diff --git a/packages/amplify-category-auth/amplify-plugin.json b/packages/amplify-category-auth/amplify-plugin.json
index 4c1f7e5a6ec..3e7a1706ed9 100644
--- a/packages/amplify-category-auth/amplify-plugin.json
+++ b/packages/amplify-category-auth/amplify-plugin.json
@@ -1,6 +1,18 @@
 {
   "name": "auth",
   "type": "category",
-  "commands": ["add", "console", "enable", "import", "push", "remove", "update", "help", "override"],
-  "eventHandlers": []
-}
+  "commands": [
+    "add",
+    "console",
+    "enable",
+    "import",
+    "push",
+    "remove",
+    "update",
+    "help",
+    "override"
+  ],
+  "eventHandlers": [
+    "PrePush"
+  ]
+}
\ No newline at end of file
diff --git a/packages/amplify-category-auth/src/__tests__/commands/import.headless.test.ts b/packages/amplify-category-auth/src/__tests__/commands/import.headless.test.ts
index c8de199a2b2..d57f86e10cb 100644
--- a/packages/amplify-category-auth/src/__tests__/commands/import.headless.test.ts
+++ b/packages/amplify-category-auth/src/__tests__/commands/import.headless.test.ts
@@ -1,8 +1,8 @@
-import { executeAmplifyHeadlessCommand } from '../../../src';
 import { ImportAuthRequest } from 'amplify-headless-interface';
-import { messages } from '../../provider-utils/awscloudformation/assets/string-maps';
 import { printer } from 'amplify-prompts';
 import { stateManager } from 'amplify-cli-core';
+import { messages } from '../../provider-utils/awscloudformation/assets/string-maps';
+import { executeAmplifyHeadlessCommand } from '../..';
 
 jest.mock('amplify-prompts', () => ({
   printer: {
@@ -137,9 +137,9 @@ describe('import auth headless', () => {
       input: {
         command: 'import',
       },
-      usageData : {
-        pushHeadlessFlow : jest.fn()
-      }
+      usageData: {
+        pushHeadlessFlow: jest.fn(),
+      },
     };
   });
 
@@ -189,7 +189,7 @@ describe('import auth headless', () => {
     await executeAmplifyHeadlessCommand(mockContext, headlessPayloadString);
 
     expect(printer.warn).toBeCalledWith(
-      "Auth has already been imported to this project and cannot be modified from the CLI. To modify, run \"amplify remove auth\" to un-link the imported auth resource. Then run \"amplify import auth\".",
+      'Auth has already been imported to this project and cannot be modified from the CLI. To modify, run "amplify remove auth" to un-link the imported auth resource. Then run "amplify import auth".',
     );
   });
 
@@ -209,11 +209,11 @@ describe('import auth headless', () => {
 
       fail('should throw error');
     } catch (e) {
-      expect(e.message).toBe(`The previously configured Cognito User Pool: '' (user-pool-123) cannot be found.`);
+      expect(e.message).toBe('The previously configured Cognito User Pool: \'\' (user-pool-123) cannot be found.');
     }
   });
 
-  it('should throw web clients not found exception ', async () => {
+  it('should throw web clients not found exception', async () => {
     stateManager_mock.getMeta = jest.fn().mockReturnValue({
       providers: {
         awscloudformation: {},
@@ -239,7 +239,7 @@ describe('import auth headless', () => {
         awscloudformation: {},
       },
     });
-    const INVALID_USER_POOL_ID = USER_POOL_ID + '-invalid';
+    const INVALID_USER_POOL_ID = `${USER_POOL_ID}-invalid`;
     const invalidHeadlessPayload = {
       ...headlessPayload,
       userPoolId: INVALID_USER_POOL_ID,
diff --git a/packages/amplify-category-auth/src/__tests__/provider-utils/awscloudformation/auth-stack-builder/__snapshots__/auth-stack-transform.test.ts.snap b/packages/amplify-category-auth/src/__tests__/provider-utils/awscloudformation/auth-stack-builder/__snapshots__/auth-stack-transform.test.ts.snap
index 1d850f531c2..266005379a8 100644
--- a/packages/amplify-category-auth/src/__tests__/provider-utils/awscloudformation/auth-stack-builder/__snapshots__/auth-stack-transform.test.ts.snap
+++ b/packages/amplify-category-auth/src/__tests__/provider-utils/awscloudformation/auth-stack-builder/__snapshots__/auth-stack-transform.test.ts.snap
@@ -1344,7 +1344,7 @@ const updateIdentityProvider = async (providerName, userPoolId, hostedUIProvider
     "HostedUIProvidersCustomResourceInputs": Object {
       "DeletionPolicy": "Delete",
       "DependsOn": Array [
-        "HostedUIProvidersCustomResourceLogPolicy",
+        "hostedUIProvidersCustomResourceSecretPolicy",
       ],
       "Properties": Object {
         "ServiceToken": Object {
diff --git a/packages/amplify-category-auth/src/provider-utils/awscloudformation/auth-secret-manager/auth-secret-manager.ts b/packages/amplify-category-auth/src/provider-utils/awscloudformation/auth-secret-manager/auth-secret-manager.ts
index d31c1ee05ee..9cf40a25e75 100644
--- a/packages/amplify-category-auth/src/provider-utils/awscloudformation/auth-secret-manager/auth-secret-manager.ts
+++ b/packages/amplify-category-auth/src/provider-utils/awscloudformation/auth-secret-manager/auth-secret-manager.ts
@@ -1,6 +1,6 @@
-import { $TSContext, spinner, stateManager } from 'amplify-cli-core';
+import { $TSContext, stateManager } from 'amplify-cli-core';
 import aws from 'aws-sdk';
-import { getFullyQualifiedSecretName, oauthObjSecretKey } from './secret-name';
+import { getFullyQualifiedSecretName, oAuthObjSecretKey } from './secret-name';
 
 /**
  * Manages the state of OAuth secrets in AWS ParameterStore
@@ -24,7 +24,7 @@ export class OAuthSecretsStateManager {
  */
   setOAuthSecrets = async (hostedUISecretObj: string, resourceName: string): Promise<void> => {
     const { envName } = stateManager.getLocalEnvInfo();
-    const secretName = getFullyQualifiedSecretName(oauthObjSecretKey, resourceName, envName);
+    const secretName = getFullyQualifiedSecretName(oAuthObjSecretKey, resourceName, envName);
     const secretValue = hostedUISecretObj;
     await this.ssmClient
       .putParameter({
@@ -40,7 +40,7 @@ export class OAuthSecretsStateManager {
    */
   getOAuthSecrets = async (resourceName: string): Promise<string | undefined> => {
     const { envName } = stateManager.getLocalEnvInfo();
-    const secretName = getFullyQualifiedSecretName(oauthObjSecretKey, resourceName, envName);
+    const secretName = getFullyQualifiedSecretName(oAuthObjSecretKey, resourceName, envName);
     let secretValue;
     try {
       const parameter = await this.ssmClient
diff --git a/packages/amplify-category-auth/src/provider-utils/awscloudformation/auth-secret-manager/secret-name.ts b/packages/amplify-category-auth/src/provider-utils/awscloudformation/auth-secret-manager/secret-name.ts
index edcdc25ef6e..8a98b579992 100644
--- a/packages/amplify-category-auth/src/provider-utils/awscloudformation/auth-secret-manager/secret-name.ts
+++ b/packages/amplify-category-auth/src/provider-utils/awscloudformation/auth-secret-manager/secret-name.ts
@@ -3,7 +3,7 @@ import * as path from 'path';
 import { getAppId } from '../utils/get-app-id';
 
 export const oAuthSecretsPathAmplifyAppIdKey = 'oAuthSecretsPathAmplifyAppId';
-export const oauthObjSecretKey = 'hostedUIProviderCreds';
+export const oAuthObjSecretKey = 'hostedUIProviderCreds';
 
