How to troubleshoot "GeneralServiceException"? Cognito UserPool update via CloudFormation

Question

Hi,
my CoudFormation stack update fails on the update event of a Cognito UserPool, with the output:

```
Resource handler returned message: "null" (RequestToken: e2919cf2-ccff-91b2-8c60-c1ad8a414450, HandlerErrorCode: GeneralServiceException)
```

The same stack update succeeded on my previous environments, so I'm confident my template is actually good. And there shouldn't be a change to the UserPool in the first place, the resource is not supposed to change at all.

Given the generic error message, I'm out of clues how to even investigate the problem. Any hint would be highly appreciated!

Andrii S · Answer

Hello.

Before looking elsewhere, it's always a good idea to take a closer look at the **CloudFormation event log.** Sometimes, there may be more details available in the log messages that could provide a hint about the issue.

Even if the **Cognito UserPool itself hasn't changed**, other resources that are dependent on it or related to it may have changed, causing the error. For example, if you have a Lambda trigger associated with the UserPool and Lambda has some changes, it might lead to a failure in updating the UserPool.

AWS CloudFormation provides a feature called **Drift Detection.** This allows you to detect whether the actual AWS resources have drifted from the expected configuration. You can run a drift detection on your stack and see if there's any drift detected for your Cognito UserPool or related resources.

Ensure that the **IAM Role** you're using with CloudFormation has the necessary permissions to update and manage Cognito UserPools. It's possible that permissions have changed or been reduced since your last successful update.

Best regards, Andrii

How to troubleshoot "GeneralServiceException"? Cognito UserPool update via CloudFormation

相關內容