diff --git a/samtranslator/model/eventsources/push.py b/samtranslator/model/eventsources/push.py index 73b1df299d..8f0f1b804e 100644 --- a/samtranslator/model/eventsources/push.py +++ b/samtranslator/model/eventsources/push.py @@ -947,7 +947,7 @@ class Cognito(PushEventSource): property_types = { "UserPool": PropertyType(True, is_str()), - "Trigger": PropertyType(True, one_of(is_str(), list_of(is_str()))), + "Trigger": PropertyType(True, one_of(is_str(), list_of(is_str())), False), } def resources_to_link(self, resources): diff --git a/tests/translator/input/cognito_userpool_with_event.yaml b/tests/translator/input/cognito_userpool_with_event.yaml index 97cf8a5977..bfdd1401a2 100644 --- a/tests/translator/input/cognito_userpool_with_event.yaml +++ b/tests/translator/input/cognito_userpool_with_event.yaml @@ -2,8 +2,16 @@ Resources: UserPool: Type: AWS::Cognito::UserPool Properties: - LambdaConfig: - PreAuthentication: "Test" + UserPoolName: UserPoolName + Policies: + PasswordPolicy: + MinimumLength: 8 + UsernameAttributes: + - email + Schema: + - AttributeDataType: String + Name: email + Required: false ImplicitApiFunction: Type: AWS::Serverless::Function Properties: @@ -14,12 +22,12 @@ Resources: OneTrigger: Type: Cognito Properties: - UserPool: + UserPool: Ref: UserPool Trigger: PreSignUp TwoTrigger: Type: Cognito Properties: - UserPool: + UserPool: Ref: UserPool - Trigger: [Test1, Test2] \ No newline at end of file + Trigger: [PostConfirmation, VerifyAuthChallengeResponse] diff --git a/tests/translator/input/error_cognito_trigger_invalid_type.yaml b/tests/translator/input/error_cognito_trigger_invalid_type.yaml new file mode 100644 index 0000000000..0f1fb9d24a --- /dev/null +++ b/tests/translator/input/error_cognito_trigger_invalid_type.yaml @@ -0,0 +1,28 @@ +Resources: + UserPool: + Type: AWS::Cognito::UserPool + Properties: + UserPoolName: UserPoolName + Policies: + PasswordPolicy: + MinimumLength: 8 + UsernameAttributes: + - email + Schema: + - AttributeDataType: String + Name: email + Required: false + ImplicitApiFunction: + Type: AWS::Serverless::Function + Properties: + InlineCode: | + exports.handler = async () => ‘Hello World!' + Handler: index.handler + Runtime: nodejs12.x + Events: + OneTrigger: + Type: Cognito + Properties: + UserPool: + Ref: UserPool + Trigger: !Join [ "", [ "Pre", "Sign", "Up"] ] diff --git a/tests/translator/output/aws-cn/cognito_userpool_with_event.json b/tests/translator/output/aws-cn/cognito_userpool_with_event.json index 973838a752..9a9faea039 100644 --- a/tests/translator/output/aws-cn/cognito_userpool_with_event.json +++ b/tests/translator/output/aws-cn/cognito_userpool_with_event.json @@ -6,44 +6,60 @@ "LambdaConfig": { "PreSignUp": { "Fn::GetAtt": [ - "ImplicitApiFunction", "Arn" + "ImplicitApiFunction", + "Arn" ] }, - "PreAuthentication": "Test", - "Test1": { + "PostConfirmation": { "Fn::GetAtt": [ "ImplicitApiFunction", "Arn" ] }, - "Test2": { + "VerifyAuthChallengeResponse": { "Fn::GetAtt": [ "ImplicitApiFunction", "Arn" ] } - } + }, + "Policies": { + "PasswordPolicy": { + "MinimumLength": 8 + } + }, + "Schema": [ + { + "AttributeDataType": "String", + "Name": "email", + "Required": false + } + ], + "UsernameAttributes": [ + "email" + ], + "UserPoolName": "UserPoolName" } }, "ImplicitApiFunction": { "Type": "AWS::Lambda::Function", "Properties": { - "Handler": "index.gethtml", "Code": { - "S3Bucket": "sam-demo-bucket", + "S3Bucket": "sam-demo-bucket", "S3Key": "member_portal.zip" - }, + }, + "Handler": "index.gethtml", "Role": { "Fn::GetAtt": [ - "ImplicitApiFunctionRole", + "ImplicitApiFunctionRole", "Arn" ] - }, + }, "Runtime": "nodejs12.x", "Tags": [ { - "Value": "SAM", - "Key": "lambda:createdBy" + "Key": "lambda:createdBy", + "Value": "SAM" } ] } @@ -51,15 +67,6 @@ "ImplicitApiFunctionRole": { "Type": "AWS::IAM::Role", "Properties": { - "ManagedPolicyArns": [ - "arn:aws-cn:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" - ], - "Tags": [ - { - "Value": "SAM", - "Key": "lambda:createdBy" - } - ], "AssumeRolePolicyDocument": { "Version": "2012-10-17", "Statement": [ @@ -75,9 +82,18 @@ } } ] - } + }, + "ManagedPolicyArns": [ + "arn:aws-cn:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ], + "Tags": [ + { + "Key": "lambda:createdBy", + "Value": "SAM" + } + ] } - }, + }, "ImplicitApiFunctionCognitoPermission": { "Type": "AWS::Lambda::Permission", "Properties": { @@ -85,14 +101,14 @@ "FunctionName": { "Ref": "ImplicitApiFunction" }, + "Principal": "cognito-idp.amazonaws.com", "SourceArn": { "Fn::GetAtt": [ "UserPool", "Arn" ] - }, - "Principal": "cognito-idp.amazonaws.com" + } } } } -} +} \ No newline at end of file diff --git a/tests/translator/output/aws-us-gov/cognito_userpool_with_event.json b/tests/translator/output/aws-us-gov/cognito_userpool_with_event.json index 82a1838302..235b0084d1 100644 --- a/tests/translator/output/aws-us-gov/cognito_userpool_with_event.json +++ b/tests/translator/output/aws-us-gov/cognito_userpool_with_event.json @@ -6,44 +6,60 @@ "LambdaConfig": { "PreSignUp": { "Fn::GetAtt": [ - "ImplicitApiFunction", "Arn" + "ImplicitApiFunction", + "Arn" ] }, - "PreAuthentication": "Test", - "Test1": { + "PostConfirmation": { "Fn::GetAtt": [ "ImplicitApiFunction", "Arn" ] }, - "Test2": { + "VerifyAuthChallengeResponse": { "Fn::GetAtt": [ "ImplicitApiFunction", "Arn" ] } - } + }, + "Policies": { + "PasswordPolicy": { + "MinimumLength": 8 + } + }, + "Schema": [ + { + "AttributeDataType": "String", + "Name": "email", + "Required": false + } + ], + "UsernameAttributes": [ + "email" + ], + "UserPoolName": "UserPoolName" } }, "ImplicitApiFunction": { - "Type": "AWS::Lambda::Function", + "Type": "AWS::Lambda::Function", "Properties": { - "Handler": "index.gethtml", "Code": { - "S3Bucket": "sam-demo-bucket", + "S3Bucket": "sam-demo-bucket", "S3Key": "member_portal.zip" - }, + }, + "Handler": "index.gethtml", "Role": { "Fn::GetAtt": [ - "ImplicitApiFunctionRole", + "ImplicitApiFunctionRole", "Arn" ] - }, + }, "Runtime": "nodejs12.x", "Tags": [ { - "Value": "SAM", - "Key": "lambda:createdBy" + "Key": "lambda:createdBy", + "Value": "SAM" } ] } @@ -51,15 +67,6 @@ "ImplicitApiFunctionRole": { "Type": "AWS::IAM::Role", "Properties": { - "ManagedPolicyArns": [ - "arn:aws-us-gov:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" - ], - "Tags": [ - { - "Value": "SAM", - "Key": "lambda:createdBy" - } - ], "AssumeRolePolicyDocument": { "Version": "2012-10-17", "Statement": [ @@ -75,9 +82,18 @@ } } ] - } + }, + "ManagedPolicyArns": [ + "arn:aws-us-gov:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ], + "Tags": [ + { + "Key": "lambda:createdBy", + "Value": "SAM" + } + ] } - }, + }, "ImplicitApiFunctionCognitoPermission": { "Type": "AWS::Lambda::Permission", "Properties": { @@ -85,14 +101,14 @@ "FunctionName": { "Ref": "ImplicitApiFunction" }, + "Principal": "cognito-idp.amazonaws.com", "SourceArn": { "Fn::GetAtt": [ "UserPool", "Arn" ] - }, - "Principal": "cognito-idp.amazonaws.com" + } } } } -} +} \ No newline at end of file diff --git a/tests/translator/output/cognito_userpool_with_event.json