Added AWS::Cognito::LogDeliveryConfiguration

You can configure a user pool to log detailed information about user errors to CloudWatch Logs.
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-logdeliveryconfiguration.html #cognito #cloudformation

🌩️
Cloud Authentication Services

There is a sea of Cloud Auth / Identity management providers.

There was a time I used to roll my own, but as security is getting complicated, it seems for startups & small to medium businesses it is better to use a cloud auth provider.

Please share your thoughts on your experience with this as I look into this area.

So far I have come across:

#Cognito
#Auth0 (by Okta)
#Okta
#Firebase
#Supabase
#KeyCloak

#security
#authentication
#cloud

Using Amazon Cognito Tokens for Fine-Grained Access Control

#cognito #aws #authentication
https://www.technometria.com/p/using-amazon-cognito-tokens-for-fine

CognitoのHostedUIがダサいのでChatGPTにCSSを作ってもらう
https://qiita.com/Nazuna_Nyanmage/items/315d3ccad5f7d1b4b115?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items
#CSS #AWS #cognito #ChatGPT

Added AWS::Cognito::IdentityPoolPrincipalTag

AWS::Cognito::IdentityPoolPrincipalTag is a map of identity pool user claims to principal tags that you want to apply to your user's temporary session.
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypoolprincipaltag.html #cognito #cloudformation

#AWSCognito and #AWSS3 allow for subdomain hijacking / squatting. Please doublecheck spelling when communicating with #cognito and #s3 subdomains. #cybersecurity

When you need to secure your API Gateway you have several options. One of them is to use Cognito User Pools & Cognito Authorizers. In this step by step video we will see how to set this up easily. https://www.youtube.com/watch?v=LI31QxfAgho #aws #cloud #serverless #apigateway #cognito

Certainly, this doesn't seem to be possible with @auth0, @Firebase or #cognito. There may be others out there that can do this - in which case, someone please point them out to me!

If you use Amazon Cognito for authentication I strongly recommend you start auditing your guest (unauthenticated) user access using this new feature. https://aws.amazon.com/about-aws/whats-new/2023/02/amazon-cognito-identity-pool-data-events-aws-cloudtrail/ #aws #security #cognito

If you need to throw up an #API on #AWS infrastructure quickly, why not give mvp-rocketship-template a try? It's a simple #InfrastructureAsCode #SAM template that gives you a starting point of: #Lambdas + #DynamboDb behind #APIGateway, protected by #Cognito. https://github.com/instantiator/mvp-rocketship-template

I'm just a developer, standing in front of a computer, looking for a cloud based authentication system that supports unique usernames spanning both local and social logins.

Because neither @auth0 nor @AWS #Cognito do ☹️ And I'm trying to resist doing it myself!

Why did we choose #Cognito as identity provider?! I can’t point to a group within a pool as resource in a IAM policy. Hence a authenticating lambda on a api gateway? That then allows for a lambda that executes with least privileged iam policy? My brain hurts.