cd123
Reputation: 13
Can the AWS Credentials from Cognito send request to other Regions?
I created a user pool and an identity pool in one region.
Can I use the credentials from the identity pool (accessKeyId, secretAccessKey, securityToken) to access data in another region?
Upvotes: 0
Views: 114
Answers (1)
Maurice
Reputation: 13197
All IAM credentials are global credentials, so by default this would work.
You can limit this by applying policies with the aws:RequestedRegion condition - more on that in the docs.
These policies can be either applied to the role Cognito creates credentials for or via a Service Control Policy, that limits which regions the account has access to.
Upvotes: 2
Related Questions
- AWS cognito authorization
- AWS Cognito using another region to send SMS
- How to authenticate same user in two different AWS regions?
- Is a single AWS Cognito Region, us-west-2 for example, suitable for serving Canada, US and Puerto Rico?
- Amazon cognito - authorization for non-aws resources
- Can the AWS Cognito Id of one Region be used for the Application running at another Region
- AWS Multi-Region webapp with centralised login services
- Amazon Cognito region vs AWS Console region
- Javascript access to dynamodb via cognito with different regions
- Is it possible to use services in different regions in AWS