Reputation: 777
How to limit the access to Lambda base on user by Cognito Lambda authorizer
summery
I'm gonna implement AWS Lambda Authorizer by Cognito.
https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-integrate-with-cognito.html
But I'm not sure how to limit the access to api/lambda based on user.
For example,
Cognito user pool has two users: user-1, user-2
And there are two AWS Lambda Function for API : lambda-1, lambda-2
In this senario, I want user-1 to access only to lambda-1 and user-2 to lambda-2
please give me the solution to achieve it.
regards,
Upvotes: 1
Views: 626
Answers (1)
Reputation: 3544
If you want fine-grained control, you're better of using a lambda authorizer. This would still allow you to do authentication using Cognito.
In your Lambda function, you can return an IAM policy based on the user that is authenticated and restrict the access to only the API paths that you want them to access. You can then simply put both lambdas behind different paths of your API.
Upvotes: 1
Related Questions
- Cognito authorizing a user through AWS lambda function
- How to make AWS Cognito User Data available to Lambda via API Gateway, without an Authorizer?
- Authenticate the caller to a lambda function
- Give Lambda fine grained access to DynamoDB based on Cognito Credentials
- How to grant access only to user-specific resources (DynamoDB, S3) when calling a Lambda function from an API Gateway method using Cognito
- AWS: Restrict Cognito Authorized User to specific Lambda Functions
- Use custom authorization logic with AWS Cognito authentication
- AWS Lambda Authorizer
- AWS Lambda: Give Lambda same role as signed in user
- How to authenticate users using Lambda functions and AWS Cognito?