Skip to content
Serverless AWS Cognito Custom User Pool Example
Branch: master
Clone or download
Type Name Latest commit message Commit time
Failed to load latest commit information.
LICENSE Initial Example Sep 28, 2017 Add some links for install and configure of serverless and aws-cli Feb 28, 2018
cloudFormationCustomUserPool.js - Add missing attributes: ProviderName & ProviderURL Mar 23, 2018
postConfirmation.js Initial Example Sep 28, 2017
serverless.yml - The PhysicalResourceId is returned for Ref: so it is not necessary Sep 28, 2017

Serverless AWS Cognito Custom User Pool Example

This example demonstrates how to create an AWS Cognito custom user pool.

serverless License: MIT


As of October 2017 AWS Cloud Formation does not directly support creating Cognito user pools with UsernameAttributes or VerificationMessageTemplate. The UsernameAttributes setting may not be changed after creation. In order to create a user pool with the UsernameAttributes set, a custom resource type must be used which calls a lambda that uses the AWS api to create the pool for you. When AWS fixes these issues this will become obsolete, however it still serves as an example of how to implement a custom resource type backed by a lambda.


You will need serverless and aws-cli installed and configured.

How to Install

serverless install -u
cd aws-node-custom-user-pool
serverless deploy

How to Test

The service includes a lambda that is configured to run as a post confirmation trigger when a new user is confirmed by Cognito. To test everything is working as expected create and confirm a user in Cognito via the aws-cli. First you will need the User Pool Id and the Pool App Client Id.

export UserPoolId=$(aws cloudformation describe-stacks --stack-name custom-user-pool-dev | grep -A 1 UserPoolId | tail -1 | cut -d'"' -f 4)
export UserPoolClientId=$(aws cloudformation describe-stacks --stack-name custom-user-pool-dev | grep -A 1 UserPoolClientId | tail -1 | cut -d'"' -f 4)

Then create and confirm a user. Note, please change the email address below to your email address.

aws cognito-idp sign-up --region us-east-2 --client-id ${UserPoolClientId} --username --password Passw0rd! --user-attributes Name="name",Value="Your Name"
aws cognito-idp admin-confirm-sign-up --region us-east-2  --user-pool-id ${UserPoolId} --username

The postConfirmation lambda will have executed when the user was confirmed. To verify it executed go to the AWS web console and navigate to the CloudWatch Logs for the lambda at /aws/lambda/custom-user-pool-dev-postConfirmation. There should be a log message similar to:

2017-09-28T13:29:18.504Z ExaMple0-a451-11e7-91f3-edc45b79707c User confirmed: User-Pool us-east-2_ExaMple00, UserId: ExAmplE0-53a5-45df-b480-96b1bb6b0b51

How to Remove

serverless remove
You can’t perform that action at this time.