[AWS] Cognito user pool admin #104
Comments
hao-fang
changed the title
hao-fang
changed the title
|
@hao-fang I could help on the script for importing all registered users. And will check if I could help on the other tasks listed. |
Thanks. I'll get send sample file to you via email later today. |
|
@stupid-2020 Can you write a Python script to consume a xlsx/csv file with following columns?
I think you can use boto3. The equivalent AWS CLI command for each row would be aws cognito-idp admin-create-user \
--user-pool-id "${AWS_USER_POOL_ID}" \
--username "${email}" \
--user-attributes "Name=email,Value=${email}" \
--user-attributes "Name=custom:name,Value=${name}"where Also, can you make sure to handle users that exceptions, e.g., in case there are duplicated entries in the file. |
hao-fang
added
AWS
priority:urgent
|
@hao-fang Will do the following:
Reference: |
stupid-2020
changed the title
|
@hao-fang I got the following message: $ aws cognito-idp admin-get-user \
--region "us-XXXX-X" \
--user-pool-id "us-XXXX-X_XXXXXXXXX" \
--username "example@gmail.com"
An error occurred (UnrecognizedClientException) when calling the AdminGetUser operation:
The security token included in the request is invalid.Any suggestion? |
Would it be possible to have a privileged page to pass the user information and call AWS Cognito API (boto3) on request? |
@stupid-2020 I have updated #55 with a Zapier + AWS Lambda solution. It can re-use some of the python code you've been developing. I'm not sure I understand what the privileged page look like.. |
|
|
@hao-fang I think I am able to complete the lambda_handler, but I haven't written any AWS lambda function before. (I think it should be implemented at AWS Lambda console, right?) |
|
@stupid-2020 Once the python script is ready, I can help the AWS Lambda part or find another volunteer. Basically it would look like something below import json
import boto3
def lambda_handler(event, context):
# TODO implement
email = event["email"]
name = event["name"]
client = boto3.client(
"cognito-idp",
aws_access_key_id="foo",
aws_secret_access_key="bar",
region_name="us-east-1",
)
print(client)
return {
'statusCode': 200,
'body': json.dumps('Hello from Lambda!')
}Then |
Tried. No email sent when the user is "re-enabled" |
|
@stupid-2020 Can you start checking in code to https://github.com/acl-org/acl-2020-virtual-conference-tools . You can put things under acl2020_tools/awscognito. |
It is possible to write a script to disable/enable user according to the python cognito_groups.py --disable attendees aws_profile.ymlAnd we can modify python cognito_users.py --assign-group attendees sample.csv aws_profile.yml |
|
@stupid-2020 Have you checked with this in https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/cognito-idp.html#CognitoIdentityProvider.Client.list_users It seems that your script can only list 60 users at one time because you didn't set Can you double check about this? Thanks! |
Sorry for making such mistake. Will fix it soon. |
|
To find user(s) with multiple group: python cognito_list.py -d aws_profile.ymlThe sample output of email,name,committee
example1@gmail.com,USER_IN_TWO_GROUPS,group-one|group-two
example2@gmail.com,USER_IN_TWO_GROUPS,group-one|group-twoTo remove the user(s) from the group, it is recommended to backup the python dry_run_users.py -r group-two duplicate.csv aws_profile.yml |
|
Just a note for future references Remember to choose "Yes - Use Amazon SES" option. (ref https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-email.html) |
Number of Volunteers: 2
We will need to have a volunteer to manage the AWS Cognito user pool, specifically,
The person needs to have some basic knowledge on AWS CLI.
Timeline
virtual.acl2020.orghiddenThe text was updated successfully, but these errors were encountered: