I want to create a userPool for every enterprise within a multi-tenant web solution. Here's what I have:
const AWS = require('aws-sdk');
const uuid = require('uuid');
const cognitoIdentityServiceProvider = new AWS.CognitoIdentityServiceProvider();
params: {
PoolName: uuid.v4();
...
SmsConfiguration: {
ExternalId: 'some Id',
SnsCallerArn: 'some arn:aws:iam'
}
...
My attempts to apply what I think is the correct policy to an existing role attached to my lambda causes the iam:PassRole exception to occur. How then and where am I supposed to create the proper ExternalId and SnsCallerArn? Thanks.