Skip to content

chore: update gen2-migration guide#14728

Draft
dgandhi62 wants to merge 15 commits intogen2-migrationfrom
gen2-migration-guide-changes
Draft

chore: update gen2-migration guide#14728
dgandhi62 wants to merge 15 commits intogen2-migrationfrom
gen2-migration-guide-changes

Conversation

@dgandhi62
Copy link
Copy Markdown
Contributor

@dgandhi62 dgandhi62 commented Mar 31, 2026
edited
Loading

Changes

  1. userAttributes are supported. They can be seen amplify/auth/resource.ts 
import { defineAuth } from '@aws-amplify/backend';
import { testingapp1e98cb604e98cb604DefineAuthChallenge } from './testingapp1e98cb604e98cb604DefineAuthChallenge/resource';
import { testingapp1e98cb604e98cb604CreateAuthChallenge } from './testingapp1e98cb604e98cb604CreateAuthChallenge/resource';
import { testingapp1e98cb604e98cb604VerifyAuthChallengeResponse } from './testingapp1e98cb604e98cb604VerifyAuthChallengeResponse/resource';
import { testingapp1e98cb604e98cb604CustomMessage } from './testingapp1e98cb604e98cb604CustomMessage/resource';
import { testingapp1e98cb604e98cb604PreSignup } from './testingapp1e98cb604e98cb604PreSignup/resource';
import { testingapp1e98cb604e98cb604PreTokenGeneration } from './testingapp1e98cb604e98cb604PreTokenGeneration/resource';

export const auth = defineAuth({
  loginWith: {
    email: true,
  },
  userAttributes: {
    profilePage: {
      required: true,
      mutable: true,
    },
    address: {
      required: true,
      mutable: true,
    },
    birthdate: {
      required: true,
      mutable: true,
    },
    gender: {
      required: true,
      mutable: true,
    },
    preferredUsername: {
      required: true,
      mutable: true,
    },
    lastUpdateTime: {
      required: true,
      mutable: true,
    },
    website: {
      required: true,
      mutable: true,
    },
    profilePicture: {
      required: true,
      mutable: true,
    },
    phoneNumber: {
      required: true,
      mutable: true,
    },
    timezone: {
      required: true,
      mutable: true,
    },
    locale: {
      required: true,
      mutable: true,
    },
    givenName: {
      required: true,
      mutable: true,
    },
    familyName: {
      required: true,
      mutable: true,
    },
    middleName: {
      required: true,
      mutable: true,
    },
    fullname: {
      required: true,
      mutable: true,
    },
    nickname: {
      required: true,
      mutable: true,
    },
  },
  triggers: {
    defineAuthChallenge: testingapp1e98cb604e98cb604DefineAuthChallenge,
    createAuthChallenge: testingapp1e98cb604e98cb604CreateAuthChallenge,
    verifyAuthChallengeResponse:
      testingapp1e98cb604e98cb604VerifyAuthChallengeResponse,
    customMessage: testingapp1e98cb604e98cb604CustomMessage,
    preSignUp: testingapp1e98cb604e98cb604PreSignup,
    preTokenGeneration: testingapp1e98cb604e98cb604PreTokenGeneration,
  },
  multifactor: {
    mode: 'OFF',
  },
});
  1. Email Domain Filtering (denylist) should be supported along with allowlist. The evidence for the following is below:

In Gen1, both capabilities are defined here. Denylist maps to PreSignup: ['email-filter-denylist'] and allowlist maps to PreSignup: ['email-filter-allowlist']. Both are just PreSignup Lambda triggers with different template scaffolding.

The migration tool handles both identically through the generic trigger path. The mapping is made here. The migration tool has no awareness of whether the PreSignup trigger is an allowlist or denylist.

Sample output

triggers: {
    defineAuthChallenge: testingapp1e98cb604e98cb604DefineAuthChallenge,
    createAuthChallenge: testingapp1e98cb604e98cb604CreateAuthChallenge,
    verifyAuthChallengeResponse:
      testingapp1e98cb604e98cb604VerifyAuthChallengeResponse,
    customMessage: testingapp1e98cb604e98cb604CustomMessage,
    preSignUp: testingapp1e98cb604e98cb604PreSignup,
    preTokenGeneration: testingapp1e98cb604e98cb604PreTokenGeneration,
  },

While we don't know if further handling is needed for the other triggers, denylist should be supported.

  1. lambda triggers for dynamodb tables are supported as seen here

  2. cognito lambda triggers should be supported as seen here

@dgandhi62
chore: add testing changes to gen2-migration guide
c886dc3 
1) userAttributes are supported. They can be seen amplify/auth/resource.ts

```typescript
import { defineAuth } from '@aws-amplify/backend';
import { testingapp1e98cb604e98cb604DefineAuthChallenge } from './testingapp1e98cb604e98cb604DefineAuthChallenge/resource';
import { testingapp1e98cb604e98cb604CreateAuthChallenge } from './testingapp1e98cb604e98cb604CreateAuthChallenge/resource';
import { testingapp1e98cb604e98cb604VerifyAuthChallengeResponse } from './testingapp1e98cb604e98cb604VerifyAuthChallengeResponse/resource';
import { testingapp1e98cb604e98cb604CustomMessage } from './testingapp1e98cb604e98cb604CustomMessage/resource';
import { testingapp1e98cb604e98cb604PreSignup } from './testingapp1e98cb604e98cb604PreSignup/resource';
import { testingapp1e98cb604e98cb604PreTokenGeneration } from './testingapp1e98cb604e98cb604PreTokenGeneration/resource';

export const auth = defineAuth({
  loginWith: {
    email: true,
  },
  userAttributes: {
    profilePage: {
      required: true,
      mutable: true,
    },
    address: {
      required: true,
      mutable: true,
    },
    birthdate: {
      required: true,
      mutable: true,
    },
    gender: {
      required: true,
      mutable: true,
    },
    preferredUsername: {
      required: true,
      mutable: true,
    },
    lastUpdateTime: {
      required: true,
      mutable: true,
    },
    website: {
      required: true,
      mutable: true,
    },
    profilePicture: {
      required: true,
      mutable: true,
    },
    phoneNumber: {
      required: true,
      mutable: true,
    },
    timezone: {
      required: true,
      mutable: true,
    },
    locale: {
      required: true,
      mutable: true,
    },
    givenName: {
      required: true,
      mutable: true,
    },
    familyName: {
      required: true,
      mutable: true,
    },
    middleName: {
      required: true,
      mutable: true,
    },
    fullname: {
      required: true,
      mutable: true,
    },
    nickname: {
      required: true,
      mutable: true,
    },
  },
  triggers: {
    defineAuthChallenge: testingapp1e98cb604e98cb604DefineAuthChallenge,
    createAuthChallenge: testingapp1e98cb604e98cb604CreateAuthChallenge,
    verifyAuthChallengeResponse:
      testingapp1e98cb604e98cb604VerifyAuthChallengeResponse,
    customMessage: testingapp1e98cb604e98cb604CustomMessage,
    preSignUp: testingapp1e98cb604e98cb604PreSignup,
    preTokenGeneration: testingapp1e98cb604e98cb604PreTokenGeneration,
  },
  multifactor: {
    mode: 'OFF',
  },
});

```
@dgandhi62 dgandhi62 requested a review from a team as a code owner March 31, 2026 19:27
@dgandhi62 dgandhi62 changed the title chore: add testing changes to gen2-migration guide chore: update gen2-migration guide Mar 31, 2026
@dgandhi62 dgandhi62 marked this pull request as draft April 1, 2026 15:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@dgandhi62