amazon-cognito aws-cdk amazon-waf aws-userpools

How to add WAF to my cognito UserPool with cdk

I can't find examples or documentation about how to use cdk to attach a waf to a cognito userpool.

Solution

There is no API in Cognito Userpool. You will need to create CfnWebACLAssociation and provide the Userpool ARN for the resource ARN.

https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_wafv2.CfnWebACLAssociation.html#resourcearn

import { aws_wafv2 as wafv2 } from 'aws-cdk-lib';
const cfnWebACLAssociation = new wafv2.CfnWebACLAssociation(this, 'MyCfnWebACLAssociation', {
  resourceArn: 'arn: *partition* :cognito-idp: *region* : *account-id* :userpool/ *user-pool-id*',
  webAclArn: 'webAclArn',
});

Get user attributes AWS Amplify iOS SDK
Are the Cognito User pool id and Client Id sensitive?
AWS-Cognito: Is it possible to edit the User Pool name after creating the User Pool?
AWS Cognito - Invalid Refresh Token
Terraform AWS OpenSearch using Cognito module circular problem
Add AWS IAM users to AWS Cognito Pool
AWS Cognito: Add custom claim/attribute to JWT access token
Getting AWS cognito attributes
How do I access the group for a Cognito User account?
Persisting login when users open new tab
AWS Cognito Hosted UI - Internationalization
Unable to verify secret hash for client in Amazon Cognito Userpools
AWS Cognito: Reset Expired Temporary Password
AWS Cognito Post authentication Lambda trigger - return NotAuthorizedException
Enabling and Configuring Password History on Cognito
How to link AWS Cognito native user to the federated user
Vue.js and and amplify for aws
Add role based authentication using next-auth in NextJS
Aws Cognito Oauth2: Refresh token rotation
Error while doing IdP initiated login using AWS Cognito
Why is Next.js throwing Error: WEBPACK_IMPORTED_MODULE is not a function?
502 Bad Gateway in production with Nextjs next-auth with url '/api/auth/callback/cognito'
Cognito - Client is not enabled for OAuth2.0 flows
How to login with cognito in flutter web?
RestAssured authentication with AWS Signature
How to get user attributes (username, email, etc.) using cognito identity id
SpringBoot + AWS cognito, can't resolve issuerUri
After creating a Cognito user in Java, do I have to change the password? (status: FORCE_CHANGE_PASSWORD)
How to validate UpdateUserAttributes endpoint?
How to Avoid Deletion of Manually Created Cognito User Pool During CloudFormation Stack Deployment