How can I set up a replication environment for Amazon Cognito and API Gateway across different AWS regions?

0

How can I set up a replication environment for Amazon Cognito and API Gateway across different AWS regions?

Example:

I have a Cognito pool in us-east-1, and I would like to create/replicate the same pool in another region, such as eu-central-1.

I know it's possible to export users and emails from Cognito, but I can't do this with passwords.

What is the best way to create this replication scenario?

How I do this with API Gateway too?

1 回答
1
已接受的回答

This is the closest you can find: https://aws.amazon.com/solutions/implementations/cognito-user-profiles-export-reference-architecture/ Password isn't migrated in that solution. And I don't believe this is something available natively. With regard to API Gateway, are you looking for Active/Active solution? Check this workshop and can take you through the steps how to replicate your API gateway: https://disaster-recovery.workshop.aws/en/services/networking/apigw/active-active.html

profile pictureAWS
AmerO
已回答 5 个月前
  • In the first instance, active/active is not necessary; the aim is to have a recovery environment. If us-east-1 is inactive, traffic will be switched to eu-central-1.

    About the cognito, I have a doubt. If the password was exported, how my user do the loginin another pool?

    Thanks for your response.

  • Hi Anderson, in case of disaster recovery, users will be forced to reset their password but their profile, emails, memberships are maintained. Sensitive data like password and MFA are not migrated. Here is the guidance we have: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-using-import-tool-password-reset.html If you find that answer your question, please accept the answer.

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则