Hi, I'm trying to setup aws cognito with Pulumi. I...
# aws
Hi, I'm trying to setup aws cognito with Pulumi. I have successfully created and configured a user pool, but I'm stuck with: 1. Defining the preTokenGeneration lambda 2. Configuring the user pool to use the preTokenGeneration lambda Is there a guide/example on doing this?
So I managed to get it going. I'm curious though, how can I type
in the
function? I'm coming from the serverless framework, where I would have used PreTokenGenerationTriggerEvent from
, but this results in a typescript error as it's not compatible with the type of
callback: main
in the lambda function definition.
Copy code
import * as aws from '@pulumi/aws'
import { HASURA_USER_ID_ATTRIBUTE_NAME, getName } from '../constants'
import { HASURA_ACCESS_TOKEN_NAMESPACE } from '../../../constants'

const functionName = getName('cognitoPreTokenGeneration')

function main(event: any) {
  const {
    [`custom:${HASURA_USER_ID_ATTRIBUTE_NAME}`]: hasuraUserId,
  } = event.request.userAttributes

  if (!hasuraUserId) {
    throw Error(message)

  event.response = {
    claimsOverrideDetails: {
      claimsToAddOrOverride: {
          'x-hasura-allowed-roles': ['user'],
          'x-hasura-default-role': 'user',
          'x-hasura-user-id': hasuraUserId,

  return event

export const preTokenGenerationLambda = new aws.lambda.CallbackFunction(
    callback: main,
    runtime: 'nodejs14.x',
    memorySize: 128,
    timeout: 25,