Modify Amplify-generated Cognito resources with CDK
Amplify Auth provides sensible defaults for the underlying Amazon Cognito resource definitions. You can customize your authentication resource to enable it to behave exactly as needed for your use cases by modifying it directly using AWS Cloud Development Kit (CDK)
Override Cognito UserPool password policies
You can override the password policy by using the L1 cfnUserPool
construct and adding a addPropertyOverride
.
amplify/backend.ts
import { defineBackend } from '@aws-amplify/backend';import { auth } from './auth/resource';
const backend = defineBackend({ auth,});// extract L1 CfnUserPool resourcesconst { cfnUserPool } = backend.auth.resources.cfnResources;// use CDK's `addPropertyOverride` to modify properties directlycfnUserPool.addPropertyOverride( "Policies", { PasswordPolicy: { MinimumLength: 10, RequireLowercase: true, RequireNumbers: true, RequireSymbols: true, RequireUppercase: true, TemporaryPasswordValidityDays: 20, }, });
Custom Attributes
The following code will allow you to add custom attributes using the Userpool schema property with the L1 cfnUserPool
construct.
amplify/backend.ts
import { defineBackend } from '@aws-amplify/backend';import { auth } from './auth/resource';import { data } from './data/resource';
const backend = defineBackend({ auth, data});
// extract L1 CfnUserPool resourcesconst { cfnUserPool } = backend.auth.resources.cfnResources;// use CDK's `addPropertyOverride` to modify properties directlycfnUserPool.addPropertyOverride("Schema", [ { Name: "publicName", AttributeDataType: "String", Mutable: true, },]);