Implementing Amazon Cognito As a Service is a smart way to define your user pool in version managed code. It is likely that you’ll want to leverage groups in your user pool, which means you need to programmatically create Amazon Cognito Groups in your serverless.yml file.
If you are reading this, you have likely implemented Amazon Cognito As a Service using the serverless framework. For this article, I will assume that you have read my earlier post: Amazon Cognito As a Service – Setting Up Your serverless.yml File. If you have not read that article, you might want to review it before proceeding to programmatically create Amazon Cognito Groups.
Why Programmatically Create Amazon Cognito Groups?
User groups are not at all a requirement of Amazon Cognito. That said, it is a very useful feature and one that most will likely want to implement. Implementing Amazon Cognito As a Service is a great start but why do that, only to go into the AWS Console and start clicking around?? The XXX as a service approach means never having to manually change settings in the AWS console (or as close to never as possible, but in most cases, never is very much possible).
https://gist.github.com/kevinchisholm/8892cdef8c996ae10cd1afd4003c1fb0
Using the serverless.yml file from the previous post: Amazon Cognito As a Service – Setting Up Your serverless.yml File, we have already done the work of configuring our Cognito user pool.
On line 25, we start to programmatically create Amazon Cognito Groups. There are three user groups defined here: admins, editors, and authors. These group names have absolutely no inherent meaning; they are arbitrary and for demonstration purposes only. The reason I have specified three groups is that I wanted to point out that you can provision multiple groups and show how the properties are all very similar.
Let’s focus on lines 26-32. Here we have created the admins group. At this point, you are probably getting used to looking at serverless.yml files, so I won’t go through every single property here. Just note that for each group, we specify a description (e.g. line 29) and a name (e.g. line 30). The rest of the properties for the group should be self-explanatory. And of course, for the editors and authors groups, only the description and name fields will differ.
Deploying Your Amazon Cognito Service
In order to see the changes in our Amazon Cognito service we need to take the following steps:
- Open your terminal application
- Move into the same folder as your serverless.yml File
- Run the command: sls deploy -s dev (If you omit the “-s” flag, the default value of “dev” will be used)
- Go to console.aws.amazon.com/cognito
- Click the icon for your user pool
- Click Users and Groups, and then click the Groups tab
- You will see your user groups defined
Summary
In this article, we covered the steps needed to programmatically create Amazon Cognito Groups in your serverless.yml file. You do not need to leverage groups in your user pool, but if you plan to use them, it just makes perfect sense to have these group definitions version managed. This means that you’ll want to programmatically create Amazon Cognito Groups in your serverless.yml file. Moving towards a 100% serverless methodology for your application is in most cases a smart way to go.
We hope that you have enjoyed reading about how to programmatically create Amazon Cognito Groups and have learned something new. If you have and it has made your coding easier and more efficient, please share this article on Facebook and Twitter.
