Why is my Lambda callback being called repeatedly by Cognito, sometimes concurrently?

1
votes

I have a lambda configured as a post confirmation trigger. The docs relating to input and output are here. My understanding from the docs is that I just need to return as an output the same information as I received in the callback. However, my Lambda is being called repeatedly by Cognito and I don't know why: the very first call sometimes hits the lambda cold start and the time to launch is occasionally over 5 secs, so I would expect the occasional callback, but I am receiving 4-5 invocations, some of which are concurrent.

Here is an example input and output:

Received event:

{
    "version": "1",
    "triggerSource": "PostConfirmation_ConfirmSignUp",
    "region": "eu-west-2",
    "userPoolId": "eu-west-2_xxxxx",
    "userName": "5c229f32-7768-410e-bb44-77e8a8c84665",
    "callerContext": {
        "awsSdkVersion": "aws-sdk-java-2.13.46",
        "clientId": "xxxxx"
    },
    "request": {
        "userAttributes": {
            "sub": "5c229f32-7768-410e-bb44-77e8a8c84665",
            "cognito:email_alias": "[email protected]",
            "cognito:user_status": "CONFIRMED",
            "email_verified": "true",
            "email": "[email protected]"
        },
        "clientMetadata": null
    },
    "response": {}
}

Returned data:

{
    "version": "1",
    "triggerSource": "PostConfirmation_ConfirmSignUp",
    "region": "eu-west-2",
    "userPoolId": "eu-west-2_xxxxx",
    "userName": "5c229f32-7768-410e-bb44-77e8a8c84665",
    "callerContext": {
        "awsSdkVersion": "aws-sdk-java-2.13.46",
        "clientId": "xxxxx"
    },
    "request": {
        "userAttributes": {
            "sub": "5c229f32-7768-410e-bb44-77e8a8c84665",
            "cognito:email_alias": "[email protected]",
            "cognito:user_status": "CONFIRMED",
            "email_verified": "true",
            "email": "[email protected]"
        },
        "clientMetadata": null
    },
    "response": {}
}

The Lambda docs state under important considerations:

Amazon Cognito invokes Lambda functions synchronously. When called, your Lambda function must respond within 5 seconds. If it does not, Amazon Cognito retries the call. After 3 unsuccessful attempts, the function times out. This 5-second timeout value cannot be changed.

This particular request/response was called 4 times. The first had a 6 sec cold start, so I would expect Cognito to try again, fair enough. However I can see in the dashboard that there were 3 concurrent executions, so I'm not sure why my Lambda would be called so many times?

1
amazon-web-servicesaws-lambdaamazon-cognito

1 Answers

0
votes

Step one would be to reduce the cold start on the Lambda as 6 seconds is very long for a cold start. Cognito will only invoke a total of three times for a signal request if retries are required. This sounds more like your client application is sending multiple requests to Cognito, resulting in multiple invocations of your Lambda.

Id suggest checking if your code is making calls to Cognito asynchronously resulting in multiple invocations.