Update Existing Cognito User Pool Group via CDK
0
Hi,
I have a Cognito User Pool with a user group. This simple configuration deploys fine the first time. Any subsequent attempts to run cdk deploy
with or without changes errors out with group already exists in stack
error. I'm using Java for my CDK
Here's the code I'm using to create the user poll + group
public void generateStack() {
// Create User Pool
UserPool userPool = Builder.create(scope, "some-id")
.accountRecovery(AccountRecovery.EMAIL_ONLY)
.autoVerify(AutoVerifiedAttrs.builder()
.email(true)
.phone(false)
.build())
.email(UserPoolEmail.withCognito(REPLY_TO_EMAIL))
.enableSmsRole(false)
.mfa(Mfa.OFF)
.passwordPolicy(PasswordPolicy.builder()
.minLength(8)
.requireDigits(true)
.requireLowercase(true)
.requireUppercase(true)
.tempPasswordValidity(Duration.days(TEMP_PWD_VALIDITY_IN_DAYS))
.build())
.removalPolicy(RemovalPolicy.RETAIN)
.selfSignUpEnabled(true)
.signInAliases(SignInAliases.builder()
.email(true)
.phone(false)
.preferredUsername(false)
.username(false)
.build())
.signInCaseSensitive(false)
.standardAttributes(StandardAttributes.builder()
.email(StandardAttribute.builder()
.mutable(false)
.required(true)
.build())
.givenName(StandardAttribute.builder()
.mutable(true)
.required(true)
.build())
.familyName(StandardAttribute.builder()
.mutable(true)
.required(true)
.build())
.phoneNumber(StandardAttribute.builder()
.mutable(true)
.required(true)
.build())
.build())
.userPoolName("some-pool-name")
.build();
Role adminRole = Role.Builder.create(scope, "role-id")
.roleName("admin-role")
.assumedBy(new AccountRootPrincipal())
.description("This is a full access admin role for Ops Team")
.maxSessionDuration(Duration.hours(12))
.managedPolicies(List.of(ManagedPolicy.fromAwsManagedPolicyName("AdministratorAccess")))
.build();
// Add admin group
new CfnUserPoolGroup(scope, "admin-users", CfnUserPoolGroupProps.builder()
.description("Admin group for the Ops team")
.groupName("admin-ops")
.precedence(0)
.roleArn(adminRole.getRoleArn())
.userPoolId(userPool.getUserPoolId())
.build());
}
Is there a way to stop CDK from trying to create a group if it already exists in the stack?
Thanks Kunal
已提問 1 年前檢視次數 100 次lg...
沒有答案
- 最新
- 最多得票
- 最多評論
相關內容
- 已提問 9 個月前lg...
- 已提問 9 個月前lg...
- 已提問 6 個月前lg...
- AWS 官方已更新 2 年前
- AWS 官方已更新 1 年前
- AWS 官方已更新 1 年前