 /**
   * Returns the full name of the SSM parameter for secretName in resourceName in envName.
diff --git a/packages/amplify-category-auth/src/provider-utils/awscloudformation/auth-secret-manager/sync-oauth-secrets.ts b/packages/amplify-category-auth/src/provider-utils/awscloudformation/auth-secret-manager/sync-oauth-secrets.ts
index 223ed9b50fb..448ccc0e4be 100644
--- a/packages/amplify-category-auth/src/provider-utils/awscloudformation/auth-secret-manager/sync-oauth-secrets.ts
+++ b/packages/amplify-category-auth/src/provider-utils/awscloudformation/auth-secret-manager/sync-oauth-secrets.ts
@@ -22,7 +22,7 @@ export const syncOAuthSecretsToCloud = async (context: $TSContext, authResourceN
     const authCliInputs = cliState.getCLIInputPayload();
     const oAuthSecretsStateManager = await OAuthSecretsStateManager.getInstance(context);
     const authProviders = authCliInputs.cognitoConfig.authProvidersUserPool;
-    const { hostedUI } = authCliInputs.cognitoConfig;
+    const { hostedUI, userPoolName } = authCliInputs.cognitoConfig;
     if (!_.isEmpty(authProviders) && hostedUI) {
       if (!_.isEmpty(secrets)) {
         oAuthSecrets = secrets?.hostedUIProviderCreds;
@@ -34,7 +34,7 @@ export const syncOAuthSecretsToCloud = async (context: $TSContext, authResourceN
         // eslint-disable-next-line max-depth
         if (_.isEmpty(oAuthSecrets)) {
           // data is present in deployent secrets , which can be fetched from cognito
-          oAuthSecrets = await getOAuthObjectFromCognito(context, authResourceName);
+          oAuthSecrets = await getOAuthObjectFromCognito(context, userPoolName!);
           await oAuthSecretsStateManager.setOAuthSecrets(oAuthSecrets, authResourceName);
         }
       }
diff --git a/packages/amplify-category-auth/src/provider-utils/awscloudformation/auth-secret-manager/tpi-utils.ts b/packages/amplify-category-auth/src/provider-utils/awscloudformation/auth-secret-manager/tpi-utils.ts
index 905e7ed0d95..9a6a20f7c20 100644
--- a/packages/amplify-category-auth/src/provider-utils/awscloudformation/auth-secret-manager/tpi-utils.ts
+++ b/packages/amplify-category-auth/src/provider-utils/awscloudformation/auth-secret-manager/tpi-utils.ts
@@ -18,7 +18,7 @@ export const setAppIdForFunctionInTeamProvider = (authResourceName: string): voi
 };
 
 /**
- * remove app id in tea provider info
+ * remove app id in team provider info
  */
 export const removeAppIdForFunctionInTeamProvider = (authResourceName: string): void => {
   const tpi = stateManager.getTeamProviderInfo(undefined, { throwIfNotExist: false, default: {} });
diff --git a/packages/amplify-category-auth/src/provider-utils/awscloudformation/auth-stack-builder/auth-cognito-stack-builder.ts b/packages/amplify-category-auth/src/provider-utils/awscloudformation/auth-stack-builder/auth-cognito-stack-builder.ts
index b0d677ebbb3..a259a17c633 100644
--- a/packages/amplify-category-auth/src/provider-utils/awscloudformation/auth-stack-builder/auth-cognito-stack-builder.ts
+++ b/packages/amplify-category-auth/src/provider-utils/awscloudformation/auth-stack-builder/auth-cognito-stack-builder.ts
@@ -1,11 +1,15 @@
+/* eslint-disable import/no-extraneous-dependencies */
 import * as cdk from '@aws-cdk/core';
 import * as s3 from '@aws-cdk/aws-s3';
 import * as iam from '@aws-cdk/aws-iam';
 import * as cognito from '@aws-cdk/aws-cognito';
 import * as lambda from '@aws-cdk/aws-lambda';
 import { AmplifyAuthCognitoStackTemplate } from '@aws-amplify/cli-extensibility-helper';
-import { CognitoStackOptions } from '../service-walkthrough-types/cognito-user-input-types';
 import _ from 'lodash';
+import * as fs from 'fs-extra';
+import { $TSAny, AmplifyStackTemplate } from 'amplify-cli-core';
+import * as path from 'path';
+import { AttributeType } from '../service-walkthrough-types/awsCognito-user-input-types';
 import {
   hostedUILambdaFilePath,
   hostedUIProviderLambdaFilePath,
@@ -14,11 +18,9 @@ import {
   openIdLambdaFilePath,
   userPoolClientLambdaFilePath,
 } from '../constants';
-import * as fs from 'fs-extra';
-import { AmplifyStackTemplate } from 'amplify-cli-core';
-import { AttributeType } from '../service-walkthrough-types/awsCognito-user-input-types';
-import * as path from 'path';
-import { oauthObjSecretKey, oAuthSecretsPathAmplifyAppIdKey } from '../auth-secret-manager/secret-name';
+import { CognitoStackOptions } from '../service-walkthrough-types/cognito-user-input-types';
+import { oAuthObjSecretKey, oAuthSecretsPathAmplifyAppIdKey } from '../auth-secret-manager/secret-name';
+
 const CFN_TEMPLATE_FORMAT_VERSION = '2010-09-09';
 const ROOT_CFN_DESCRIPTION = 'Amplify Cognito Stack for AWS Amplify CLI';
 
@@ -38,13 +40,20 @@ const authProvidersList: Record<string, string> = {
   'graph.facebook.com': 'facebookAppId',
   'accounts.google.com': 'googleClientId',
   'www.amazon.com': 'amazonAppId',
+  // eslint-disable-next-line spellcheck/spell-checker
   'appleid.apple.com': 'appleAppId',
 };
 
+/**
+ * Props for Auth Stack Transform class
+ */
 export type AmplifyAuthCognitoStackProps = {
   synthesizer: cdk.IStackSynthesizer;
 };
 
+/**
+ * AmplifyAuthCognitoStack class
+ */
 export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCognitoStackTemplate, AmplifyStackTemplate {
   private _scope: cdk.Construct;
   private _cfnParameterMap: Map<string, cdk.CfnParameter> = new Map();
@@ -83,14 +92,14 @@ export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCog
   oAuthCustomResourcePolicy?: iam.CfnPolicy;
   oAuthCustomResourceLogPolicy?: iam.CfnPolicy;
   oAuthCustomResourceInputs?: cdk.CustomResource;
-  //custom resource MFA
+  // custom resource MFA
   mfaLambda?: lambda.CfnFunction;
   mfaLogPolicy?: iam.CfnPolicy;
   mfaLambdaPolicy?: iam.CfnPolicy;
   mfaLambdaInputs?: cdk.CustomResource;
   mfaLambdaRole?: iam.CfnRole;
 
