1 個回答
- 最新
- 最多得票
- 最多評論
1
According to https://docs.aws.amazon.com/cognito/latest/developerguide/quotas.html
A user is counted as a MAU if, within a calendar month, there is an identity operation related to that user. The activities that make a user active include the following.
Sign-up or administrative creation of a user Sign-in User account confirmation or attribute verification Password reset Change user attributes, group membership, or MFA preferences Query detailed attributes of a user User activation, deactivation or deletion
So in your case even if unconfirmed, if that user executed any of the above, it will be counted
相關內容
AWS 官方已更新 2 年前- AWS 官方已更新 1 年前
- AWS 官方已更新 1 年前
Hi, Thank you for your reply. So I think an unconfirmed user will be regarded as a MAU because he executed the signup operation.
According to the graph in https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html If a user signs up in my user pool's client app, there will become an unconfirmed state record in my cognito user pool even if they have not verified via phone or email. In my opinion, this mechanism will make SMS verification meaningless, as A hacker can easily infiltrate your user pool by adding an unconfirmed user, resulting in significant financial loss.
To address this concern, enable WAF for User Pools: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-waf.html for better protection.
Hi Ibrahim, Thank you for your reply. My website currently has users under 50000, which is in the range of AWS Free tier. So I want to move the user table from my RDS to Cognito to lighten the burden of the database. If I enable WAF for user pools, it seems I need to pay for WAF and this betrays my original intention. The price for WAF can used for a better RDS instance. But anyway, thank you very much for giving me advice. Maybe Cognito is not suitable for my website. I will try to find another way to improve the performance.