Missing AdminLinkProviderForUser in auth actions mapping

[malaquf]

Description

Hello!
I was trying to link existing social accounts with same email and I am currently stuck trying to add AdminLinkProviderForUser permission to the lambda role.
No action seem to map it (see this list), and trying to link it manually cause a circular dependency.

Thanks for handling it.

Categories

• Analytics
• API (REST)
• API (GraphQL)
• Auth
• Authenticator
• DataStore
• Notifications (Push)
• Storage

Steps to Reproduce

e.g.:

export const preSignUp = defineFunction({
  name: "pre-sign-up",
  resourceGroupName: 'auth',
});
...
export const auth = defineAuth({
...
  triggers: {
    preSignUp
  },
  access: (allow) => [
    allow.resource(preSignUp).to([
      'listUsers',
      'manageUsers'
    ])
  ],
});
...

const backend = defineBackend({
  auth,
  data,
  preSignUp
});

const authArn = backend.auth.resources.userPool.userPoolArn;
backend.preSignUp.resources.lambda.addToRolePolicy(
  new iam.PolicyStatement({
    sid: 'AllowCognitoOperations',
    effect: Effect.ALLOW,
  actions: [
    'cognito-idp:ListUsers',
    'cognito-idp:AdminLinkProviderForUser',
    'cognito-idp:ListIdentityProviders',
  ],
  resources: [authArn],
}));

Screenshots

No response

Platforms

• iOS
• Android
• Web
• macOS
• Windows
• Linux

Flutter Version

3.27.1

Amplify Flutter Version

2.5.0

Deployment Method

Amplify Gen 2

Schema

No response

[ekjotmultani]

Hi @malaquf, I see the problem you are facing and I'm sorry you are getting this issue, let me investigate this and get back to you with an update.

[keithrz]

@ekjotmultani any updates? I'm running into the same issue. The quickest solution, IMO, would be to map AdminLinkProviderForUser to one of the existing list of actions, or create a new action for this 1 permission.

(thanks to @malaquf for the detailed explanation, it saved me some time getting to the same conclusion ;)

[tyllark]

Hello @keithrz, thanks for pinging this feature request as we cannot implement the feature via the Amplify Flutter project. We are transferring this feature request over to the Amplify CLI team.