Auth0 seems like the most viable way to have full-fledged user management in AWS without too much hassle. Aside of being paid, it offers many advantages, such as social network logins or handy administration interface.
Authentication as a service. Instead of rolling our own user authentication flow for yet another time, it's better to leave the security concern to a service specialized in this field.
External user authentication and authorization (roles & groups)
User Management and Authentication