User Migration to Cognito using Lambda trigger in python

Question

I've created a Lambda function in Python to migrate users from RDS to AWS Cognito. The problem I am facing is the return type for my function in order for Cognito to create the user. At first I was returning JSON:

return {
        "response": {
            "userAttributes": {
                "email": event["userName"],
            },
            "finalUserStatus": "CONFIRMED",
            "messageAction": "SUPPRESS",
            "desiredDeliveryMediums": "EMAIL",
            "forceAliasCreation": "false"
        }
    }

Which resulted in an exception:

I also tried to follow the only code Sample (Page 109) they presented about migrating users via Lambda:

exports.handler = function (event, context) {
if (event.triggerSource == "UserMigration_Authentication") {
    // authenticate the user with your existing user directory service
    var user = authenticateUser(event.userName, event.request.password);
    if (user) {
        event.response.userAttributes = {
            "email": user.emailAddress,
            "email_verified": "true"
        };
        event.response.finalUserStatus = "CONFIRMED";
        event.response.messageAction = "SUPPRESS";
        context.succeed(event);
    } else {
        context.fail("Bad password");
    }
} else if (event.triggerSource == "UserMigration_ForgotPassword") {
    // Lookup the user in your existing user directory service
    var user = lookupUser(event.userName);
    if (user) {
        event.response.userAttributes = {
            "email": user.emailAddress,

            // required to enable password-reset code to be sent to user
            "email_verified": "true"
        };
        event.response.messageAction = "SUPPRESS";
        context.succeed(event);
    } else {
        context.fail("Bad password");
    }
} else {
    context.fail("Bad triggerSource " + event.triggerSource);
}
};

In this example, I assumed that I should be returning the "event" object after adding new values to it, here's my Python code below:

event["response"] = {
            "userAttributes": {
                "email": event["userName"],
                "email_verified": "true"
            },
            "finalUserStatus": "CONFIRMED",
            "messageAction": "SUPPRESS",
            "desiredDeliveryMediums": "EMAIL",
            "forceAliasCreation": "false"
        }

    return event

But that also didn't work and raised the same exception. What is the correct return type to create a new user in Cognito?

Answer 1

The issue was in the event object, here's what I've changed to get this to work: removed the line

"desiredDeliveryMediums": "EMAIL",

because that's conflic with the parameter - "messageAction": "SUPPRESS".

Also

"forceAliasCreation": "false" 

is not necessary, as false is the default value. There should also be a test to check if username/email don't already exist in the user pool.

I tested with following code in my User Pool, it works.

def lambda_handler(event, context):
    ## print("migrateUserLambda Python")

    event["response"] = {
            "userAttributes": {
                "email": event["userName"],
                "email_verified": "true"
            },
            "finalUserStatus": "CONFIRMED",
            "messageAction": "SUPPRESS"
        }

    return event