Can't deactive delete protection AWS Cognito

Question

I created a test Cognito user pool with delete protected for testing purpose. After testing, I tried deleting the userpool but got a message that I need to deactive protection. I tried deactivating protection, to no avail. Instead I received this message:

```
Failed to deactivate deletion protection
requestId: 02209a5a-4667-4175-98cf-282cdebf772b
time: Thu Jan 26 2023 03:27:37 GMT-0500 (Eastern Standard Time)
code: InvalidParameterException
message: Invalid FROM email address ARN
```

The SES that provided the email address ARN has already been deleted. Is there a way I can force clean this userpool? 
Thanks in advance.

Blessed

Answer

Hi, when you deactivate delete protection in the user pool, the UpdateUserPool [1] API is used with all the current settings of the user pool set as parameters to the API. Hence, the current SES settings will be used again to update the user pool but this will fail because the SES ARN is no longer exists.

To resolve the issue, reset your SES settings to use Cognito Default to send emails [2] using the console or UpdateUserPool API. Then you should be able to successfully deactivate deletion protection.

I hope this helps.

------
[1] UpdateUserPool - https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html
[2] Customizing your email address - https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-email-address-customization.html

Answer

Thanks for the help, I was able to delete the Userpool, have a good one.

Can't deactive delete protection AWS Cognito

Relevant content