stackoom
  简体   繁体   中英

How to limit the access to Lambda base on user by Cognito Lambda authorizer

 原文  2021-08-20 13:08:36       aws-lambda/ amazon-cognito

Question

summery

I'm gonna implement AWS Lambda Authorizer by Cognito.
https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-integrate-with-cognito.html
But I'm not sure how to limit the access to api/lambda based on user.

For example,
Cognito user pool has two users: user-1, user-2
And there are two AWS Lambda Function for API: lambda-1, lambda-2
In this senario, I want user-1 to access only to lambda-1 and user-2 to lambda-2

please give me the solution to achieve it.

regards,

1 answers

solution1
 1  2021-08-20 14:05:51

If you want fine-grained control, you're better of using a lambda authorizer . This would still allow you to do authentication using Cognito.

In your Lambda function, you can return an IAM policy based on the user that is authenticated and restrict the access to only the API paths that you want them to access. You can then simply put both lambdas behind different paths of your API.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question AWS API Gateway + Cognito + Lambda - $context.authorizer.principalId empty mtLS in API Gateway and authorization using Lambda authorizer or Cognito How to pass Cognito User Pool information to Lambda through API Gateway AWS Lambda - Can't get Cognito user data in lambda function Enable Provisioned Concurrency for a Lambda Authorizer AWS cognito how to forgot password with lambda User Authentication (Signup & Login) on AWS with Lambda, Cognito or IAM Unrecognizable Lambda Output Cognito Custom Lambda Authorizer Event Payload type Passing custom data from AWS Lambda Authorizer
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM