Menu
To me, it looks 'AWS Cognito' is the 'IdentityServer of AWS'. I did a POC - created users through sign-up API calls. The users are created in AWS Cognito User Pool and access tokens are returned. However, in order to relate things, I want to create the users in a user table in DynamoDB rather than in the User Pool.
Expected scenario:
1) New user --> Sign up --> AWS Cognito --> A new user record is added in DynamoDB --> Access token is returned by AWS Cognito
2) Existing active user --> Sign in --> AWS Cognito --> user details are retrieved from DynamoDB --> Access token is returned by AWS Cognito
Qn -1: Something similar to creating IdentityServer users in SQL Server DB tables. Can this be done in AWS Cognito? Can the User Pool be bypassed and the user data obtained from a DB? Even if not bypassed, can user pool map its users from a DB table?
Qn - 2: Where are the users pool users stored? Somewhere in a DB ultimately?
Note: The following question looks similar to mine but it is not answered yet:
User sessions and storing aws cognito users in local DB
208
Access your IAM Management console and select Roles from the left menu. Click Create role and select the AWS Service Lambda role. Once both are highlighted, click Next: Permissions. Name your role whatever you want, as long as it's recognizable to you, and click Create role.
You can programmatically create a data set associated with Cognito Identity and start saving data in the form of key/value pairs. The data is stored both locally on the device and in the Cognito sync store. Cognito can also sync this data across all of the end user's devices.
csv file for your user pool from the Amazon Cognito console. Navigate to the Users and groups tab of an existing user pool, and click the Import users button. You can then export your existing user data from your existing user directory or store into the . csv file, matching the column headings in the template.
Amazon Cognito associates this data with an identity in your identity pool so that your app can access it across logins and devices. To sync this data between the Amazon Cognito service and an end user's devices, invoke the synchronize method. Each dataset can have a maximum size of 1 MB.
User pool cannot be bypassed in your scenario. You can however map your user to dynamoDB and can even restrict access using a custom policy. To use this policy, you must structure your DynamoDB table so the Cognito user ID is the partition key.
Simply add a lambda trigger post sign up and sign in to add the user to dynamoDB. Add whatever you want except the password as you can use cognito to authenticate then restrict row access by cognito ID.
As for the second part of your question, cognito has its own internal table. AWS has not specified what exactly they use but I'd hazard a guess that it is NoSQL due to flexibility of custom attributes.
198
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
