Create a Private Workforce (Amazon Cognito Console) - Amazon SageMaker
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Create a Private Workforce (Amazon Cognito Console)

Amazon Cognito is used to define and manage your private workforce and your work teams. It is a service that you can use to create identities for your workers and authenticate these identities with identity providers.  A private workforce corresponds to a single Amazon Cognito user pool. Private work teams correspond to Amazon Cognito user groups within that user pool. 

Example identity providers supported by Amazon Cognito:

  • Social sign-in providers such as Facebook and Google

  • OpenID Connect (OIDC) providers

  • Security Assertion Markup Language (SAML) providers such as Active Directory

  • The Amazon Cognito built-in identity provider

For more information, see What Is Amazon Cognito?.

To create a private workforce using Amazon Cognito, you must have an existing Amazon Cognito user pool containing at least one user group. See Tutorial: Creating a User Pool to learn how to create a user pool. See Adding Groups to a User Pool to learn how to add a user group to a pool.

Once your user pool has been created, follow the steps below to create a private workforce by importing that user pool into Amazon SageMaker.

To create a private workforce by importing a Amazon Cognito user pool

  1. Open the SageMaker console at https://console.amazonaws.cn/sagemaker/.

  2. In the navigation pane, choose Labeling workforces.

  3. Choose Private.

  4. Choose Create private team. This creates a private workforce and a work team.

  5. Choose Import workers from existing Amazon Cognito user groups.

  6. Choose a user pool that you have created. User pools require a domain and an existing user group. If you get an error that the domain is missing, set it in the Domain name options on the App integration page of the Amazon Cognito console for your group.

  7. Choose an app client. We recommend using a client generated by SageMaker.

  8. Choose a user group from your pool to import its members.

  9. Optionally choose an Amazon Simple Notification Service (Amazon SNS) topic to which to subscribe the team so that workers are notified by email when new labeling jobs become available. Amazon SNS notifications are supported by Ground Truth and are not supported by Augmented AI. If you subscribe workers to receive SNS notifications, they only receive notifications about Ground Truth labeling jobs. They do not receive notifications about Augmented AI tasks.

  10. Choose Create private team.

Important

After you create a workforce using an Amazon Cognito user pool, it should not be deleted without first deleting all work teams associated with that pool in the SageMaker console. 

After you import your private workforce, refresh the page to see the Private workforce summary page. On this page, you can see information about the Amazon Cognito user pool for your workforce, a list of work teams for your workforce, and a list of all of the members of your private workforce. This workforce is now available to use in both Amazon Augmented AI and Amazon SageMaker Ground Truth for human review tasks and data labeling jobs respectively.