Cognito groups- allow admin group to remove a user from a Cognito group

"Developer credentials" simply refers to credentials for programmatic access as this is what allows calling actions in the CLI. In order to allow users in the admin group to call the admin-remove-user-from-group action, they need to be provided with these credentials.

There is information here on how to provide programmatic access: https://docs.aws.amazon.com/general/latest/gr/aws-sec-cred-types.html

For security purposes, you might choose to grant temporary security credentials. This will function the same as long-term security credentials but requires a session token, will expire after a specified interval, and may include principal tags: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html

Visit these links for more information about the admin-remove-user-from-group action: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminRemoveUserFromGroup.html https://awscli.amazonaws.com/v2/documentation/api/latest/reference/cognito-idp/admin-remove-user-from-group.html