TruePrivacy + AWS Cognito
Manage user pool data and deletion for Cognito-based applications.
Overview
AWS Cognito provides user authentication and user pool management for AWS-native applications. TruePrivacy integrates with Cognito via IAM Role to discover user pool data and automate user account deletion for DSR compliance.
For applications built on AWS that use Cognito for authentication, this integration ensures that user identity data stored in Cognito user pools is governed correctly and included in DSR deletion workflows.
What TruePrivacy can do
Data types accessed
- •User pool accounts
- •Email addresses
- •Phone numbers
- •Custom user attributes
- •Group memberships
- •Device records
DSR capabilities
- Delete Cognito user pool accounts
- Export user attributes for access requests
- Remove users from Cognito groups
How it works
- 1
Create an IAM Role for TruePrivacy with Cognito user pool read and optionally delete permissions.
- 2
TruePrivacy discovers users across your Cognito user pools, including profile attributes and group memberships.
- 3
DSR requests are matched against Cognito users by email address or username.
- 4
Deletion requests remove the user from the Cognito user pool via the Admin Delete User API.
Frequently asked questions
TruePrivacy requires cognito-idp:ListUsers, cognito-idp:AdminGetUser for discovery, and cognito-idp:AdminDeleteUser for deletion. All permissions are scoped to specific user pool ARNs for the principle of least privilege.
Yes. Multiple Cognito user pools can be connected to TruePrivacy, and DSR deletion will search across all configured pools for the data subject.
Connect TruePrivacy to AWS Cognito today
Start your free trial and connect AWS Cognito in 10 minutes.