Skip to main content

User Pool

The UserPool Resource provides an API for managing Users, including sign-up, sign-in and access control.

Create a new User Pool

const userPool = new UserPool(stack, "UserPool");

Import an existing UserPool from the AWS CDK

import { aws_cognito } from "aws-cdk-lib";

// create a CDK UserPool
const userPoolConstruct = new aws_cognito.UserPool(stack, "UserPool");

// then, wrap the CDK UserPool
const userPool = UserPool.from(userPoolConstruct);

Customize with a Lambda Function Trigger

A User Pool exposes "Triggers" that can be configured to call a Lambda Function during a customer workflow, for example when signing up or authenticating.

Available Triggers include:

There are three ways to configure a Trigger:

  1. pass a Function to the lambdaTriggers property when instantiating the UserPool.
// option 1 - in-line the Function
const userPool = new UserPool(stack, "UserPool", {
lambdaTriggers: {
createAuthChallenge: new Function(
stack,
"CreateAuthChallenge",
async (event) => {
// implement logic for the CreateAuthChallenge lifecycle event
return event;
}
),
},
});
  1. Call the specific userPool.onXXX method:
userPool.onCreateAuthChallenge(
new Function(stack, "CreateAuthChallenge", async (event) => {
// implement logic for the CreateAuthChallenge lifecycle event
return event;
})
);
  1. Call userPool.on.
// use the string name of the trigger name
userPool.on(
"createAuthChallenge",
new Function(stack, "CreateAuthChallenge", async (event) => {
// implement logic for the CreateAuthChallenge lifecycle event
return event;
})
);

// or: use the AWS CDK's underlying UserPoolOperation type.
userPool.on(
aws_cognito.CREATE_AUTH_CHALLENGE,
new Function(
stack,
"CreateAuthChallenge",
async (event: CreateAuthChallengeTriggerEvent) => {
// implement logic for the CreateAuthChallenge lifecycle event
return event;
}
)
);
danger

If using the UserPoolOperation, the type of the event can not be inferred, so you must explicitly annotate the event parameter.

async (event: CreateAuthChallengeTriggerEvent) => {
// implement logic for the CreateAuthChallenge lifecycle event
return event;
};