried already:
Following https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-custom-sender-triggers.html I tried to set up a custom sender trigger, so I can then send messages from code via sns. Obviously, instead of actually sending messages I logged some stuff to stdout (console.log() for js and print() for python). This doesn't work. I do get my debug messages in CloudWatch if I call the lambda function via the Test functionality in the lambda console, but when I try to signup (via the hosted UI, remember this works with the default Cognito sender) I only get an error message "An error was encountered with the requested page." and the url is: "https://<foo>.auth.us-east-1.amazoncognito.com/error". (Obviously, I'm deleting my existing user before trying to signup again).

Question:

  1. is there a way to get logs from Cognito about when/if it tries to call my CustomSender trigger?

  2. is there a more detailed explanation about the CustomSenders than the link I posted?

Output from describe-user-pool after I add my CustomSender lambda:

"LambdaConfig": {  
    "CustomSMSSender": {  
        "LambdaVersion": "V1_0",  
        "LambdaArn": "arn:aws:lambda:us-east-1:...:function:CustomSMSSender"  
    },  
    "KMSKeyID": "arn:aws:kms:us-east-1:...:key/xxx-xxx-xxx-xxx-xxx549"  
},

Lambda policy:

{
"Version": "2012-10-17",
"Id": "default",
"Statement": [
{
"Sid": "CognitoLambdaInvokeAccess",
"Effect": "Allow",
"Principal": {
"Service": "cognito-idp.amazonaws.com"
},
"Action": "lambda:InvokeFunction",
"Resource": "arn:aws:lambda:us-east-1:...:function:CustomSMSSender"
}
]
}

Edited by: pbalau on May 6, 2021 8:53 AM

Edited by: pbalau on May 6, 2021 8:54 AM

Topics
Security, Identity, & Compliance
Tags
Amazon Cognito
Language
English
PetruB
asked 3 years ago1036 views
2 Answers
0

Are you forking kidding me?

The reason why my custom sender lambda was not triggered is that when changing the lambda config from cli the verification settings change and are set to "No Verification". ffs...

PetruB
answered 3 years ago
0

Hey PeturB,

I am too facing exact same issue and was trying to find the option "No Verification" in console but couldn't. can you please help me show where can i find this in console ?

Regards Rakesh

rePost-User-0722094
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content