diff --git a/packages/@aws-cdk/aws-cognito/lib/user-pool-domain.ts b/packages/@aws-cdk/aws-cognito/lib/user-pool-domain.ts index 3566acf7c7aee..b910cc24a41f0 100644 --- a/packages/@aws-cdk/aws-cognito/lib/user-pool-domain.ts +++ b/packages/@aws-cdk/aws-cognito/lib/user-pool-domain.ts @@ -83,6 +83,8 @@ export class UserPoolDomain extends Resource implements IUserPoolDomain { public readonly domainName: string; private isCognitoDomain: boolean; + private cloudFrontCustomResource?: AwsCustomResource; + constructor(scope: Construct, id: string, props: UserPoolDomainProps) { super(scope, id); @@ -113,25 +115,27 @@ export class UserPoolDomain extends Resource implements IUserPoolDomain { * The domain name of the CloudFront distribution associated with the user pool domain. */ public get cloudFrontDomainName(): string { - const sdkCall: AwsSdkCall = { - service: 'CognitoIdentityServiceProvider', - action: 'describeUserPoolDomain', - parameters: { - Domain: this.domainName, - }, - physicalResourceId: PhysicalResourceId.of(this.domainName), - }; - const customResource = new AwsCustomResource(this, 'CloudFrontDomainName', { - resourceType: 'Custom::UserPoolCloudFrontDomainName', - onCreate: sdkCall, - onUpdate: sdkCall, - policy: AwsCustomResourcePolicy.fromSdkCalls({ - // DescribeUserPoolDomain only supports access level '*' - // https://docs.aws.amazon.com/IAM/latest/UserGuide/list_amazoncognitouserpools.html#amazoncognitouserpools-actions-as-permissions - resources: [ '*' ], - }), - }); - return customResource.getResponseField('DomainDescription.CloudFrontDistribution'); + if (!this.cloudFrontCustomResource) { + const sdkCall: AwsSdkCall = { + service: 'CognitoIdentityServiceProvider', + action: 'describeUserPoolDomain', + parameters: { + Domain: this.domainName, + }, + physicalResourceId: PhysicalResourceId.of(this.domainName), + }; + this.cloudFrontCustomResource = new AwsCustomResource(this, 'CloudFrontDomainName', { + resourceType: 'Custom::UserPoolCloudFrontDomainName', + onCreate: sdkCall, + onUpdate: sdkCall, + policy: AwsCustomResourcePolicy.fromSdkCalls({ + // DescribeUserPoolDomain only supports access level '*' + // https://docs.aws.amazon.com/IAM/latest/UserGuide/list_amazoncognitouserpools.html#amazoncognitouserpools-actions-as-permissions + resources: [ '*' ], + }), + }); + } + return this.cloudFrontCustomResource.getResponseField('DomainDescription.CloudFrontDistribution'); } /** diff --git a/packages/@aws-cdk/aws-cognito/test/user-pool-domain.test.ts b/packages/@aws-cdk/aws-cognito/test/user-pool-domain.test.ts index 41407985c8ed1..cb281e11f369a 100644 --- a/packages/@aws-cdk/aws-cognito/test/user-pool-domain.test.ts +++ b/packages/@aws-cdk/aws-cognito/test/user-pool-domain.test.ts @@ -103,7 +103,7 @@ describe('User Pool Client', () => { })).not.toThrow(); }); - test('custom resource is added when cloudFrontDistribution method is called', () => { + test('custom resource is added when cloudFrontDomainName property is used', () => { // GIVEN const stack = new Stack(); const pool = new UserPool(stack, 'Pool'); @@ -137,6 +137,21 @@ describe('User Pool Client', () => { }); }); + test('cloudFrontDomainName property can be called multiple times', () => { + const stack = new Stack(); + const pool = new UserPool(stack, 'Pool'); + const domain = pool.addDomain('Domain', { + cognitoDomain: { + domainPrefix: 'cognito-domain-prefix', + }, + }); + + const cfDomainNameFirst = domain.cloudFrontDomainName; + const cfDomainNameSecond = domain.cloudFrontDomainName; + + expect(cfDomainNameSecond).toEqual(cfDomainNameFirst); + }); + describe('signInUrl', () => { test('returns the expected URL', () => { // GIVEN