I am configuring a Cognito User Pool using the CDK.
In the UserPool constructor, there is a custom_sender_kms_key attribute that is set to None by default.
The documentation states that :
This key will be used to encrypt temporary passwords and authorization codes that Amazon Cognito generates. Default: - No key ID configured.
I don't know if I should configure this or not. I'm not sure what it is used for. Any idea?
Unless you are using custom lambda to send the email and sms, you would not need to configure the key.