The backup json files include the Enabled boolean attribute, but in my experience this value is not utilized during the restore.

As a result, previously disabled, backed-up accounts are no longer disabled after restoring from that backup.

It's easy enough to handle this case outside of this tool, but since I've gotten a lot of mileage out of the tool I would be happy to contribute back if there is interest.

cognito-backup restore-groups us-east-1_B3UTO75S9 --file us-east-1_kFlCR6SN4_groups.json

I've tried group backup and restore,

but it will only transfer the group; instead, I want to transfer every user in the group.

I have a few suggestions for the process of user restoration as, at least as I see it, the current implementation is a bit hard to scale:

• a hardcoded tempPassword is a bit inappropriate, as it gives all users the same temporary password. Following the docs if TemporaryPassword is not provided Cognito will generate one for you and send it to the user on the given email if MessageAction is not set to SUPPRESS
• value of MessageAction should be optional. If set to RESEND Cognito will automatically send a temporary password to the given email address.

I guess the best way to allow the above would be to extend the current cli a bit so more options are dynamic rather that hardcoded.

We currently have multiple profiles in our ~/.aws/crendentials file. Is it possible to include a --profile flag to specify the profile?

If there isn't any major challenges hindering this, I plan on tackling this issue in a PR.

Thanks for the great tool. We backed up from one region and restored to another, however, we were missing user's groups. Any plans on including the user groups in the future?

When I run below command,

cognito-backup backup-users [pool_id] --region [resion]

the backup fails with below message.

Error: connect ETIMEDOUT [IP:port]
at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1163:14)

Are there any settings or options I should do?

Thanks,

We have 3+ AWS accounts and thus utilize the '--profile' CLI option all the time. Can this support be added as a CLI option to your backup script?

https://github.com/mifi/cognito-backup/blob/master/cli.js#L83

  assert(!data.NextToken, 'More than 60 user pools is not yet supported');

I have a strange issue... I've packaged backup-cognito on a docker image. When executing it from my local machine on a 5000 user pools it works 100% of time. But when i execute it on the jenkins node i have on AWS i get a TooManyRequestsException. I tried to change the value of the limiter... nothing change... any clue? How can i get more debug, messages on it?

/usr/local/bin/cognito-backup backup-users eu-west-1_eTHaDFrjR --region eu-west-1
TooManyRequestsException: Rate exceeded
    at Request.extractError (/usr/local/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/protocol/json.js:51:27)
    at Request.callListeners (/usr/local/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/sequential_executor.js:106:20)
    at Request.emit (/usr/local/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
    at Request.emit (/usr/local/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/request.js:683:14)
    at Request.transition (/usr/local/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/request.js:22:10)
    at AcceptorStateMachine.runTo (/usr/local/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/state_machine.js:14:12)
    at /usr/local/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/state_machine.js:26:10
    at Request.<anonymous> (/usr/local/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/request.js:38:9)
    at Request.<anonymous> (/usr/local/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/request.js:685:12)
    at Request.callListeners (/usr/local/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/sequential_executor.js:116:18)
    at Request.emit (/usr/local/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
    at Request.emit (/usr/local/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/request.js:683:14)
    at Request.transition (/usr/local/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/request.js:22:10)
    at AcceptorStateMachine.runTo (/usr/local/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/state_machine.js:14:12)
    at /usr/local/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/state_machine.js:26:10
    at Request.<anonymous> (/usr/local/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/request.js:38:9)

I execute cognito-backup restore-users eu-central-xxxxx Abcd.1234 --region eu-central-1 --file userpool-dev.json and get no result with error code 0. But in the AWS Userpool, there are no users.

I used to be able to dump normally, but since June 14th, 15:01 (UTC), I've got the following error message and the process stops halfway through.

I have two Cognito pools, each in a different AWS account, but I get the same error on both of them.

Do you know what is causing this?

TooManyRequestsException: Too many requests
    at Request.extractError (/home/ec2-user/.asdf/installs/nodejs/17.9.0/.npm/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/protocol/json.js:52:27)
    at Request.callListeners (/home/ec2-user/.asdf/installs/nodejs/17.9.0/.npm/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/sequential_executor.js:106:20)
    at Request.emit (/home/ec2-user/.asdf/installs/nodejs/17.9.0/.npm/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
    at Request.emit (/home/ec2-user/.asdf/installs/nodejs/17.9.0/.npm/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/request.js:686:14)
    at Request.transition (/home/ec2-user/.asdf/installs/nodejs/17.9.0/.npm/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/request.js:22:10)
    at AcceptorStateMachine.runTo (/home/ec2-user/.asdf/installs/nodejs/17.9.0/.npm/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/state_machine.js:14:12)
    at /home/ec2-user/.asdf/installs/nodejs/17.9.0/.npm/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/state_machine.js:26:10
    at Request.<anonymous> (/home/ec2-user/.asdf/installs/nodejs/17.9.0/.npm/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/request.js:38:9)
    at Request.<anonymous> (/home/ec2-user/.asdf/installs/nodejs/17.9.0/.npm/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/request.js:688:12)
    at Request.callListeners (/home/ec2-user/.asdf/installs/nodejs/17.9.0/.npm/lib/node_modules/cognito-backup/node_modules/aws-sdk/lib/sequential_executor.js:116:18)

Since I am trying to import about 500 users, I end up hitting this issue. Any chance that a backoff can be implemented, or any way to batch functions? What I end up with is about 80 users created and unless I delete all users, I cannot re-run this..

I am getting this error while backing up groups
**Command ;- cognito-backup backup-groups eu-west-1_12345 --region us-east-1 --file eu-west-1_12345.json

**error :-
file:///usr/local/lib/node_modules/cognito-backup/cli.js:218
debug('Restored user', response?.User?.Username);
^

SyntaxError: Unexpected token '.'
at Loader.moduleStrategy (internal/modules/esm/translators.js:133:18)
at async link (internal/modules/esm/module_job.js:42:21)

At least I can backup one particular cognito user pool and restore it.

If aws doesn't expose the password, then we can restore the user pool with a default password.

No need full functions that backup all and restore all. Will it be simpler?

cognito-backup restore-groups --user-poo-id --file-name

I tried this command but it will only transfer the only group name instead i want to transfer each user present in the group.

Please help mike finstead.

Hello,

Thanks for creating such a useful tool!

I have a usecase I'd like to implement however I want to start a discussion before I make a pull request.

I need to cross-reference old and new user identities (sub). I'd like the tool to output something like:

User created oldSub":"xxx" newSub: "yyy"

for each restored user.

Now, I understand other people may want different output formats, fields, etc. hence I'd like to introduce templating (most likely with handlebars).

The CLI would work like so:

cognito-backup restore-users pool_id "Abcd.1234" --file users.json --out-template "{{source.Attributes.sub}} {{response.Attributes.sub}}"