I'm finding the Amplify SDKs for iOS difficult to work with, likely because we don't seem to fit in with their target audience. Amplify offers mobile developers a BaaS solution, and as such the Amplify SDK is heavily-geared towards this use case. Our team however has dedicated DevOps engineers who use Terraform to provision AWS resources. While their documentation states that it is possible to use the Amplify SDK with pre-existing resources, I'm finding it clunky at best -- having to manually configure the amplifyconfiguration.json file with limited documentation is frustrating, and I've had a lot of difficulty getting the Auth SDK to work with our Cognito setup. That, along with the vendor lock-in, is making me reconsider our decision to integrate the Amplify SDK in our mobile clients.
Which leads me to my question: are there any obvious disadvantages to using open-source client-side libraries to integrate with AWS resources instead of the Amplify SDK? Considering that we don't have any need for the BaaS aspect of Amplify and are only really needing OAuth via Cognito and GraphQL via AppSync, could we get away with using libraries like AppAuth and Apollo to forego Amplify entirely?
There are different components of Amplify although it isn't obvious at first:
You can simply use the client libraries on your own, and call (in the Javascript example; Amplify.configure(). They can be used to do Cognito alone if you wish, (we have done this too, we don't use the cli deploy our front-end).
You don't need to use their REST client either, but you would need to capture the Authentication event and relevant token, and use it appropriately in your requests.
In summary, it sounds like you don't wan to use the whole Amplify platform, simply their client libraries which you can do as you would any other library. Copy their Cognito sign-in example for your framework, and configure Amplify manually instead (user-pool-id, appclient, domain) of using the cli to generate a project and credentials.