-  //custom resource identity pool - OPenId Lambda Role
+  // custom resource identity pool - OPenId Lambda Role
   openIdLambda?: lambda.CfnFunction;
   openIdLogPolicy?: iam.CfnPolicy;
   openIdLambdaIAMPolicy?: iam.CfnPolicy;
@@ -105,6 +114,10 @@ export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCog
     this.lambdaConfigPermissions = {};
     this.lambdaTriggerPermissions = {};
   }
+
+  /**
+   * adds a cfn resource to auth stack
+   */
   addCfnResource(props: cdk.CfnResourceProps, logicalId: string): void {
     if (!this._cfnResourceMap.has(logicalId)) {
       this._cfnResourceMap.set(logicalId, new cdk.CfnResource(this, logicalId, props));
@@ -112,25 +125,29 @@ export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCog
       throw new Error(`Cfn Resource with LogicalId ${logicalId} already exists`);
     }
   }
+
+  /**
+   * get cfn output
+   */
   getCfnOutput(logicalId: string): cdk.CfnOutput {
     if (this._cfnOutputMap.has(logicalId)) {
       return this._cfnOutputMap.get(logicalId)!;
-    } else {
-      throw new Error(`Cfn Output with LogicalId ${logicalId} doesnt exist`);
     }
+    throw new Error(`Cfn Output with LogicalId ${logicalId} doesn't exist`);
   }
+
+  /**
+   * get cfn mapping
+   */
   getCfnMapping(logicalId: string): cdk.CfnMapping {
     if (this._cfnMappingMap.has(logicalId)) {
       return this._cfnMappingMap.get(logicalId)!;
-    } else {
-      throw new Error(`Cfn Mapping with LogicalId ${logicalId} doesnt exist`);
     }
+    throw new Error(`Cfn Mapping with LogicalId ${logicalId} doesn't exist`);
   }
 
   /**
-   *
-   * @param props :cdk.CfnOutputProps
-   * @param logicalId: : lodicalId of the Resource
+   * add cfn output to stack
    */
   addCfnOutput(props: cdk.CfnOutputProps, logicalId: string): void {
     if (!this._cfnOutputMap.has(logicalId)) {
@@ -141,9 +158,7 @@ export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCog
   }
 
   /**
-   *
-   * @param props
-   * @param logicalId
+   * adds cfn mapping to auth stack
    */
   addCfnMapping(props: cdk.CfnMappingProps, logicalId: string): void {
     if (!this._cfnMappingMap.has(logicalId)) {
@@ -154,9 +169,7 @@ export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCog
   }
 
   /**
-   *
-   * @param props
-   * @param logicalId
+   * adds cfn condition to auth stack
    */
   addCfnCondition(props: cdk.CfnConditionProps, logicalId: string): void {
     if (!this._cfnConditionMap.has(logicalId)) {
@@ -167,9 +180,7 @@ export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCog
   }
 
   /**
-   *
-   * @param props
-   * @param logicalId
+   * adds cfn parameter to auth stack
    */
   addCfnParameter(props: cdk.CfnParameterProps, logicalId: string): void {
     if (!this._cfnParameterMap.has(logicalId)) {
@@ -179,33 +190,36 @@ export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCog
     }
   }
 
+  /**
+   * return cfn parameter in stack
+   */
   getCfnParameter(logicalId: string): cdk.CfnParameter {
     if (this._cfnParameterMap.has(logicalId)) {
       return this._cfnParameterMap.get(logicalId)!;
-    } else {
-      throw new Error(`Cfn Parameter with LogicalId ${logicalId} doesnt exist`);
     }
+    throw new Error(`Cfn Parameter with LogicalId ${logicalId} doesn't exist`);
   }
 
+  /**
+   * return cfn condition in stack
+   */
   getCfnCondition(logicalId: string): cdk.CfnCondition {
     if (this._cfnConditionMap.has(logicalId)) {
       return this._cfnConditionMap.get(logicalId)!;
-    } else {
-      throw new Error(`Cfn Condition with LogicalId ${logicalId} doesnt exist`);
     }
+    throw new Error(`Cfn Condition with LogicalId ${logicalId} doesn't exist`);
   }
 
-  generateCognitoStackResources = async (props: CognitoStackOptions) => {
+  generateCognitoStackResources = async (props: CognitoStackOptions): Promise<void> => {
     const autoVerifiedAttributes = props.autoVerifiedAttributes
       ? props.autoVerifiedAttributes
-          .concat(props.aliasAttributes ? props.aliasAttributes : [])
-          .filter((attr, i, aliasAttributeArray) => ['email', 'phone_number'].includes(attr) && aliasAttributeArray.indexOf(attr) === i)
+        .concat(props.aliasAttributes ? props.aliasAttributes : [])
+        .filter((attr, i, aliasAttributeArray) => ['email', 'phone_number'].includes(attr) && aliasAttributeArray.indexOf(attr) === i)
       : [];
-    const configureSMS =
-      (props.autoVerifiedAttributes && props.autoVerifiedAttributes.includes('phone_number')) ||
-      (props.mfaConfiguration != 'OFF' && props.mfaTypes && props.mfaTypes.includes('SMS Text Message')) ||
-      (props.requiredAttributes && props.requiredAttributes.includes('phone_number')) ||
-      (props.usernameAttributes && props.usernameAttributes.includes(AttributeType.PHONE_NUMBER));
+    const configureSMS = (props.autoVerifiedAttributes && props.autoVerifiedAttributes.includes('phone_number'))
+      || (props.mfaConfiguration != 'OFF' && props.mfaTypes && props.mfaTypes.includes('SMS Text Message'))
+      || (props.requiredAttributes && props.requiredAttributes.includes('phone_number'))
+      || (props.usernameAttributes && props.usernameAttributes.includes(AttributeType.PHONE_NUMBER));
 
     if (props.verificationBucketName) {
       this.customMessageConfirmationBucket = new s3.CfnBucket(this, 'CustomMessageConfirmationBucket', {
@@ -303,7 +317,7 @@ export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCog
       }
 
       if (props.requiredAttributes && props.requiredAttributes.length > 0) {
-        let schemaAttributes: cognito.CfnUserPool.SchemaAttributeProperty[] = [];
+        const schemaAttributes: cognito.CfnUserPool.SchemaAttributeProperty[] = [];
         props.requiredAttributes.forEach(attr => {
           schemaAttributes.push({
             name: attr,
@@ -381,7 +395,7 @@ export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCog
         this.userPool.emailVerificationSubject = cdk.Fn.ref('emailVerificationSubject');
       }
 
-      //TODO: change this
+      // TODO: change this
       if (props.usernameAttributes && (props.usernameAttributes[0] as string) !== 'username') {
         this.userPool.usernameAttributes = cdk.Fn.ref('usernameAttributes') as unknown as string[];
       }
@@ -413,6 +427,7 @@ export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCog
         this.userPool.addDependsOn(this.snsRole!);
       }
 
+      // eslint-disable-next-line spellcheck/spell-checker
       // updating Lambda Config when FF is (breakcirculardependency : false)
 
       if (!props.breakCircularDependency && props.triggers && props.dependsOn) {
@@ -429,7 +444,7 @@ export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCog
             }
           });
         });
-        //Updating lambda role with permissions to Cognito
+        // Updating lambda role with permissions to Cognito
         if (!_.isEmpty(props.permissions)) {
           this.generateIAMPolicies(props);
         }
@@ -466,7 +481,7 @@ export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCog
         this.createHostedUICustomResource();
       }
       if (props.hostedUIProviderMeta) {
-        this.createHostedUIProviderCustomResource(props.resourceName);
+        this.createHostedUIProviderCustomResource();
       }
       if (props.oAuthMetadata) {
         this.createOAuthCustomResource();
@@ -509,19 +524,19 @@ export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCog
       }
 
       if (
-        props.authProviders &&
-        !_.isEmpty(props.authProviders) &&
-        !(Object.keys(props.authProviders).length === 1 && props.authProviders[0] === 'accounts.google.com' && props.audiences)
+        props.authProviders
+        && !_.isEmpty(props.authProviders)
+        && !(Object.keys(props.authProviders).length === 1 && props.authProviders[0] === 'accounts.google.com' && props.audiences)
       ) {
         this.identityPool.supportedLoginProviders = cdk.Lazy.anyValue({
           produce: () => {
-            let supprtedProvider: any = {};
+            const supportedProvider: $TSAny = {};
             props.authProviders?.forEach(provider => {
               if (Object.keys(authProvidersList).includes(provider)) {
-                supprtedProvider[provider] = cdk.Fn.ref(authProvidersList[provider]);
+                supportedProvider[provider] = cdk.Fn.ref(authProvidersList[provider]);
               }
             });
-            return supprtedProvider;
+            return supportedProvider;
           },
         });
       }
@@ -550,15 +565,15 @@ export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCog
 
