Delete the auth application client by override

[antennix]

Amplify CLI Version

12.3.0

Question

Using "amplify add auth", application clients [xxx__app_client] and [xxx_app_clientWeb] are created.
However, I don't need the xxx__app_client in my project.
To ensure we do not violate internal security rules, I'm thinking of deleting this application client.

I understand that it can be deleted from the management console
but can't it be removed using "amplify override auth"?

The code below did not allow me to delete the unnecessary application client.

export function override(resources: AmplifyAuthCognitoStackTemplate) {

  //fail
  delete resources.userPoolClient

  //fail
  resources.userPoolClient=null;
}

[josefaidt]

Hey @antennix 👋 thanks for raising this! Out of curiosity what are you looking to accomplish or are concerned about from a security standpoint? Please note that once a client is deleted from your Cognito resource you will be unable to recreate the client through Amplify or its overrides

[antennix]

@josefaidt
It might sound excessive when talking about security, but in my company, there are cases where having unnecessary operational resources goes against our rules.
Therefore, I would like to delete anything that's not in use.

I understand the risk that [xxx_app_client] cannot be recreated once deleted.
[xxx_app_clientWeb] needs to be retained.

[josefaidt]

Hey @antennix that is understandable! Unfortunately the user pool clients cannot be removed via an override, and instead it would be suggested to create and maintain the User Pool outside of Amplify and use amplify import auth to use it within your Amplify app

[github-actions]

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.