If you are wondering what you need to do client side, check out https://github.com/aws/amazon-cognito-identity-js
This testing assume that you have default AWS credentials set up in ~/.aws or you are running on an EC2 instance with an EC2 role with the appropriate permissions.
First you need to create a userpool
bin/create_user_pool
this will output the ARN
User Pool ARN is arn:aws:cognito-idp:us-east-1:123456789:userpool/us-east-1_XXXXXX
Copy this ARN into arn: section of serverless.yml
Configure serverless to use your AWS credential.
sls deploy
- Browse to https://console.aws.amazon.com/apigateway/home?region=us-east-1#/apis
- Click on dev-serverless-cognito-demo
- Click on Authorizers
- You should see an authorizer configured as per
- Click on Resources
- Click on /hello
- You should see the method is protected by the cognito pool as per
Bring down the stack
sls remove
Delete the pool, you need to pass in the ID. The bit at the end of the ARN.
bin/delete_user_pool us-east-1_XX