From 4d1f749b09a806a9f003bedab03a49694cf5aeb2 Mon Sep 17 00:00:00 2001
From: Peter Woodworth <44349620+peterwoodworth@users.noreply.github.com>
Date: Mon, 28 Mar 2022 06:36:29 -0700
Subject: [PATCH] feat(cognito): configure SNS region for UserPool SMS messages
 (#19519)

fixes #19434

updated integ test domain value, because old value was [failing deployment](https://github.com/aws-samples/aws-cdk-examples/issues/402)

----

### All Submissions:

* [x] Have you followed the guidelines in our [Contributing guide?](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md)

### Adding new Unconventional Dependencies:

* [ ] This PR adds new unconventional dependencies following the process described [here](https://github.com/aws/aws-cdk/blob/master/CONTRIBUTING.md/#adding-new-unconventional-dependencies)

### New Features

* [x] Have you added the new feature to an [integration test](https://github.com/aws/aws-cdk/blob/master/INTEGRATION_TESTS.md)?
	* [x] Did you use `cdk-integ` to deploy the infrastructure and generate the snapshot (i.e. `cdk-integ` without `--dry-run`)?

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
---
 .../@aws-cdk/aws-cognito/lib/user-pool.ts     | 10 +++++++++
 ...teg.user-pool-explicit-props.expected.json |  5 ++++-
 .../test/integ.user-pool-explicit-props.ts    |  3 ++-
 .../aws-cognito/test/user-pool.test.ts        | 22 +++++++++++++++++++
 4 files changed, 38 insertions(+), 2 deletions(-)

diff --git a/packages/@aws-cdk/aws-cognito/lib/user-pool.ts b/packages/@aws-cdk/aws-cognito/lib/user-pool.ts
index 1db90ae1c2119..a4157d629307d 100644
--- a/packages/@aws-cdk/aws-cognito/lib/user-pool.ts
+++ b/packages/@aws-cdk/aws-cognito/lib/user-pool.ts
@@ -522,6 +522,14 @@ export interface UserPoolProps {
    */
   readonly smsRoleExternalId?: string;
 
+  /**
+   * The region to integrate with SNS to send SMS messages
+   *
+   * This property will do nothing if SMS configuration is not configured
+   * @default - The same region as the user pool, with a few exceptions - https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html#user-pool-sms-settings-first-time
+   */
+  readonly snsRegion?: string;
+
   /**
    * Setting this would explicitly enable or disable SMS role creation.
    * When left unspecified, CDK will determine based on other properties if a role is needed or not.
@@ -1032,6 +1040,7 @@ export class UserPool extends UserPoolBase {
       return {
         snsCallerArn: props.smsRole.roleArn,
         externalId: props.smsRoleExternalId,
+        snsRegion: props.snsRegion,
       };
     }
 
@@ -1072,6 +1081,7 @@ export class UserPool extends UserPoolBase {
     return {
       externalId: smsRoleExternalId,
       snsCallerArn: smsRole.roleArn,
+      snsRegion: props.snsRegion,
     };
   }
 
diff --git a/packages/@aws-cdk/aws-cognito/test/integ.user-pool-explicit-props.expected.json b/packages/@aws-cdk/aws-cognito/test/integ.user-pool-explicit-props.expected.json
index 50da9815a769b..0811dc3173db4 100644
--- a/packages/@aws-cdk/aws-cognito/test/integ.user-pool-explicit-props.expected.json
+++ b/packages/@aws-cdk/aws-cognito/test/integ.user-pool-explicit-props.expected.json
@@ -833,6 +833,9 @@
               "myuserpoolsmsRole0E16FDD9",
               "Arn"
             ]
+          },
+          "SnsRegion": {
+            "Ref": "AWS::Region"
           }
         },
         "SmsVerificationMessage": "verification sms message from the integ test. Code is {####}.",
@@ -850,7 +853,7 @@
     "myuserpoolmyuserpooldomainEE1E11AF": {
       "Type": "AWS::Cognito::UserPoolDomain",
       "Properties": {
-        "Domain": "myawesomeapp",
+        "Domain": "cdkintegrationtestuserpoolexplicitprops",
         "UserPoolId": {
           "Ref": "myuserpool01998219"
         }
diff --git a/packages/@aws-cdk/aws-cognito/test/integ.user-pool-explicit-props.ts b/packages/@aws-cdk/aws-cognito/test/integ.user-pool-explicit-props.ts
index 1bc35003fa472..8c26481628971 100644
--- a/packages/@aws-cdk/aws-cognito/test/integ.user-pool-explicit-props.ts
+++ b/packages/@aws-cdk/aws-cognito/test/integ.user-pool-explicit-props.ts
@@ -69,11 +69,12 @@ const userpool = new UserPool(stack, 'myuserpool', {
     userMigration: dummyTrigger('userMigration'),
     verifyAuthChallengeResponse: dummyTrigger('verifyAuthChallengeResponse'),
   },
+  snsRegion: Stack.of(stack).region,
 });
 
 const cognitoDomain = userpool.addDomain('myuserpooldomain', {
   cognitoDomain: {
-    domainPrefix: 'myawesomeapp',
+    domainPrefix: 'cdkintegrationtestuserpoolexplicitprops',
   },
 });
 
diff --git a/packages/@aws-cdk/aws-cognito/test/user-pool.test.ts b/packages/@aws-cdk/aws-cognito/test/user-pool.test.ts
index 1efa42aeda79b..b482d244ea6fa 100644
--- a/packages/@aws-cdk/aws-cognito/test/user-pool.test.ts
+++ b/packages/@aws-cdk/aws-cognito/test/user-pool.test.ts
@@ -235,6 +235,28 @@ describe('User Pool', () => {
     });
   });
 
+  test('snsRegion property is recognized', () => {
+    // GIVEN
+    const stack = new Stack();
+    const role = Role.fromRoleArn(stack, 'smsRole', 'arn:aws:iam::664773442901:role/sms-role');
+
+    // WHEN
+    new UserPool(stack, 'Pool', {
+      smsRole: role,
+      smsRoleExternalId: 'test-external-id',
+      snsRegion: 'test-region-1',
+    });
+
+    // THEN
+    Template.fromStack(stack).hasResourceProperties('AWS::Cognito::UserPool', {
+      SmsConfiguration: {
+        ExternalId: 'test-external-id',
+        SnsCallerArn: role.roleArn,
+        SnsRegion: 'test-region-1',
+      },
+    });
+  });
+
   test('import using id', () => {
     // GIVEN
     const stack = new Stack(undefined, undefined, {