Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

How do I authorize users based on their group in the cognito user pool in the API gateway authorizer? I am aware id_token and access_tokens have cognito: groups in the payload, but how to access it?

0

I have a Java service running in lambda. simple hello world application with a get API. I have also configured an API gateway with the cognito user pool as my authorizer. In my Cognito user pool, I have created a group (say admin) and added a few of my users to that group. Now I want users who have an admin group alone to access my API. At this point, any user who has signed up for the service and has valid tokens are allowed access. I would like to know if

  1. I can do this with cognito authorizer in the API gateway itself or some other means with minimal code.
  2. If not how to implement this java. Are there any documentation for the same?
Tópicos
Sem servidorWeb e dispositivos móveis front-endRede e entrega de conteúdoSegurança, identidade e conformidadeAWS Well-Architected Framework
Tags
Gateway do Amazon APIAmazon CognitoSegurançaGrupos de usuários do Amazon Cognito
Idioma
English
Sivakami
feita há 10 meses341 visualizações
1 Resposta
0

Using the Solution Overview depicted in this blog as a reference, can you describe which step you are having trouble with?

https://aws.amazon.com/blogs/security/building-fine-grained-authorization-using-amazon-cognito-api-gateway-and-iam/

profile picture
cyrk-aws
respondido há 10 meses

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante