all InfoSec news
Using Verified Permissions with Cognito to control access to API endpoints
DEV Community dev.to
If we use Cognito User pools as an identity provider, AWS now enables us to configure fine-grained access control to our API Gateway endpoints using Amazon Verified Permissions.
1. A recent release
AWS has recently published a new feature for Cognito. The release introduces the use of Amazon Verified Permissions (AVP) to securely manage access to REST-type API Gateway endpoints via a Lambda authorizer.
2. The scenario
Bob was thrilled to explore this new feature and quickly implemented it …
access access control amazon amazon verified permissions api api endpoints api gateway apigateway aws cognito control control access endpoints feature gateway identity identity provider permissions release security serverless verified