We want to realize a multi tenant application where we want to utilize:
- AWS Cognito as our user pool
- AWS DynamoDB for most of our data
As we are following a pooled approach, our DynamoDB data would have the tenantID
as a primary key. Also all users are pooled in one cognito user pool.
Our application also needs to display our users within the application, therefore I need to query the users.
I would like to directly query the AWS Cognito pool and display the all users of a tenant. Therefore I would add an attribute to the cognito users custom:tenantID
.
But there is a problem: Custom attributes are not searchable / filterable, so I cannot do a query based on the tenantID what I would have done with all other data tables.
I thought about "misusing" one of the searchable data fields like family name for the tenant, but that seems to be a bad idea.
I would like to avoid creating a dynamoDB table for the only purpose of linking a user to a tenant. What are the approaches to solving this?