amplify-flutter icon indicating copy to clipboard operation
amplify-flutter copied to clipboard
verified publisher icon aws-amplify

Missing AdminLinkProviderForUser in auth actions mapping

Open malaquf opened this issue 11 months ago • 3 comments

Description

Hello! I was trying to link existing social accounts with same email and I am currently stuck trying to add AdminLinkProviderForUser permission to the lambda role. No action seem to map it (see this list), and trying to link it manually cause a circular dependency.

Thanks for handling it.

Categories

  • [ ] Analytics
  • [ ] API (REST)
  • [ ] API (GraphQL)
  • [X] Auth
  • [ ] Authenticator
  • [ ] DataStore
  • [ ] Notifications (Push)
  • [ ] Storage

Steps to Reproduce

e.g.:

export const preSignUp = defineFunction({
  name: "pre-sign-up",
  resourceGroupName: 'auth',
});
...
export const auth = defineAuth({
...
  triggers: {
    preSignUp
  },
  access: (allow) => [
    allow.resource(preSignUp).to([
      'listUsers',
      'manageUsers'
    ])
  ],
});
...

const backend = defineBackend({
  auth,
  data,
  preSignUp
});

const authArn = backend.auth.resources.userPool.userPoolArn;
backend.preSignUp.resources.lambda.addToRolePolicy(
  new iam.PolicyStatement({
    sid: 'AllowCognitoOperations',
    effect: Effect.ALLOW,
  actions: [
    'cognito-idp:ListUsers',
    'cognito-idp:AdminLinkProviderForUser',
    'cognito-idp:ListIdentityProviders',
  ],
  resources: [authArn],
}));

Screenshots

No response

Platforms

  • [ ] iOS
  • [ ] Android
  • [ ] Web
  • [ ] macOS
  • [ ] Windows
  • [ ] Linux

Flutter Version

3.27.1

Amplify Flutter Version

2.5.0

Deployment Method

Amplify Gen 2

Schema

No response

malaquf avatar Dec 27 '24 04:12 malaquf

Hi @malaquf, I see the problem you are facing and I'm sorry you are getting this issue, let me investigate this and get back to you with an update.

ekjotmultani avatar Dec 27 '24 20:12 ekjotmultani

@ekjotmultani any updates? I'm running into the same issue. The quickest solution, IMO, would be to map AdminLinkProviderForUser to one of the existing list of actions, or create a new action for this 1 permission.

(thanks to @malaquf for the detailed explanation, it saved me some time getting to the same conclusion ;)

keithrz avatar Mar 11 '25 20:03 keithrz

Hello @keithrz, thanks for pinging this feature request as we cannot implement the feature via the Amplify Flutter project. We are transferring this feature request over to the Amplify CLI team.

tyllark avatar Mar 20 '25 22:03 tyllark