AWS Cognito : Handling User Attributes Updates

In my AWS app , I am using AWS Cognito Service to handle User signup/login/auth etc . I also am using AWS RDS Database which will have a User table along with other tables needed in my app. This user table will replicate the users in my users pool and I want to do this through cognito triggers . I have used postConfirmation trigger to handle the user creation in my RDS database when the user confirms his account , but I'm not sure how to handle when a user wants to update any attribute . I have two options in mind and im not sure which one is better

Use a trigger like CustomMessage for example , which should be triggered on update user attribute
Create an endpoint using APIGateway and a lambda function that handles this logic of updating both the RDS database and cognito. Please also share if there is another proposed way of handling this , keeping in mind im trying to follow best practices and conventions. Thank you

Topics

Serverless Compute Front-End Web & Mobile Networking & Content Delivery Security, Identity, & Compliance

Tags

AWS Lambda Amazon API Gateway Amazon Cognito

Language

English

ahmeddosama

asked 14 days ago260 views

1 Answer

Newest
Most votes
Most comments

Accepted Answer

Option 1: Cognito Trigger Use a Cognito trigger such as CustomMessage or another suitable trigger for updating user attributes. However, Cognito does not have a dedicated trigger specifically for user attribute updates.

Option 2: API Gateway and Lambda Create an API endpoint using API Gateway that triggers a Lambda function to handle the update logic. This approach would involve:Users making update requests through your application .The request hitting the API Gateway endpoint. The Lambda function being invoked to update both Cognito user attributes and the corresponding RDS record.

Proposed Approach: Given your requirements, the API Gateway and Lambda approach is more robust and follows best practices:

API Gateway: Expose an endpoint for user attribute updates. Secure the endpoint using AWS Cognito Authorizer. Lambda Function:

Verify the user’s identity and update the attributes in Cognito. Update the corresponding user record in the RDS database. Benefits: Centralized Logic: All update logic is centralized in a single Lambda function, making it easier to maintain and extend. Flexibility: Easy to implement additional checks or business logic during the update process. Security: The API Gateway can leverage Cognito for secure and authenticated requests.

EXPERT

A_J

answered 14 days ago

EXPERT

Oleksii Bebych

reviewed 14 days ago

ahmeddosama
14 days ago
Thank you for your detailed reply!
A_J EXPERT
14 days ago
You are welcome

Relevant content

Why is Cognito not migrating users from my Django RDS Aurora DB to Cognito User Pool?
andresdeinnocentiis
asked 10 months ago
Cognito User Attributes Modified Lambda Trigger
Ricardo Nolde
asked 2 years ago
How many Cognito user pools should I have in an APP?
Accepted Answer
cao95
asked 8 months ago
Handling Data Redundancy Between Cognito and Database for Custom Attributes with Social Sign-Ins
Karim
asked 5 days ago
How do I confirm a user account in Amazon Cognito?
AWS OFFICIALUpdated a year ago
How do I use remembered devices in my Amazon Cognito user pool?
AWS OFFICIALUpdated a year ago
How do I reset user passwords in Amazon Cognito using the AWS CLI?
AWS OFFICIALUpdated a year ago
How do I use Amazon Cognito identity pools to grant users access to AWS services?
AWS OFFICIALUpdated a year ago
AWS re:Post Knowledge Center Spotlight: Amazon Cognito
EXPERT
Henry Fuentes Jr
published 23 days ago
How to setup cross-account Cognito User Pool migration with the Migrate User Lambda Trigger
EXPERT
Mitchell Tennison
published 2 months ago