Creating Cognito user pool with CloudFormation template

Various sections of the CloudFormation template correspond to the CLI commands that we saw in the previous section. The complete template YAML file is available in the code files:

  1. Start the template with the template format version and a description (optional):
---
AWSTemplateFormatVersion: '2010-09-09'
Description: 'My First Cognito User Pool'
  1. Start to define the user pool resource with the type, AWS::Cognito::UserPool:
Resources:
  MyFirstUserPool:
    Type: AWS::Cognito::UserPool
  1. Under Properties, first, define a Policies property with a PasswordPolicy, as follows:
Properties:
  Policies:
    PasswordPolicy:
      MinimumLength: 8
      RequireLowercase: true
      RequireNumbers: true
      RequireSymbols: true
      RequireUppercase: true
  1. Define AutoVerifiedAttributes and AliasAttributes, as follows:
AutoVerifiedAttributes:
- email
AliasAttributes:
- email
  1. Define an email verification message and an email verification subject, as follows:
EmailVerificationMessage: 'Your verification code from MyApp is {####}.'
EmailVerificationSubject: 'Your verification code from MyApp'
  1. Define the AdminCreateUserConfig property, as follows:
AdminCreateUserConfig:
  AllowAdminCreateUserOnly: false
  InviteMessageTemplate:
    EmailMessage: 'Your username for MyApp is {username} and password is {####}.'
    EmailSubject: 'Your temporary password for MyApp'
  UnusedAccountValidityDays: 7

AllowAdminCreateOnly restricts creating accounts to administrators.

  1. Provide a name and add a tag for this user pool (this is optional):
UserPoolName: 'MyApp User Pool'
UserPoolTags:
  Team: Dev
  1. In the Outputs section, return the user-pool-id. Also, export the user pool, so that we can reuse it in later recipes:
Outputs:
  UserPoolId:
    Description: 'Cognito user pool'
    Value: !Ref MyFirstUserPool
    Export:
      Name: MyFirstUserPoolId

Save the file as cognito-user-pool-cf-template.yml.

  1. Execute the CloudFormation template by using aws cloudformation create-stack, in order to create a CloudFormation stack.

We can run the aws cloudformation describe-stacks command to find the status and get the user-pool-id.

We can also use the describe-user-pool sub-command, with the ID returned by the describe-stacks sub-command, to verify the new Cognito user pool:

aws cognito-idp describe-user-pool 
    --user-pool-id us-east-1_fYsb1Gyec 
    --profile admin

If it is successful, this command will return the current state of the newly created user pool. The initial part of the response contains the id, name, policies, an empty LambdaConfig, the last modified date, and the creation date:

The SchemaAttributes section will contain the definitions for all of the attributes (including the default attributes), in the following format:

Other attributes contained within the SchemaAttributes section include the name, given_name, family_name, middle_name, nick_name, preferred_username, profile, picture, website, email, email_verified, gender, birthdate, zoneinfo, locale, phone_number, phone_number_verified, address, and updated_at.

The remainder of the response is as follows:

  1. To clean up, we can delete the user pool by deleting the stack, or keep the stack and reuse it in the next recipe.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.149.240.196