search

aws-amplify / amplify-backend

Home to all tools related to Amplify's code-first DX (Gen 2) for building fullstack apps on AWS
Apache License 2.0
185 stars 63 forks source link

support `referenceAuth` with only user pool, create new identity pool, roles, user pool client #2252

Open josefaidt opened 4 days ago

josefaidt commented 4 days ago

Environment information

n/a

Describe the feature

lifting this comment from the referenceAuth RFC into its own feature request https://github.com/aws-amplify/amplify-backend/issues/1548#issuecomment-2439998904

Scenario:

  1. We deploy App1 and with it a UserPool, IdentityPool, and UserPoolClient. The app matures and accumulates users.
  2. We conceive of some new functionality that is related to App1 but not exactly the same app. So we deploy App2 that offers the same user base new functionality. App1 and App2 are separate enough that they should not be rolled into one deployment and have different release cycles.
  3. We want to reuse the UserPool in App1 since both apps are used by the same users...however we want to create a new IdentityPool and a new UserPoolClient for App2. 
// amplify/auth/resource.ts
import { referenceAuth } from "@aws-amplify/backend"

export const auth = referenceAuth({
  userPoolId: "...",
})

Referencing by only the user pool ID will create new resources:

Each of these new resources will enable scoping policies to only interact with resources within the Amplify app

Use case

see above

ykethan commented 4 days ago

Marking as feature request.