Send username to aws Lambda function triggered by aws Cognito user confirm

Question

I am trying to write a Lambda function that makes a folder in an s3 bucket named after a newly confirmed cognito user. This will allow me to keep that user's access limited to their folder. I have created a Lambda function that can create a folder in s3 using a username passed through Lambda's test event object. I know cognito has a "confirmation event" trigger, and I have selected my function to run on that trigger, but I do not know how to retrieve the username from that event. Screenshot below is of my Lambda code.
my lambda function.

Let me know if I need to provide more information. I've seen stuff about possibly using amazon's API gateway but in the hour and a half or so that I've messed with API gateway I haven't come any closer to figuring out how to solve this problem.

Thanks! ~Ben

Answer 1

Good question, at documentation (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-lambda-trigger-syntax-post-confirmation.html) they say only about request.userAttributes which obviously doesn't contain username.

As I checked, whole event object for post-confirmation trigger looks like this:

{
    "version": "1",
    "region": "eu-central-1",
    "userPoolId": "eu-central-1_45YtlkflA",
    "userName": "user4",
    "callerContext": {
        "awsSdkVersion": "aws-sdk-java-console",
        "clientId": "4736lckau64in48dku3rta0eqa"
    },
    "triggerSource": "PostConfirmation_ConfirmSignUp",
    "request": {
        "userAttributes": {
            "sub": "a2c21839-f9fc-49e3-be9a-16f5823d6705",
            "cognito:user_status": "CONFIRMED",
            "email_verified": "true",
            "email": "[email protected]"
        }
    },
    "response": {}
}

So basically, just event.userName will retrieve username.

UPDATE

Recent documentation:

• User Pool Lambda Trigger Event
• Post Confirmation Lambda Trigger Parameters