   // add Function for Custom Resource in Root stack
   /**
-   *
-   * @param _
-   * @returns
+   * render cfn template for given synthesizer
    */
-  public renderCloudFormationTemplate = (_: cdk.ISynthesisSession): string => {
-    return JSON.stringify(this._toCloudFormation(), undefined, 2);
-  };
+  // eslint-disable-next-line @typescript-eslint/no-shadow
+  public renderCloudFormationTemplate = (_: cdk.ISynthesisSession): string => JSON.stringify(this._toCloudFormation(), undefined, 2);
 
-  createUserPoolClientCustomResource(props: CognitoStackOptions) {
+  /**
+   * creates userPool client custom resource
+   */
+  createUserPoolClientCustomResource(props: CognitoStackOptions): void {
     // iam role
     this.userPoolClientRole = new iam.CfnRole(this, 'UserPoolClientRole', {
       roleName: cdk.Fn.conditionIf(
@@ -606,6 +621,7 @@ export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCog
         # Marked as depending on UserPoolClientRole for easier to understand CFN sequencing
      */
     this.userPoolClientLambdaPolicy = new iam.CfnPolicy(this, 'UserPoolClientLambdaPolicy', {
+      // eslint-disable-next-line spellcheck/spell-checker
       policyName: `${props.resourceNameTruncated}_userpoolclient_lambda_iam_policy`,
       policyDocument: {
         Version: '2012-10-17',
@@ -624,6 +640,7 @@ export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCog
     // userPool Client Log policy
 
     this.userPoolClientLogPolicy = new iam.CfnPolicy(this, 'UserPoolClientLogPolicy', {
+      // eslint-disable-next-line spellcheck/spell-checker
       policyName: `${props.resourceNameTruncated}_userpoolclient_lambda_log_policy`,
       policyDocument: {
         Version: '2012-10-17',
@@ -655,7 +672,10 @@ export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCog
     this.userPoolClientInputs.node.addDependency(this.userPoolClientLogPolicy);
   }
 
-  createHostedUICustomResource() {
+  /**
+   * creates hostedUI custom resource
+   */
+  createHostedUICustomResource(): void {
     // lambda function
     this.hostedUICustomResource = new lambda.CfnFunction(this, 'HostedUICustomResource', {
       code: {
@@ -733,7 +753,10 @@ export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCog
     this.hostedUICustomResourceInputs.node.addDependency(this.hostedUICustomResourceLogPolicy);
   }
 
-  createHostedUIProviderCustomResource(authResourceName: string) {
+  /**
+   * creates hostedUIProviders custom resource
+   */
+  createHostedUIProviderCustomResource(): void {
     // lambda function
     this.hostedUIProvidersCustomResource = new lambda.CfnFunction(this, 'HostedUIProvidersCustomResource', {
       code: {
@@ -743,18 +766,18 @@ export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCog
       role: cdk.Fn.getAtt('UserPoolClientRole', 'Arn').toString(),
       runtime: 'nodejs14.x',
       timeout: 300,
-      environment:{
-        variables:{
-          hostedUIProviderCreds:cdk.Fn.join('', [
-            cdk.Fn.sub(path.posix.join('/amplify', '${appId}', '${env}', 'AMPLIFY_${resourceName}_'),{
+      environment: {
+        variables: {
+          hostedUIProviderCreds: cdk.Fn.join('', [
+            cdk.Fn.sub(path.posix.join('/amplify', '${appId}', '${env}', 'AMPLIFY_${resourceName}_'), {
               appId: cdk.Fn.ref(`${oAuthSecretsPathAmplifyAppIdKey}`),
               env: cdk.Fn.ref('env'),
               resourceName: cdk.Fn.ref('resourceName'),
             }),
-            `${oauthObjSecretKey}`,
+            `${oAuthObjSecretKey}`,
           ]),
-        }
-      }
+        },
+      },
     });
     this.hostedUIProvidersCustomResource.addDependsOn(this.userPoolClientRole!);
 
@@ -813,9 +836,9 @@ export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCog
 
     this.hostedUIProvidersCustomResourceLogPolicy.addDependsOn(this.hostedUIProvidersCustomResourcePolicy);
 
-    // iam policy for hostedUIProvider Lambda Functio to get/put OAuth secrets
+    // iam policy for hostedUIProvider Lambda Function to get OAuth secrets
 
-    this.hostedUIProviderCustomResourceSecretsPolicy= new iam.CfnPolicy(this, 'hostedUIProvidersCustomResourceSecretPolicy', {
+    this.hostedUIProviderCustomResourceSecretsPolicy = new iam.CfnPolicy(this, 'hostedUIProvidersCustomResourceSecretPolicy', {
       policyName: cdk.Fn.join('-', [cdk.Fn.ref('UserPool'), 'hostedUIProvidersCustomResourceSecretPolicy']),
       policyDocument: {
         Version: '2012-10-17',
@@ -829,12 +852,12 @@ export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCog
               ':',
               cdk.Fn.ref('AWS::AccountId'),
               ':parameter',
-              cdk.Fn.sub(path.posix.join('/amplify', '${appId}', '${env}', 'AMPLIFY_${resourceName}_'),{
+              cdk.Fn.sub(path.posix.join('/amplify', '${appId}', '${env}', 'AMPLIFY_${resourceName}_'), {
                 appId: cdk.Fn.ref(`${oAuthSecretsPathAmplifyAppIdKey}`),
                 env: cdk.Fn.ref('env'), // this is dependent on the Amplify env name being a parameter to the CFN template which should always be the case
                 resourceName: cdk.Fn.ref('resourceName'),
               }),
-              `${oauthObjSecretKey}`,
+              `${oAuthObjSecretKey}`,
             ]),
           },
         ],
@@ -853,10 +876,13 @@ export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCog
         userPoolId: cdk.Fn.ref('UserPool'),
       },
     });
-    this.hostedUIProvidersCustomResourceInputs.node.addDependency(this.hostedUIProvidersCustomResourceLogPolicy);
+    this.hostedUIProvidersCustomResourceInputs.node.addDependency(this.hostedUIProviderCustomResourceSecretsPolicy);
   }
 
-  createOAuthCustomResource() {
+  /**
+   * creates OAuth custom resource
+   */
+  createOAuthCustomResource(): void {
     // lambda function
     this.oAuthCustomResource = new lambda.CfnFunction(this, 'OAuthCustomResource', {
       code: {
@@ -930,7 +956,10 @@ export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCog
     this.oAuthCustomResourceInputs.node.addDependency(this.oAuthCustomResourceLogPolicy);
   }
 
