stackoom
  简体   繁体   中英

Using AWS Lambda to delete a Cognito User

 原文  2020-12-21 15:48:36       node.js/ aws-lambda/ amazon-cognito

Question

I want to give user's the ability to delete their account in my android app. I already set up a login/sig up functionality with AWS Amplify and a AWS Cognito User Pool . But Amplify doesn't provide a "delete User" functionality, so I wanted to use a lambda function to delete a user from my cognito user pool.

The function will be called when the user clicks on "delete my account" in the app. To test the function, I use a hard coded username in the Lambda function, instead of passing one into the function. But even that doesn't work. After deploying the Lambda function, I run the function by clicking on "Test" in the console. The console then shows Execution result: succeeded but the response is null . I would either epect a Status 200 or 400 as response. And in the CloudWatch logs of the Execution I can only see my first log statement ("I was here"), the other two don't show up. And in the Cognito Console the user is still there.

This is my Lambda Code ( Node.js ):

const AWS = require('aws-sdk');

console.log("I was here");

var params = {
 UserPoolId: 'syz****f-dev', 
 Username: '5b53****138'
};
var cognitoidentityserviceprovider = new AWS.CognitoIdentityServiceProvider({
    "region": 'eu-central-1',
});

exports.handler = async (event) => {
  cognitoidentityserviceprovider.adminDeleteUser(params, function(err, data) {
    if (err) { 
      var response = {
        statusCode: 400,
        body: JSON.stringify('Didnt work!'),
      };
      console.log(err, err.stack); 
      return response;
    }
    else  {
      response = {
        statusCode: 200, 
        body: JSON.stringify('yeah!'),
      };
      console.log(data);          
      return response;
    }
  }); 
};

The user "5b53....138" is still there in my Cognito User Pool "syz....f-dev" after I test this function:

在此处输入图像描述

This is the log file that I found in Cloudwatch:

在此处输入图像描述

My Lambda Function has a role with these 3 policies and I used the IAM Policy Simulator and the action AdminDeleteUser is allowed with AmazonCognitoAuthenticatedIdentities , so this shouldn`t be the problem:

  • AmazonCognitoAuthenticatedIdentities
  • AmazonCognitoPowerUser
  • AWSLambdaBasicExecutionRole

In CloudWatch I can see that the function got invoked.

1 answers

solution1
 2 ACCPTED  2020-12-21 16:18:21

First of all, yoor user pool id is wrong, find the correct on by opening your cognito user pool: The first thing you see when opening your user pool in the console is the id:

在此处输入图像描述

It starts with your region followed by a _, in your case eu-central-1_ .

Then try using this code instead of your adminDeleteUser function. Then it should work:

try {
  const data = await cognitoidentityserviceprovider.adminDeleteUser(params).promise();
} catch (error) {
  console.log(error);
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Using AWS Cognito in a Lambda function with npm creating user using AWS cognito identity Is there a way to batch delete users from cognito pool using lambda? AWS Cognito lambda triggers twice administer user in AWS Cognito signout user aws cognito AWS DynamoDB delete Item using lambda nodejs AWS Lambda - How to use context.identity.cognitoIdentityId to get related Cognito User Pool user data? Amazon Lambda function and Cognito : Add new user in existing user pool using a lambda function AWS Cognito Migrate User Node.js Lambda Function invoked but not behaving as expected
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM