I'm putting together a collection of short tutorials in the User Management/Authentication domain, when using AWS serverless. This covers both REST API and graphql endpoints, using AWS's in house Cognito User Pools or other 3rd party services such as Auth0. All of them are currently using serverless framework for deployment, and written in nodeJS, but there will be more suported infrastructure as code frameworks being supported soon (eg. terraform). This collection will be updated continuously to follow the newest best practice. Hopefully it will be helpful to you, and let me know if you have any questions!