-  createMFACustomResource(props: CognitoStackOptions) {
+  /**
+   * creates MFA custom resource
+   */
+  createMFACustomResource(props: CognitoStackOptions): void {
     // iam role
     this.mfaLambdaRole = new iam.CfnRole(this, 'MFALambdaRole', {
       roleName: cdk.Fn.conditionIf(
@@ -1078,7 +1107,10 @@ export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCog
     this.mfaLambdaInputs.node.addDependency(this.mfaLogPolicy);
   }
 
-  createOpenIdLambdaCustomResource(props: CognitoStackOptions) {
+  /**
+   * creates OpenIDLambda custom resource
+   */
+  createOpenIdLambdaCustomResource(props: CognitoStackOptions): void {
     // iam role
     /**
       # Created to execute Lambda which sets MFA config values
@@ -1122,7 +1154,7 @@ export class AmplifyAuthCognitoStack extends cdk.Stack implements AmplifyAuthCog
         },
       ],
     });
-    //TODO
+    // TODO
     this.openIdLambdaRole!.node.addDependency(this.userPoolClientInputs!.node!.defaultChild!);
     // lambda function
     /**
diff --git a/packages/amplify-category-auth/src/provider-utils/awscloudformation/auth-stack-builder/auth-stack-transform.ts b/packages/amplify-category-auth/src/provider-utils/awscloudformation/auth-stack-builder/auth-stack-transform.ts
index 2d5f532a0e5..2891ce15532 100644
--- a/packages/amplify-category-auth/src/provider-utils/awscloudformation/auth-stack-builder/auth-stack-transform.ts
+++ b/packages/amplify-category-auth/src/provider-utils/awscloudformation/auth-stack-builder/auth-stack-transform.ts
@@ -1,5 +1,5 @@
+/* eslint-disable import/no-extraneous-dependencies */
 /* eslint-disable max-lines-per-function */
-/* eslint-disable spellcheck/spell-checker */
 import {
   AmplifyCategories,
   AmplifySupportedService,
@@ -50,6 +50,7 @@ export class AmplifyAuthTransform extends AmplifyCategoryTransform {
     this._app = new cdk.App();
     this._category = AmplifyCategories.AUTH;
     this._service = AmplifySupportedService.COGNITO;
+    // eslint-disable-next-line spellcheck/spell-checker
     this._authTemplateObj = new AmplifyAuthCognitoStack(this._app, 'AmplifyAuthCongitoStack', { synthesizer: this._synthesizer });
   }
 
@@ -86,8 +87,8 @@ export class AmplifyAuthTransform extends AmplifyCategoryTransform {
     // save stack and parameters.json
     if (template) {
       await this.saveBuildFiles(context, template);
-      return template;
     }
+    return template;
   }
 
   /**
@@ -162,7 +163,9 @@ export class AmplifyAuthTransform extends AmplifyCategoryTransform {
     let cognitoStackProps : CognitoStackOptions = {
       ...this._cliInputs.cognitoConfig,
       ...roles,
+      // eslint-disable-next-line spellcheck/spell-checker
       breakCircularDependency: FeatureFlags.getBoolean('auth.breakcirculardependency'),
+      // eslint-disable-next-line spellcheck/spell-checker
       useEnabledMfas: FeatureFlags.getBoolean('auth.useenabledmfas'),
       dependsOn: [],
     };
@@ -171,9 +174,9 @@ export class AmplifyAuthTransform extends AmplifyCategoryTransform {
     }
 
     // get env secrets
-    const teamProviderobj = context.amplify.loadEnvResourceParameters(context, this._category, this.resourceName);
-    if (!_.isEmpty(teamProviderobj)) {
-      cognitoStackProps = Object.assign(cognitoStackProps, teamProviderobj);
+    const tpiInfo = context.amplify.loadEnvResourceParameters(context, this._category, this.resourceName);
+    if (!_.isEmpty(tpiInfo)) {
+      cognitoStackProps = Object.assign(cognitoStackProps, tpiInfo);
     }
     // determine permissions needed for each trigger module
     if (!_.isEmpty(this._cliInputs.cognitoConfig.triggers)) {
@@ -208,17 +211,18 @@ export class AmplifyAuthTransform extends AmplifyCategoryTransform {
   };
 
   /**
-   * returns CFN templates sunthesized by app
+   * returns CFN templates synthesized by app
    */
   private synthesizeTemplates = async (): Promise<Template | undefined> => {
     this._app.synth();
     const templates = this._synthesizer.collectStacks();
+    // eslint-disable-next-line spellcheck/spell-checker
     return templates.get('AmplifyAuthCongitoStack');
   };
 
   public saveBuildFiles = async (context: $TSContext, template: Template): Promise<void> => {
     const cognitoStackFileName = `${this.resourceName}-cloudformation-template.json`;
-    const cognitostackFilePath = path.join(
+    const cognitoStackFilePath = path.join(
       pathManager.getBackendDirPath(),
       this._category,
       this.resourceName,
@@ -226,7 +230,7 @@ export class AmplifyAuthTransform extends AmplifyCategoryTransform {
       cognitoStackFileName,
     );
     // write CFN template
-    await writeCFNTemplate(template, cognitostackFilePath, {
+    await writeCFNTemplate(template, cognitoStackFilePath, {
       templateFormat: CFNTemplateFormat.JSON,
     });
     // write parameters.json
@@ -542,16 +546,6 @@ export class AmplifyAuthTransform extends AmplifyCategoryTransform {
         );
       }
     }
-
-    // if (Object.keys(props).includes('hostedUIProviderMeta') && !Object.keys(props).includes('hostedUIProviderCreds')) {
-    //   this._authTemplateObj.addCfnParameter(
-    //     {
-    //       type: 'String',
-    //       default: '[]',
-    //     },
-    //     'hostedUIProviderCreds',
-    //   );
-    // }
   };
 
   private addCfnConditions = (props: CognitoStackOptions): void => {
diff --git a/packages/amplify-category-auth/src/provider-utils/awscloudformation/handlers/resource-handlers.ts b/packages/amplify-category-auth/src/provider-utils/awscloudformation/handlers/resource-handlers.ts
index 685c75b4bdf..a91913fe51b 100644
--- a/packages/amplify-category-auth/src/provider-utils/awscloudformation/handlers/resource-handlers.ts
+++ b/packages/amplify-category-auth/src/provider-utils/awscloudformation/handlers/resource-handlers.ts
@@ -1,3 +1,4 @@
+/* eslint-disable max-len */
 import {
   $TSAny, $TSContext, $TSObject, stateManager,
 } from 'amplify-cli-core';
@@ -89,7 +90,7 @@ export const getAddAuthHandler = (context: $TSContext, skipNextSteps = false) =>
 };
 
 /**
- *
+ * Factory function that returns a CognitoCLIInputs consumer that handles all update operations of the resource generation logic.
  */
 export const getUpdateAuthHandler = (context: $TSContext) => async (request: ServiceQuestionHeadlessResult | CognitoConfiguration) => {
   const { defaultValuesFilename } = getSupportedServices()[request.serviceName];
@@ -130,7 +131,7 @@ export const getUpdateAuthHandler = (context: $TSContext) => async (request: Ser
   privateKeys.forEach(p => delete sharedParams[p]);
   sharedParams = removeDeprecatedProps(sharedParams);
   // extracting env-specific params from parameters object
-  const envSpecificParams: any = {};
+  const envSpecificParams: $TSAny = {};
   const cliInputs = { ...sharedParams };
   ENV_SPECIFIC_PARAMS.forEach(paramName => {
     if (paramName in request) {
@@ -140,7 +141,7 @@ export const getUpdateAuthHandler = (context: $TSContext) => async (request: Ser
   });
   context.amplify.saveEnvResourceParameters(context, category, requestWithDefaults.resourceName, envSpecificParams);
 
