1. Create a User Pool

Navigate to Cognito in AWS and click create Manage User Pools. Use whatever password settings are best for your organization.

1.1 Create App Client

After creating the user pool, go to "App Clients" in the sidebar. Create an App Client, but make sure to do the following:

• Uncheck "Generate Client Secret"

• Check "Enable user password based authentication

2. Create an Identity Pool

Navigate to Federated Idenitities in AWS and create an identity pool.

Create a new IAM role. Then review this role in IAM.

3. Create S3 Bucket

Create a bucket with public read permissions. In the "Permissions" tab, allow everyone to read and write objects to the S3 bucket.

Copy the CORs configuration from the Amplify docs

4. Configure IAM Roles

Navigate to IAM panel by searching for the IAM service. You'll have a bunch of newly created Cognito roles. Use the instructions on the Amplify docs getting started page and create an Auth and Unauth policy for your new IAM users.

Add each policy you copied with "Attach Policy" to the User Role. Make sure to replace the "example bucket name" with the name of your bucket.

Create the policy, give it a name like "UDTTestBucketRole".

5. Create Example User

In Cognito page click "Create User", enter the username and password. Mark the account as verified. You'll then be prompted with Complete your Sign Up.