Cognito User Pool Lambda Trigger permission


I’m using Terraform to create a Cognito User pool. I’d like to use a lambda function for sending a custom message when a user signs up. When I run attempt to sign up on the client, I get an error saying that “CustomMessage invocation failed due to error AccessDeniedException.” I’ve used Lambda Permissions before, but I can’t find any examples of this configuration. How do I give the lambda function permission? The following is my current configuration.


Based on OP’s feedback in the comment section, changing source_arn property in the aws_lambda_permission.get_blog to aws_cognito_user_pool.main.arn works.

Leave a Reply