b/tests/translator/output/cognito_userpool_with_event.json index 277f38c37e..956742b7f2 100644 --- a/tests/translator/output/cognito_userpool_with_event.json +++ b/tests/translator/output/cognito_userpool_with_event.json @@ -6,44 +6,60 @@ "LambdaConfig": { "PreSignUp": { "Fn::GetAtt": [ - "ImplicitApiFunction", "Arn" + "ImplicitApiFunction", + "Arn" ] }, - "PreAuthentication": "Test", - "Test1": { + "PostConfirmation": { "Fn::GetAtt": [ "ImplicitApiFunction", "Arn" ] }, - "Test2": { + "VerifyAuthChallengeResponse": { "Fn::GetAtt": [ "ImplicitApiFunction", "Arn" ] - } - } + } + }, + "Policies": { + "PasswordPolicy": { + "MinimumLength": 8 + } + }, + "Schema": [ + { + "AttributeDataType": "String", + "Name": "email", + "Required": false + } + ], + "UsernameAttributes": [ + "email" + ], + "UserPoolName": "UserPoolName" } }, "ImplicitApiFunction": { - "Type": "AWS::Lambda::Function", + "Type": "AWS::Lambda::Function", "Properties": { - "Handler": "index.gethtml", "Code": { - "S3Bucket": "sam-demo-bucket", + "S3Bucket": "sam-demo-bucket", "S3Key": "member_portal.zip" - }, + }, + "Handler": "index.gethtml", "Role": { "Fn::GetAtt": [ - "ImplicitApiFunctionRole", + "ImplicitApiFunctionRole", "Arn" ] - }, + }, "Runtime": "nodejs12.x", "Tags": [ { - "Value": "SAM", - "Key": "lambda:createdBy" + "Key": "lambda:createdBy", + "Value": "SAM" } ] } @@ -51,15 +67,6 @@ "ImplicitApiFunctionRole": { "Type": "AWS::IAM::Role", "Properties": { - "ManagedPolicyArns": [ - "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" - ], - "Tags": [ - { - "Value": "SAM", - "Key": "lambda:createdBy" - } - ], "AssumeRolePolicyDocument": { "Version": "2012-10-17", "Statement": [ @@ -75,9 +82,18 @@ } } ] - } + }, + "ManagedPolicyArns": [ + "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" + ], + "Tags": [ + { + "Key": "lambda:createdBy", + "Value": "SAM" + } + ] } - }, + }, "ImplicitApiFunctionCognitoPermission": { "Type": "AWS::Lambda::Permission", "Properties": { @@ -85,14 +101,14 @@ "FunctionName": { "Ref": "ImplicitApiFunction" }, + "Principal": "cognito-idp.amazonaws.com", "SourceArn": { "Fn::GetAtt": [ "UserPool", "Arn" ] - }, - "Principal": "cognito-idp.amazonaws.com" + } } } } -} +} \ No newline at end of file diff --git a/tests/translator/output/error_cognito_trigger_invalid_type.json b/tests/translator/output/error_cognito_trigger_invalid_type.json new file mode 100644 index 0000000000..1a9bbdd385 --- /dev/null +++ b/tests/translator/output/error_cognito_trigger_invalid_type.json @@ -0,0 +1,8 @@ +{ + "errors": [ + { + "errorMessage": "Resource with id [ImplicitApiFunctionOneTrigger] is invalid. Type of property 'Trigger' is invalid." + } + ], + "errorMessage": "Invalid Serverless Application Specification document. Number of errors found: 1. Resource with id [ImplicitApiFunctionOneTrigger] is invalid. Type of property 'Trigger' is invalid." +} diff --git a/tests/translator/test_translator.py b/tests/translator/test_translator.py index e22bff999d..25164234e0 100644 --- a/tests/translator/test_translator.py +++ b/tests/translator/test_translator.py @@ -664,6 +664,7 @@ def test_transform_success_no_side_effect(self, testcase, partition_with_region) "error_state_machine_with_cwe_invalid_dlq_type", "error_state_machine_with_cwe_both_dlq_property_provided", "error_state_machine_with_cwe_missing_dlq_property", + "error_cognito_trigger_invalid_type", "error_cognito_userpool_duplicate_trigger", "error_cognito_userpool_not_string", "error_api_duplicate_methods_same_path",