-  // handling triggers to be saved  coorectly in cli-inputs
+  // handling triggers to be saved  correctly in cli-inputs
   await getResourceUpdater(context, cliInputs);
   // saving updated request here
   /**
@@ -155,7 +156,6 @@ export const getUpdateAuthHandler = (context: $TSContext) => async (request: Ser
   try {
     const cliState = new AuthInputState(cognitoCLIInputs.cognitoConfig.resourceName);
     const { triggers } = cognitoCLIInputs.cognitoConfig;
-    // convert triggers to JSON as overided in defaults
     if (triggers && typeof triggers === 'string') {
       cognitoCLIInputs.cognitoConfig.triggers = JSON.parse(triggers);
     }
@@ -163,7 +163,7 @@ export const getUpdateAuthHandler = (context: $TSContext) => async (request: Ser
     await cliState.saveCLIInputPayload(cognitoCLIInputs);
     // updating OAuth secrets
     await syncOAuthSecretsToCloud(context, cognitoCLIInputs.cognitoConfig.resourceName, envSpecificParams);
-    // remoe this when api and functions transform are done
+    // remove this when api and functions transform are done
     if (request.updateFlow !== 'updateUserPoolGroups' && request.updateFlow !== 'updateAdminQueries') {
       await generateAuthStackTemplate(context, cognitoCLIInputs.cognitoConfig.resourceName);
     }
diff --git a/packages/amplify-category-auth/src/provider-utils/awscloudformation/utils/generate-auth-stack-template.ts b/packages/amplify-category-auth/src/provider-utils/awscloudformation/utils/generate-auth-stack-template.ts
index cc8b50b8e03..62246a59abe 100644
--- a/packages/amplify-category-auth/src/provider-utils/awscloudformation/utils/generate-auth-stack-template.ts
+++ b/packages/amplify-category-auth/src/provider-utils/awscloudformation/utils/generate-auth-stack-template.ts
@@ -11,5 +11,5 @@ export const generateAuthStackTemplate = async (context: $TSContext, resourceNam
     return template;
   }
 
-  throw new Error('Cant find the generated template');
+  throw new Error(`Failed to generate auth CloudFormation template for ${resourceName}.`);
 };
diff --git a/packages/amplify-category-auth/src/provider-utils/awscloudformation/utils/get-oauth-secrets-from-cognito.ts b/packages/amplify-category-auth/src/provider-utils/awscloudformation/utils/get-oauth-secrets-from-cognito.ts
index b24221241b2..7fbb0869d2c 100644
--- a/packages/amplify-category-auth/src/provider-utils/awscloudformation/utils/get-oauth-secrets-from-cognito.ts
+++ b/packages/amplify-category-auth/src/provider-utils/awscloudformation/utils/get-oauth-secrets-from-cognito.ts
@@ -1,19 +1,25 @@
-import { $TSContext, $TSObject, AmplifyCategories, ResourceDoesNotExistError } from "amplify-cli-core";
-import { ICognitoUserPoolService } from "amplify-util-import";
-import { IdentityProviderType } from "aws-sdk/clients/cognitoidentityserviceprovider";
-import { createOAuthCredentials } from "../import";
+import {
+  $TSContext, AmplifyCategories, ResourceDoesNotExistError, stateManager,
+} from 'amplify-cli-core';
+import { ICognitoUserPoolService } from 'amplify-util-import';
+import { IdentityProviderType } from 'aws-sdk/clients/cognitoidentityserviceprovider';
+import { createOAuthCredentials } from '../import';
 
+/**
+ * get oAuth secrets from cognito
+ */
 export const getOAuthObjectFromCognito = async (context: $TSContext, userPoolName : string): Promise<string> => {
-    const cognito = await context.amplify.invokePluginMethod(context, AmplifyCategories.AWSCLOUDFORMATION,undefined,'createCognitoUserPoolService',[
-        context,
-    ]) as ICognitoUserPoolService;
-    const userPool = (await cognito.listUserPools()).filter(userPool => userPool.Name === userPoolName)[0];
-    if(userPool){
-        const identityProviders: IdentityProviderType[] = await cognito.listUserPoolIdentityProviders(userPool.Id!);
-        return createOAuthCredentials(identityProviders);
-    }
-    else{
-        const errMessage = 'No auth resource found. Add it using amplify add auth';
-        throw new ResourceDoesNotExistError(errMessage);
-    }
-}
\ No newline at end of file
+  const { envName } = stateManager.getLocalEnvInfo();
+  const envUserPoolName = `${userPoolName}-${envName}`;
+  const cognito = await context.amplify.invokePluginMethod(context, AmplifyCategories.AWSCLOUDFORMATION, undefined, 'createCognitoUserPoolService', [
+    context,
+  ]) as ICognitoUserPoolService;
+  const userPool = (await cognito.listUserPools()).filter(userPoolCognito => userPoolCognito.Name === envUserPoolName)[0];
+  if (userPool) {
+    const identityProviders: IdentityProviderType[] = await cognito.listUserPoolIdentityProviders(userPool.Id!);
+    return createOAuthCredentials(identityProviders);
+  }
+
+  const errMessage = 'No auth resource found. Add it using amplify add auth';
+  throw new ResourceDoesNotExistError(errMessage);
+};
diff --git a/packages/amplify-cli/src/extensions/amplify-helpers/envResourceParams.ts b/packages/amplify-cli/src/extensions/amplify-helpers/envResourceParams.ts
index 8643f6d8296..54f0a69dddf 100644
--- a/packages/amplify-cli/src/extensions/amplify-helpers/envResourceParams.ts
+++ b/packages/amplify-cli/src/extensions/amplify-helpers/envResourceParams.ts
@@ -1,7 +1,7 @@
-import _ from 'lodash';
 import {
-  $TSContext, $TSObject, stateManager, mergeDeploymentSecrets, removeFromDeploymentSecrets, $TSAny,
+  $TSAny, $TSContext, $TSObject, removeFromDeploymentSecrets, stateManager,
 } from 'amplify-cli-core';
+import _ from 'lodash';
 import { getEnvInfo } from './get-env-info';
 import { getRootStackId } from './get-root-stack-id';
 
@@ -81,35 +81,16 @@ export const saveEnvResourceParameters = (context: $TSContext, category: string,
   }
 };
 
-export function loadEnvResourceParameters(context: $TSContext, category: string, resource: string) {
+/**
+ * load env specific parameter for a resource
+ */
+export const loadEnvResourceParameters = (context: $TSContext, category: string, resource: string): $TSObject => {
   const envParameters = {
     ...loadEnvResourceParametersFromTeamProviderInfo(context, category, resource),
   };
   return envParameters;
 };
 
