Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(aws-cognito): SES region validity check is out of date #17795

Closed
straygar opened this issue Dec 1, 2021 · 5 comments · Fixed by #17868
Closed

(aws-cognito): SES region validity check is out of date #17795

straygar opened this issue Dec 1, 2021 · 5 comments · Fixed by #17868
Assignees
@corymhall
Labels
@aws-cdk/aws-cognito Related to Amazon Cognito bug This issue is a bug. effort/small Small work item – less than a day of effort p1

Comments

@straygar
Copy link

straygar commented Dec 1, 2021
edited by ryparker
Loading

What is the problem?

It appears that there is a list of SES supported regions in code, and this list has become out of date.

Reproduction Steps

  1. Create a UserPool in eu-north-1 with an SES email config:
new UserPool(this, 'UserPool', {
  email: UserPoolEmail.withSES({
    fromEmail: 'test@example.com',
  }),
});
  1. Synthesize the stack

What did you expect to happen?

The template synthesizes as expected, as SES is available in eu-north-1

What actually happened?

The following error is produced:

Your stack is in eu-north-1, which is not a SES Region. Please provide a valid value for 'sesRegion'

CDK CLI Version

1.134.0

Framework Version

No response

Node.js Version

v14.18.1

OS

MacOS

Language

Typescript

Language Version

No response

Other information

Maybe we could remove this check entirely, and let it fail when deploying the CFN stack, if the SES region does not exist, to keep things more maintainable?
@straygar straygar added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Dec 1, 2021
@ryparker ryparker added effort/small Small work item – less than a day of effort p1 labels Dec 1, 2021
@ryparker ryparker changed the title (cognito): SES region validity check is out of date (aws-cognito): SES region validity check is out of date Dec 1, 2021
@ryparker ryparker added @aws-cdk/aws-cognito Related to Amazon Cognito effort/small Small work item – less than a day of effort and removed needs-triage This issue or PR still needs to be triaged. effort/small Small work item – less than a day of effort labels Dec 1, 2021
@ryparker ryparker added the needs-reproduction This issue needs reproduction. label Dec 2, 2021
@corymhall
Copy link
Contributor

@straygar SES by itself is available in eu-north-1, but the Cognito-SES integration is only available in 3 regions (us-east-1, us-west-2, and eu-west-1). See the docs here.

@corymhall corymhall added response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. and removed bug This issue is a bug. needs-reproduction This issue needs reproduction. labels Dec 2, 2021
@ebenedetti-futuring
Copy link

ebenedetti-futuring commented Dec 2, 2021
edited
Loading

@corymhall
I have the same problem. From the AWS interface I can select the eu-north-1 region and my cognito is in the eu-north-1 region. With cdk it gives me this error. If i choose another region, for example the eu-west-1, it let me do the deploy, but after i recive an error saying that i can't use the eu-west-1 region for ses with cognito in the eu-north-1.

@github-actions github-actions bot removed the response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. label Dec 2, 2021
@straygar
Copy link
Author

straygar commented Dec 6, 2021
edited
Loading

@corymhall Those docs must be outdated then. Overriding EmailConfiguration.SourceArn via escape hatches to point to SES's eu-north-1 region works fine for sending confirmation emails.

@corymhall corymhall added the bug This issue is a bug. label Dec 6, 2021
@corymhall
Copy link
Contributor

@straygar ah yeah looks like the docs are not up to date. Thanks for reporting this!

I think your suggestion is probably the way to go, just remove the check altogether and allow CloudFormation to fail if it is not configured correctly.

@corymhall corymhall mentioned this issue Dec 6, 2021
Merged
@mergify mergify bot closed this as completed in #17868 Dec 10, 2021
mergify bot pushed a commit that referenced this issue Dec 10, 2021
@corymhall
fix(cognito): remove invalid SES region check (#17868)
450f7ca 
When configuring the Cognito SES email integration we were performing a
region check to make sure you were configuring SES in one of the 3
supported regions. This was based on the Cognito documentation [here](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-email.html#user-pool-email-developer)
which is not correct. This PR removes that check allowing CloudFormation
to provide the validation. If a user provides an incorrect region the
CloudFormation deployment will fail with a descriptive error message.

fixes #17795


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
@github-actions
Copy link

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

TikiTDO pushed a commit to TikiTDO/aws-cdk that referenced this issue Feb 21, 2022
@corymhall @TikiTDO
fix(cognito): remove invalid SES region check (aws#17868)
77d7892 
When configuring the Cognito SES email integration we were performing a
region check to make sure you were configuring SES in one of the 3
supported regions. This was based on the Cognito documentation [here](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-email.html#user-pool-email-developer)
which is not correct. This PR removes that check allowing CloudFormation
to provide the validation. If a user provides an incorrect region the
CloudFormation deployment will fail with a descriptive error message.

fixes aws#17795


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@corymhall corymhall

Labels
@aws-cdk/aws-cognito Related to Amazon Cognito bug This issue is a bug. effort/small Small work item – less than a day of effort p1
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(cognito): remove invalid SES region check
4 participants
@straygar @ebenedetti-futuring @ryparker @corymhall