After my investigation, I found that you can use the user migration lambda trigger to import users into user pools without asking users to reset passwords. This approach enables seamless migration of users from your existing user pool to user pools in different AWS account when they use your new Amazon Cognito-enabled app for the first time, either during their first sign-in or during the forgot-password process.

With User migration lambda, you can create a Lambda trigger in your new user pool and this migration trigger will check if the incoming user exists in the user pool. If it does not exist, it will invoke the lambda function which will receive the user information in the event parameter and check if the user exists in the old user pool. If it exists, you can authenticate the user with API calls and get all the user information from the old user pool. The trigger will send the user information back to the new user pool. Cognito will create the user from that in the new user pool. If you would like users to continue to use their existing passwords, set the attribute finalUserStatus = “CONFIRMED” in the Lambda response.

You can find more details from

https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-import-using-lambda.html

From cross account, the Lambda should have permission to access the user pool in a different account and this can be done by giving the Lambda permission to assume a role in the old account and that role will have permission to access old user pool.