Open rraczae opened 3 years ago
edwardfoyle
commented
3 years ago Hi @rraczae we don't natively support this. You may be able to set this up by editing the changes made by amplify import auth to point to your cognito pool. You would need to make changes in team-provider-info.json, amplify-meta.json and backend-config.json. However, in general Amplify expects that all resources in a given environment are in the same account so you may run into other downstream issues.
rraczae
commented
3 years ago Hey @edwardfoyle thanks for the quick response. Gotcha... this tricky then. The organization is basically trying to follow this guideline:
https://aws.amazon.com/organizations/getting-started/best-practices/
So we are actually injecting team-provider-info in our build pipe already, so "customizing" that should not be a problem. I am thinking under the Cognito OU we could:
I've never manually changed amplify-meta.json and back-end config.json but I am assuming we could try to copy those values as well.
Any opinion/further direction is appreciated. It is kind of a bummer that the state of art setup cannot be easily achieved. It might possibly scare away larger clients with robust setup..
edwardfoyle
commented
3 years ago I'll mark this as an enhancement to track / gauge interest. I agree it could be important for enterprise clients
We are building an app in a multi-account AWS environment and we're trying to consume a cognito pool that is under a different account other than the rest of the amplify resources. With other apps we always had the pool and the amplify resources under the same account, but now it cannot link the auth and the console says it cannot be found... is there a way to create a key/user to access both? Would manual config work when we have owner protected tables in the schema?
Which Category is your question related to? Auth, multi-account AWS environment
Amplify CLI Version 4.46.0
What AWS Services are you utilizing? Cognito, AppSync, Lambda, S3,
Provide additional details e.g. code snippets none