Menu
I have an user management system where I am using AWS-Cognito userPool for signup/sign-in process.I need to assign roles to these users.
For example: Super admin, Referral and so on.
The super admin role is responsible for adding/deleting/editing the users. Is there any way to do this just by using userPool features ? Also, is it possible to assign roles through AWS console and not through an API ?
472
The super admin role is responsible for adding/deleting/editing the users. Is there any way to do this just by using userPool features ?
You can assign IAM roles to groups. For example, if you create a superadminrole that you assign to the superadmingroup group, then the super admins have the appropriate actions according to the Actions for Amazon Cognito User Pools, e.g. cognito-idp:AdminCreateUser, cognito-idp:AdminDeleteUser, cognito-idp:AdminAddUserToGroup, cognito-idp:ListUsers, cognito-idp:ListUsersInGroup, etc. Then, a signed in super admin can execute the corresponding user task. Please also read the list of Developers and administrators can perform the following tasks to see what actions are available.
Also, is it possible to assign roles through AWS console and not through an API ?
Yes, copied from the Viewing User Attributes section in the AWS Cognito Developer guide (emphasis mine):
From the Amazon Cognito home page in the AWS Management Console, choose Manage your user identities.
Choose your user pool from the Your User Pools page.
Choose User and Groups to view user information.
Choose a user name to show more information about an individual user. From this screen, you can perform any of the following actions:
- Add user to group
- Reset user password
- Confirm user
- Enable or disable MFA
- Delete user
104
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
