How dynamically add arn cognito to lambda?

Question

I would like to add the cognito authorizer to my lambda function, but for this I need arn cognito, which is created in the stack coud formation(CognitoUserPool in my resources section). I'm using serverless framework.

part of the serverless.yml file

  graphql:
    handler: src/lambda-functions/graphql/index.handler
    timeout: 30
    memorySize: 2048
    events:
      - http:
          path: graphql
          method: any
          private: true
          cors: true
          authorizer:
            arn:
              Fn::Join:
                - ''
                - - 'arn:aws:cognito-idp:'
                  - ${self:provider.region}
                  - ':'
                  - Ref: AWS::AccountId
                  - ':userpool/'
                  - Ref: CognitoUserPool

I am getting an error while deploying the application:

 TypeError: functionArn.split is not a function

While debugging, I discovered that the function to which the output from Fn::join should be passed is object:

{"Fn::Join":["",["arn:aws:cognito-idp:","eu-west-1",":",{"Ref":"AWS::AccountId"},":userpool/",{"Ref":"CognitoUserPool"}]]}

And there should be passed to the function already resolve arn for example:

arn:aws:cognito-idp:eu-west-1:XXXXXXXXXX:userpool/eu-west-XXXXXXX 

How to force that the output from Fn::join to be computed and pass that value to the arn property?

Answer 1

According to this, giving the authorizer a name lets you use intrinsic functions to refer to the ARN:

graphql:
  handler: src/lambda-functions/graphql/index.handler
  timeout: 30
  memorySize: 2048
  events:
    - http:
        path: graphql
        method: any
        private: true
        cors: true
        authorizer:
          name: CognitoAuthorizer #supply a unique name here
          arn:
            !GetAtt CognitoUserPool.Arn