-const loadEnvResourceParametersFromDeploymentSecrets = (
-  context: $TSContext, category: string, resource: string,
-): Record<string, string> => {
-  try {
-    const currentEnv = getCurrentEnvName(context);
-    const deploymentSecrets = stateManager.getDeploymentSecrets();
-    const rootStackId = getRootStackId();
-    const deploymentSecretByAppId = _.find(deploymentSecrets.appSecrets, appSecret => appSecret.rootStackId === rootStackId);
-    if (deploymentSecretByAppId) {
-      return _.get(deploymentSecretByAppId.environments, [currentEnv, category, resource]);
-    }
-    const parameters = stateManager.getResourceParametersJson(undefined, category, resource);
-    // set empty default if no hostedUIProviderCreds found
-    if (parameters && parameters.hostedUI) {
-      return _.set({}, hostedUIProviderCredsField, '[]');
-    }
-  } catch (e) {
-    // swallow error
-  }
-  return {};
-};
-
 const loadEnvResourceParametersFromTeamProviderInfo = (context: $TSContext, category: string, resource: string): Record<string, string> => {
   try {
     const teamProviderInfo = getApplicableTeamProviderInfo(context);
@@ -132,26 +113,3 @@ export const removeResourceParameters = (context: $TSContext, category: string,
     stateManager.setTeamProviderInfo(undefined, teamProviderInfo);
   }
 };
-
-/**
- * removes deployment secrets
- * called after remove and push
- */
-export const removeDeploymentSecrets = (context: $TSContext, category: string, resource: string): void => {
-  const currentEnv = getCurrentEnvName(context);
-  const deploymentSecrets = stateManager.getDeploymentSecrets();
-  const rootStackId = getRootStackId();
-
-  if (!isMigrationContext(context)) {
-    stateManager.setDeploymentSecrets(
-      removeFromDeploymentSecrets({
-        currentDeploymentSecrets: deploymentSecrets,
-        rootStackId,
-        envName: currentEnv,
-        category,
-        resource,
-        keyName: hostedUIProviderCredsField,
-      }),
-    );
-  }
-};
diff --git a/packages/amplify-e2e-tests/src/__tests__/auth_2.test.ts b/packages/amplify-e2e-tests/src/__tests__/auth_2.test.ts
index 5b2a3e47798..a7e91c00e1e 100644
--- a/packages/amplify-e2e-tests/src/__tests__/auth_2.test.ts
+++ b/packages/amplify-e2e-tests/src/__tests__/auth_2.test.ts
@@ -13,7 +13,6 @@ import {
   getProjectMeta,
   getUserPool,
   getUserPoolClients,
-  isDeploymentSecretForEnvExists,
   getLambdaFunction,
   removeAuthWithDefault,
 } from 'amplify-e2e-core';
@@ -23,23 +22,21 @@ const defaultsSettings = {
 };
 
 describe('amplify add auth...', () => {
-  let projRoot: string;
+  let projectRoot: string;
   beforeEach(async () => {
-    projRoot = await createNewProjectDir('auth');
+    projectRoot = await createNewProjectDir('auth');
   });
 
   afterEach(async () => {
-    await deleteProject(projRoot);
-    deleteProjectDir(projRoot);
+    await deleteProject(projectRoot);
+    deleteProjectDir(projectRoot);
   });
 
   it('...should init a project and add auth with defaultSocial', async () => {
-    await initJSProjectWithProfile(projRoot, { ...defaultsSettings, disableAmplifyAppCreation: false });
-    await addAuthWithDefaultSocial(projRoot, {});
-    // expect(isDeploymentSecretForEnvExists(projRoot, 'integtest')).toBeTruthy();
-    await amplifyPushAuth(projRoot);
-    const meta = getProjectMeta(projRoot);
-    // expect(isDeploymentSecretForEnvExists(projRoot, 'integtest')).toBeFalsy();
+    await initJSProjectWithProfile(projectRoot, { ...defaultsSettings, disableAmplifyAppCreation: false });
+    await addAuthWithDefaultSocial(projectRoot, {});
+    await amplifyPushAuth(projectRoot);
+    const meta = getProjectMeta(projectRoot);
     const authMeta = Object.keys(meta.auth).map(key => meta.auth[key])[0];
     const id = authMeta.output.UserPoolId;
     const userPool = await getUserPool(id, meta.providers.awscloudformation.Region);
@@ -48,25 +45,25 @@ describe('amplify add auth...', () => {
 
     expect(userPool.UserPool).toBeDefined();
     expect(clients).toHaveLength(2);
-    validateNodeModulesDirRemoval(projRoot);
+    validateNodeModulesDirRemoval(projectRoot);
     expect(clients[0].UserPoolClient.CallbackURLs[0]).toEqual('https://www.google.com/');
     expect(clients[0].UserPoolClient.LogoutURLs[0]).toEqual('https://www.nytimes.com/');
     expect(clients[0].UserPoolClient.SupportedIdentityProviders).toHaveLength(5);
   });
 
   it('...should init a project and add auth with defaultSocial and then remove federation', async () => {
-    await initJSProjectWithProfile(projRoot, { ...defaultsSettings, disableAmplifyAppCreation: false });
-    await addAuthWithDefaultSocial(projRoot, {});
-    await amplifyPushAuth(projRoot);
-    await removeAuthWithDefault(projRoot);
-    await amplifyPushAuth(projRoot);
+    await initJSProjectWithProfile(projectRoot, { ...defaultsSettings, disableAmplifyAppCreation: false });
+    await addAuthWithDefaultSocial(projectRoot, {});
+    await amplifyPushAuth(projectRoot);
+    await removeAuthWithDefault(projectRoot);
+    await amplifyPushAuth(projectRoot);
   });
 
   it('...should init a project and add auth a PostConfirmation: add-to-group trigger', async () => {
-    await initJSProjectWithProfile(projRoot, defaultsSettings);
-    await addAuthWithGroupTrigger(projRoot, {});
-    await amplifyPushAuth(projRoot);
-    const meta = getProjectMeta(projRoot);
+    await initJSProjectWithProfile(projectRoot, defaultsSettings);
+    await addAuthWithGroupTrigger(projectRoot, {});
+    await amplifyPushAuth(projectRoot);
+    const meta = getProjectMeta(projectRoot);
 
     const functionName = `${Object.keys(meta.auth)[0]}PostConfirmation-integtest`;
 
@@ -77,7 +74,7 @@ describe('amplify add auth...', () => {
     const clients = await getUserPoolClients(id, clientIds, meta.providers.awscloudformation.Region);
 
     const lambdaFunction = await getLambdaFunction(functionName, meta.providers.awscloudformation.Region);
-    validateNodeModulesDirRemoval(projRoot);
+    validateNodeModulesDirRemoval(projectRoot);
     expect(userPool.UserPool).toBeDefined();
     expect(clients).toHaveLength(2);
     expect(lambdaFunction).toBeDefined();
@@ -85,10 +82,10 @@ describe('amplify add auth...', () => {
   });
 
   it('...should allow the user to add auth via API category, with a trigger', async () => {
-    await initJSProjectWithProfile(projRoot, defaultsSettings);
-    await addAuthViaAPIWithTrigger(projRoot, { transformerVersion: 1 });
-    await amplifyPush(projRoot);
-    const meta = getProjectMeta(projRoot);
+    await initJSProjectWithProfile(projectRoot, defaultsSettings);
+    await addAuthViaAPIWithTrigger(projectRoot, { transformerVersion: 1 });
+    await amplifyPush(projectRoot);
+    const meta = getProjectMeta(projectRoot);
 
     const functionName = `${Object.keys(meta.auth)[0]}PostConfirmation-integtest`;
     const authMeta = Object.keys(meta.auth).map(key => meta.auth[key])[0];
@@ -100,17 +97,17 @@ describe('amplify add auth...', () => {
     const lambdaFunction = await getLambdaFunction(functionName, meta.providers.awscloudformation.Region);
     expect(userPool.UserPool).toBeDefined();
     expect(userPool.UserPool.AliasAttributes).not.toBeDefined();
-    validateNodeModulesDirRemoval(projRoot);
+    validateNodeModulesDirRemoval(projectRoot);
     expect(clients).toHaveLength(2);
     expect(lambdaFunction).toBeDefined();
     expect(lambdaFunction.Configuration.Environment.Variables.GROUP).toEqual('mygroup');
   });
 
