Retain existing Cognito User Pool config

lib/plugins/aws/customResources/resources/cognitoUserPool/lib/userPool.js

@@ -2,6 +2,29 @@
 
 const CognitoIdentityServiceProvider = require('aws-sdk/clients/cognitoidentityserviceprovider');
 
+function getUpdateConfigFromCurrentSetup(currentSetup) {
+  const updatedConfig = Object.assign({}, currentSetup);
+  delete updatedConfig.Id;
+  delete updatedConfig.Name;
+  delete updatedConfig.Status;
+  delete updatedConfig.LastModifiedDate;
+  delete updatedConfig.CreationDate;
+  delete updatedConfig.SchemaAttributes;
+  delete updatedConfig.AliasAttributes;
+  delete updatedConfig.UsernameAttributes;
+  delete updatedConfig.EstimatedNumberOfUsers;
+  delete updatedConfig.SmsConfigurationFailure;
+  delete updatedConfig.EmailConfigurationFailure;
+  delete updatedConfig.Domain;
+  delete updatedConfig.CustomDomain;
+  delete updatedConfig.Arn;
+  // necessary reassignments
+  updatedConfig.Policies.PasswordPolicy.TemporaryPasswordValidityDays =
+    updatedConfig.AdminCreateUserConfig.UnusedAccountValidityDays;
+  delete updatedConfig.AdminCreateUserConfig.UnusedAccountValidityDays;
+  return updatedConfig;
+}
+
 function findUserPoolByName(config) {
   const { userPoolName, region } = config;
   const cognito = new CognitoIdentityServiceProvider({ region });
@@ -58,7 +81,13 @@ function updateConfiguration(config) {
       LambdaConfig[poolConfig.Trigger] = lambdaArn;
     });
 
-    return cognito.updateUserPool({ UserPoolId, LambdaConfig }).promise();
+    const updatedConfig = getUpdateConfigFromCurrentSetup(res.UserPool);
+    Object.assign(updatedConfig, {
+      UserPoolId,
+      LambdaConfig,
+    });
+
+    return cognito.updateUserPool(updatedConfig).promise();
   });
 }
 
@@ -75,7 +104,13 @@ function removeConfiguration(config) {
       return accum;
     }, LambdaConfig);
 
-    return cognito.updateUserPool({ UserPoolId, LambdaConfig }).promise();
+    const updatedConfig = getUpdateConfigFromCurrentSetup(res.UserPool);
+    Object.assign(updatedConfig, {
+      UserPoolId,
+      LambdaConfig,
+    });
+
+    return cognito.updateUserPool(updatedConfig).promise();
   });
 }
 

tests/integration-all/cognito-user-pool/tests.js

@@ -9,6 +9,7 @@ const {
   createUserPool,
   deleteUserPool,
   findUserPoolByName,
+  describeUserPool,
   createUser,
   createUserPoolClient,
   setUserPassword,
@@ -29,6 +30,7 @@ describe('AWS - Cognito User Pool Integration Test', () => {
   let poolBasicSetup;
   let poolExistingSimpleSetup;
   let poolExistingMultiSetup;
+  let poolExistingSimpleSetupConfig;
   const stage = 'dev';
 
   beforeAll(() => {
@@ -52,10 +54,15 @@ describe('AWS - Cognito User Pool Integration Test', () => {
     serviceName = serverlessConfig.service;
     stackName = `${serviceName}-${stage}`;
     // create external Cognito User Pools
+    // the simple pool setup has some additional configuration when we set it up
+    poolExistingSimpleSetupConfig = {
+      EmailVerificationMessage: 'email{####}message',
+      EmailVerificationSubject: 'email{####}subject',
+    };
     // NOTE: deployment can only be done once the Cognito User Pools are created
     console.info('Creating Cognito User Pools');
     return BbPromise.all([
-      createUserPool(poolExistingSimpleSetup),
+      createUserPool(poolExistingSimpleSetup, poolExistingSimpleSetupConfig),
       createUserPool(poolExistingMultiSetup),
     ]).then(() => {
       console.info(`Deploying "${stackName}" service...`);
@@ -112,6 +119,19 @@ describe('AWS - Cognito User Pool Integration Test', () => {
             expect(logs).to.include('"triggerSource":"PreSignUp_AdminCreateUser"');
           });
       });
+
+      it('should not overwrite existing User Pool configurations', () => {
+        return findUserPoolByName(poolExistingSimpleSetup).then(pool => {
+          return describeUserPool(pool.Id).then(config => {
+            expect(config.UserPool.EmailVerificationMessage).to.equal(
+              poolExistingSimpleSetupConfig.EmailVerificationMessage
+            );
+            expect(config.UserPool.EmailVerificationSubject).to.equal(
+              poolExistingSimpleSetupConfig.EmailVerificationSubject
+            );
+          });
+        });
+      });
     });
 
     describe('single function / multi pool setup', () => {

tests/utils/cognito/index.js

@@ -3,10 +3,11 @@
 const AWS = require('aws-sdk');
 const { region, persistentRequest } = require('../misc');
 
-function createUserPool(name) {
+function createUserPool(name, config = {}) {
   const cognito = new AWS.CognitoIdentityServiceProvider({ region });
 
-  return cognito.createUserPool({ PoolName: name }).promise();
+  const params = Object.assign({}, { PoolName: name }, config);
+  return cognito.createUserPool(params).promise();
 }
 
 function createUserPoolClient(name, userPoolId) {
@@ -53,6 +54,12 @@ function findUserPoolByName(name) {
   return recursiveFind();
 }
 
+function describeUserPool(userPoolId) {
+  const cognito = new AWS.CognitoIdentityServiceProvider({ region });
+
+  return cognito.describeUserPool({ UserPoolId: userPoolId }).promise();
+}
+
 function createUser(userPoolId, username, password) {
   const cognito = new AWS.CognitoIdentityServiceProvider({ region });
 
@@ -94,6 +101,7 @@ module.exports = {
   createUserPool: persistentRequest.bind(this, createUserPool),
   deleteUserPool: persistentRequest.bind(this, deleteUserPool),
   findUserPoolByName: persistentRequest.bind(this, findUserPoolByName),
+  describeUserPool: persistentRequest.bind(this, describeUserPool),
   createUserPoolClient: persistentRequest.bind(this, createUserPoolClient),
   createUser: persistentRequest.bind(this, createUser),
   setUserPassword: persistentRequest.bind(this, setUserPassword),