I'm a little confused as to what the point of cognito is. Wouldn't users typically be managed by the application and data regarding the users typically be stored in the db? Why do we need another service for this?
In a microservice architecture, there's usually a users/authorization service. It makes it easier to have multiple services serve a single user pool. If you only have one public service then there's probably no point in having a separate service for users/authorization.
