Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to Set required attributes in aws cognito user pool using aws cloudformation template?

Tags:

amazon-web-services

amazon-cognito

amazon-cloudformation

aws-cognito

Aws cognito console screen

While creating user-pool using cloudformation template i wanted to add the following attributes(marked in the attached image link). I didn't find anything helpful in the AWS documentation.

It allows setting up Alias attributes as said in the aws cloudformation cognito documentation.

Has anybody tried this or has any idea regarding this?

like image 909
Ashish Gaude Avatar asked Sep 19 '17 14:09

Ashish Gaude

People also ask

How do I change the attributes of an Amazon Cognito user pool after creation?

Short description. You can't change standard user pool attributes after a user pool is created. Instead, create a new user pool with the attributes that you want to require for user registration. Then, migrate existing users to the new user pool by using an AWS Lambda function as a user migration trigger.

How do I change user attributes in Cognito?

To update a cognito user's attributes use the admin-update-user-attributes command, specifying the user-pool-id , username and user-attributes parameters.

How do you want to map identity provider attributes to user pool attributes?

In the navigation pane, choose User Pools, and choose the user pool you want to edit. Choose the Sign-in experience tab and locate Federated sign-in. Choose Add an identity provider, or choose the Facebook, Google, Amazon or Apple IdP you have configured. Locate Attribute mapping and choose Edit.

What is sub attribute Cognito?

Cognito sub attributeWhen creating a user Cognito will assign a generated unique IDs (the sub attribute). This attribute cannot be changed and in case you import users from another pool/backup it will change.

Video Answer

2 Answers

I managed to get it done using the schema attribute of the AWS::cognito::UserPool:

"myApiUserPool": {
  "Type": "AWS::Cognito::UserPool",
  "Properties": {
    "AdminCreateUserConfig": {
      "AllowAdminCreateUserOnly": true
    },
    "Schema": [
      {
        "Mutable": false,
        "Name": "email",
        "Required": true
      },
      {
        "Mutable": false,
        "Name": "family_name",
        "Required": true
      },
      {
        "Mutable": false,
        "Name": "name",
        "Required": true
      }
    ],
    "AutoVerifiedAttributes": [
      "email"
    ],
    "UserPoolName": {
      "Fn::Sub": "myApiUserPool${envParameter}"
    }
  }
}
like image 102
Ashish Gaude Avatar answered Oct 18 '22 20:10

Ashish Gaude

Here is the example with YAML.

Note: you cannot just update a attribute you need to delete the userpool and create it again with the new attributes (just comment out your pool section and redeploy it). Otherwise it will ask for a AttributeDataType, and if you include it, it will create a custom attribute instead of standard one.

CognitoUserPool:
  Type: AWS::Cognito::UserPool
  Properties:
    # Generate a name based on the stage
    UserPoolName: ${self:custom.stage}-cfp-user-pool
    AliasAttributes:
      - phone_number
      - email
      - preferred_username
    Policies:
      PasswordPolicy:
        MinimumLength: 8
    Schema:
      - Name: email
        Required: true
        Mutable: true
like image 26
Jingyi Wang Avatar answered Oct 18 '22 21:10

Jingyi Wang
Sign in to Comment

Related questions

What is Cloudfront Minimum TTL for?
AWS policy that limit the IAM user to send SES emails from a specific sender
Amazon Route 53 Alias not working
installing NODEJS on remote AWS instance of Red Hat Enterprise Linux 7.1
How to assign EIP to Autoscaling Group of VPC in Cloudformation template
AWS Cognito unauthenticated login error (window is not defined) [JS]
Do Reserved Instances in AWS EC2 Have Better Performance Than On-Demand or Spot Instances?
AWS automatically keep on creating ECS instance.
Only the home route working on my EC2 instance server for AWS for Laravel 4
Worker "dyno" in AWS Elastic Beanstalk
AWS Retrieving Security Credentials from Instance Metadata
Aws Lambda response error
Where in S3 my Lambda code stored
How to run Lambda created in CDK on a regular basis?
AWS S3 CLI: Anonymous users cannot initiate multipart uploads
Easy way to test TURN server
How to query in AWS athena connected through S3 using lambda functions in python
AWS S3 Server side encryption Access denied error
Gmail SMTP is not working in ec2 instance
awscli s3: upload via stdin

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!