   it('...should allow the user to add auth via API category, with a trigger and function dependsOn API', async () => {
-    await initJSProjectWithProfile(projRoot, defaultsSettings);
-    await addAuthwithUserPoolGroupsViaAPIWithTrigger(projRoot, { transformerVersion: 1 });
+    await initJSProjectWithProfile(projectRoot, defaultsSettings);
+    await addAuthwithUserPoolGroupsViaAPIWithTrigger(projectRoot, { transformerVersion: 1 });
     await updateFunction(
-      projRoot,
+      projectRoot,
       {
         functionTemplate: 'Hello World',
         additionalPermissions: {
@@ -123,8 +120,8 @@ describe('amplify add auth...', () => {
       },
       'nodejs',
     );
-    await amplifyPush(projRoot);
-    const meta = getProjectMeta(projRoot);
+    await amplifyPush(projectRoot);
+    const meta = getProjectMeta(projectRoot);
     const authKey = Object.keys(meta.auth).find(key => meta.auth[key].service === 'Cognito');
     const functionName = `${authKey}PostConfirmation-integtest`;
     const authMeta = meta.auth[authKey];
@@ -136,17 +133,17 @@ describe('amplify add auth...', () => {
     expect(userPool.UserPool).toBeDefined();
     expect(Object.keys(userPool.UserPool.LambdaConfig)[0]).toBe('PostConfirmation');
     expect(Object.values(userPool.UserPool.LambdaConfig)[0]).toBe(meta.function[functionName.split('-')[0]].output.Arn);
-    validateNodeModulesDirRemoval(projRoot);
+    validateNodeModulesDirRemoval(projectRoot);
     expect(clients).toHaveLength(2);
     expect(lambdaFunction).toBeDefined();
     expect(lambdaFunction.Configuration.Environment.Variables.GROUP).toEqual('mygroup');
   });
 
   it('...should init a project and add 3 custom auth flow triggers for Google reCaptcha', async () => {
-    await initJSProjectWithProfile(projRoot, defaultsSettings);
-    await addAuthWithRecaptchaTrigger(projRoot, {});
-    await amplifyPushAuth(projRoot);
-    const meta = getProjectMeta(projRoot);
+    await initJSProjectWithProfile(projectRoot, defaultsSettings);
+    await addAuthWithRecaptchaTrigger(projectRoot, {});
+    await amplifyPushAuth(projectRoot);
+    const meta = getProjectMeta(projectRoot);
 
     const createFunctionName = `${Object.keys(meta.auth)[0]}CreateAuthChallenge-integtest`;
     const defineFunctionName = `${Object.keys(meta.auth)[0]}DefineAuthChallenge-integtest`;
@@ -163,7 +160,7 @@ describe('amplify add auth...', () => {
     const verifyFunction = await getLambdaFunction(verifyFunctionName, meta.providers.awscloudformation.Region);
 
     expect(userPool.UserPool).toBeDefined();
-    validateNodeModulesDirRemoval(projRoot);
+    validateNodeModulesDirRemoval(projectRoot);
     expect(clients).toHaveLength(2);
     expect(createFunction).toBeDefined();
     expect(defineFunction).toBeDefined();
diff --git a/packages/amplify-migration-tests/src/__tests__/update_tests/auth_migration_update.test.ts b/packages/amplify-migration-tests/src/__tests__/update_tests/auth_migration_update.test.ts
index dc687c8f0ba..319ac6ea3e8 100644
--- a/packages/amplify-migration-tests/src/__tests__/update_tests/auth_migration_update.test.ts
+++ b/packages/amplify-migration-tests/src/__tests__/update_tests/auth_migration_update.test.ts
@@ -99,10 +99,10 @@ describe('amplify auth migration', () => {
     };
     // eslint-disable-next-line spellcheck/spell-checker
     await updateAuthWithoutTrigger(projectRoot, { testingWithLatestCodebase: true, overrides: overridesObj });
-    await expect(await amplifyPushAuth(projectRoot, true)).resolves.not.toThrowError();
+    await expect(amplifyPushAuth(projectRoot, true)).resolves.not.toThrowError();
   });
 
-  it('...should init a project and add auth with default, and then add function and push', async () => {
+  it('...should init a project and add auth with Max options, and then add function and push', async () => {
     // add and push auth with installed cli
     await addAuthWithMaxOptions(projectRoot, {});
     await amplifyPushAuth(projectRoot);
@@ -116,6 +116,6 @@ describe('amplify auth migration', () => {
       },
       'nodejs',
     );
-    await expect(await amplifyPushAuth(projectRoot, true)).resolves.not.toThrowError();
+    await expect(amplifyPushAuth(projectRoot, true)).resolves.not.toThrowError();
   });
 });
diff --git a/packages/amplify-migration-tests/src/__tests__/update_tests/auth_migration_update_1.test.ts b/packages/amplify-migration-tests/src/__tests__/update_tests/auth_migration_update_1.test.ts
index 6e87f996ea1..7b576ae3249 100644
--- a/packages/amplify-migration-tests/src/__tests__/update_tests/auth_migration_update_1.test.ts
+++ b/packages/amplify-migration-tests/src/__tests__/update_tests/auth_migration_update_1.test.ts
@@ -47,6 +47,6 @@ describe('amplify auth migration', () => {
     };
     // eslint-disable-next-line spellcheck/spell-checker
     await updateAuthSignInSignOutUrl(projectRoot, { testingWithLatestCodebase: true, overrides: overridesObj });
-    await expect(await amplifyPushAuth(projectRoot, true)).resolves.not.toThrowError();
+    await expect(amplifyPushAuth(projectRoot, true)).resolves.not.toThrowError();
   });
 });
diff --git a/packages/amplify-provider-awscloudformation/src/resourceParams.js b/packages/amplify-provider-awscloudformation/src/resourceParams.js
index 9a311c34603..51a6649a30f 100644
--- a/packages/amplify-provider-awscloudformation/src/resourceParams.js
+++ b/packages/amplify-provider-awscloudformation/src/resourceParams.js
@@ -1,14 +1,19 @@
 const path = require('path');
 const fs = require('fs-extra');
 const _ = require('lodash');
-const hostedUIProviderCredsField = 'hostedUIProviderCreds';
 
+/**
+ * get resource dir path
+ */
 function getResourceDirPath(context, category, resource) {
   const { projectPath } = context.migrationInfo || context.amplify.getEnvInfo();
   const backendDirPath = context.amplify.pathManager.getBackendDirPath(projectPath);
   return path.join(backendDirPath, category, resource);
 }
 
+/**
+ * save parameters for selected resource
+ */
 function saveResourceParameters(context, category, resource, parameters, envSpecificParamsName = []) {
   const resourceDirPath = getResourceDirPath(context, category, resource);
   const parametersFilePath = path.join(resourceDirPath, 'parameters.json');
@@ -29,6 +34,9 @@ function saveResourceParameters(context, category, resource, parameters, envSpec
   return parameters;
 }
 
+/**
+ * load parameter for a resource
+ */
 function loadResourceParameters(context, category, resource) {
   let parameters = {};
   const resourceDirPath = getResourceDirPath(context, category, resource);
@@ -41,10 +49,7 @@ function loadResourceParameters(context, category, resource) {
     parameters = context.amplify.readJsonFile(parametersFilePath);
   }
   const envSpecificParams = context.amplify.loadEnvResourceParameters(context, category, resource);
-  let resourceParameters = { ...parameters, ...envSpecificParams };
-  // if (category === 'auth' && parameters && parameters.hostedUI && !resourceParameters[hostedUIProviderCredsField]) {
-  //   resourceParameters = _.set(resourceParameters, hostedUIProviderCredsField, '[]');
-  // }
+  const resourceParameters = { ...parameters, ...envSpecificParams };
   return resourceParameters;
 }