This deploys and maintains the Cognito user pool used for the given environment.
In order to deploy this, the custom.supportEmailAddress in the stack must be verified in the AWS Account's SES service before being deployed.
Once deployed, the client defined for the User Pool (named 'API') must have the value of it's assigned Client Secret copied and stored as the value of the SSM Parameter Store variable '/mcm-v1/cognito/client/secret' (type String). This variable MUST be created and set for the account and in the appropriate region (us-east-2), but should not need to be updated unless the client defined in the user pool is deleted and recreated for some reason. For other components needing this client secret, this variable should be considered the 'source of truth'.
This stack requires that the mcm-app infrastructure has been properly deployed (see https://github.com/MCMLLC/mcm-infrastructure/blob/develop/mcm-apps/README.md). In addition, the folllowing stacks must be present:
- N/A
| Lambda name | Definition |
|---|
| Symbol | Definition |
|---|---|
| mcm-cognito-UserPoolId | ID of Cognito user pool |
| mcm-cognito-UserPoolArn | ARN for Cognito user pool |
| mcm-cognito-APIClientId | ID of 'API' client app for user pool |
| Symbol | Definition |
|---|---|
| /mcm-v1/cognito/client/secret | Client secret for 'API' client |
Removing the stack will destroy the user pool, including all user passwords. Also the SSM /mcm-v1/cognito/client/secret key needs to be manually removed.