1

I have set up a custom email sender function that currently just decrypts the code (if present) and logs the event.

I can see in the logs that the lambda is correctly triggered for the other trigger source types such as CustomEmailSender_AdminCreateUser when I run the aws cognito-idp admin-create-user CLI command, and the CustomEmailSender_ForgotPassword when I submit the Forgot Password form on the Hosted UI. However, I do not see any logs when user attributes are updated. I've tested with both the admin-update-user-attributes and the update-user-attributes commands, as well as in the AWS console.

When is the email with the CustomEmailSender_UpdateUserAttribute trigger source sent? Is there a configuration on my user pool or client that I am missing?

wwags33
  • 13
  • 3

1 Answers1

1

According to Cognito documentation on Custom message Lambda trigger sources:

CustomMessage_UpdateUserAttribute | Custom message – When a user's email or phone number is changed, this trigger sends a verification code automatically to the user. Cannot be used for other attributes.

So it only triggers with changes to the email or phone number fields, in order to verify them.

ammendonca
  • 541
  • 4
  • 7
  • Thanks! I had skipped that doc page and jumped straight to the custom sender ones, but I'm glad you pointed it out since it clears up a lot my uncertainty on all those triggering events. – wwags33 Jun 21 '22 at 23:16
  • Seem like I'm late for the party but I see that the documentation is not matched the implementation from AWS Cognito. When I update the email/phone via UpdateUserAttribute API that should trigger the CustomEmailSender_UpdateUserAttribute but it always trigger CustomEmailSender_VerifyUserAttribute (check on CloudWatch). Do you get this issue? @wwags33 – K9.dev Sep 28 '22 at 09:11
  • @K9.dev I am seeing the _UpdateUserAttribute triggerSource in my env. You may need to have [AttributesRequireVerificationBeforeUpdate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-userattributeupdatesettings.html#cfn-cognito-userpool-userattributeupdatesettings-attributesrequireverificationbeforeupdate) enabled. – wwags33 Sep 29 '22 at 20:55