aws-appsync: imported resources from other regions using the current stack region #20195
Closed
Description
Describe the bug
When trying to import a Cognito UserPool to be used in an AppSync Graphql domain, the UserPool is configured with the region of the stack that is being deployed and disregards the region supplied in the ARN.
Expected Behavior
Using the construct below and assuming that this.stack is created in us-west-2:
return new GraphqlApi(this.stack, `api`, {
name: `TheAPI`,
schema: Schema.fromAsset('schema.graphql'),
authorizationConfig: {
defaultAuthorization: {
authorizationType: AuthorizationType.USER_POOL,
userPoolConfig: {
userPool: UserPool.fromUserPoolArn(this.stack, 'CognitoUserPool', `arn:aws:cognito-idp:us-east-1:${this.awsAccountId}:userpool/${userPoolId}`),
defaultAction: UserPoolDefaultAction.ALLOW
}
}
},
logConfig: {
excludeVerboseContent: false,
fieldLogLevel: FieldLogLevel.ALL
},
xrayEnabled: true
});
I expected the UserPool to be linked to the UserPool created in us-east-1 per the ARN provided.
"TheApi": {
"Type": "AWS::AppSync::GraphQLApi",
"Properties": {
"AuthenticationType": "AMAZON_COGNITO_USER_POOLS",
"Name": "TheApi",
"UserPoolConfig": {
"AwsRegion": "us-east-1",
"DefaultAction": "ALLOW",
"UserPoolId": {
"Ref": "SomeId"
}
...
}
Current Behavior
However, the generated output shows us-west-2 as the region:
"TheApi": {
"Type": "AWS::AppSync::GraphQLApi",
"Properties": {
"AuthenticationType": "AMAZON_COGNITO_USER_POOLS",
"Name": "TheApi",
"UserPoolConfig": {
"AwsRegion": "us-west-2",
"DefaultAction": "ALLOW",
"UserPoolId": {
"Ref": "SomeId"
}
...
}
Reproduction Steps
build a new graphQl API with a UserPool from a different region
Possible Solution
No response
Additional Information/Context
No response
CDK CLI Version
1.152.0
Framework Version
No response
Node.js Version
v16.10.0
OS
MacOS Monterey 12.3
Language
Typescript
Language Version
No response
Other information
No response