create route53 ARecord for a user pool domain #6787
Assignees
Labels
@aws-cdk/aws-cognito
Related to Amazon Cognito
effort/medium
Medium work item – several days of effort
feature-request
A feature should be added or improved.
needs-cfn
This issue is waiting on changes to CloudFormation before it can be addressed.
Comments
SomayaB
added
guidance
|
I actually hit (and solved) this issue yesterday! Posted my code snippet at the following (copied below for reference):
Basically makes use of
I also found I had to hack around the const cdk = require('@aws-cdk/core')
const cognito = require('@aws-cdk/aws-cognito')
const cr = require('@aws-cdk/custom-resources')
const route53 = require('@aws-cdk/aws-route53')
/**
* Configures the UserPool domain used for authentication.
*
* @see https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-cognito.CfnUserPoolDomain.html
* @see https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpooldomain.html
* @see https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-assign-domain.html
*/
const userPoolDomain = new cognito.CfnUserPoolDomain(
this,
'UserPoolDomain',
{
userPoolId: userPool.userPoolId,
domain: authDomain,
customDomainConfig: {
certificateArn,
},
}
)
userPoolDomain.node.addDependency(userPool)
new cdk.CfnOutput(this, 'UserPoolDomainValue', {
value: userPoolDomain.domain,
})
// https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/CognitoIdentityServiceProvider.html#describeUserPoolDomain-property
const describeCognitoUserPoolDomain = new cr.AwsCustomResource(
this,
'DescribeCognitoUserPoolDomain',
{
resourceType: 'Custom::DescribeCognitoUserPoolDomain',
onCreate: {
region: 'us-east-1',
service: 'CognitoIdentityServiceProvider',
action: 'describeUserPoolDomain',
parameters: {
Domain: userPoolDomain.domain,
},
physicalResourceId: cr.PhysicalResourceId.of(userPoolDomain.domain),
},
// TODO: can we restrict this policy more? Get the ARN for the user pool domain? Or the user pool maybe?
policy: cr.AwsCustomResourcePolicy.fromSdkCalls({
resources: cr.AwsCustomResourcePolicy.ANY_RESOURCE,
}),
}
)
describeCognitoUserPoolDomain.node.addDependency(userPoolDomain)
const userPoolDomainDistribution = describeCognitoUserPoolDomain.getResponseField(
'DomainDescription.CloudFrontDistribution'
)
new cdk.CfnOutput(this, 'UserPoolDomainDistribution', {
value: userPoolDomainDistribution,
})
// Route53 alias record for the UserPoolDomain CloudFront distribution
new route53.ARecord(this, 'UserPoolDomainAliasRecord', {
recordName: userPoolDomain.domain,
target: route53.RecordTarget.fromAlias({
bind: _record => ({
hostedZoneId: 'Z2FDTNDATAQYW2', // CloudFront Zone ID
dnsName: userPoolDomainDistribution,
}),
}),
zone,
})Hope it helps! |
|
@0xdevalias Thanks... Hopefully, they can just add a property and we can delete out all of that! |
|
I expect they will, there’s a lot of active work on improving Cognito constructs/functionality in CDK at the moment! |
|
Thanks for the code snippet @0xdevalias. I'm marking this issue as a feature request. |
nija-at
changed the title
nija-at
added
feature-request
Closed
mergify bot
pushed a commit
that referenced
this issue
Apr 22, 2020
Support for user pool domains in the Cognito module. Domains can be explicitly configured for either custom domain or Cognito hosted prefix domains. Added 'cloudFrontDomainName' property that gets the CloudFront domain name by calling `DescribeUserPoolDomain` API via a custom resource. closes #6787.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I'm using CfnUserPoolDomain to create a custom domain for my cognito auth.
How can I access the CloudfrontDistribution - it doesn't seem to be a property? I need this so I can create the CNAME.
If I use
describe-user-pool-domainwith the cli, I can see the value, but I haven't been able to find this anywhere in the CDK.The text was updated successfully, but these errors were encountered: