API Gateway Security Mechanisms | AWS_IAM Vs Cognito User Pool Vs Identity Pool Vs Lambda Authorizer
Вставка
- Опубліковано 17 лип 2020
- In this video, we will compare different AWS API Gateway Security Mechanisms - AWS_IAM, Cognito User Pool, Cognito Identity Pool, Lambda Authorizer. We will also go over for what use case you should use which mechanism along with pros cons.
*My Courses*
Discounted Link for My Serverless Course: www.udemy.com/course/aws-serv...
Discounted Link for my CloudFormation, CDK with Devops, Interview Guide Course: www.udemy.com/course/rocking-...
*Connect with me*
Connect with me in LinkedIN: / rajdeep-sa-at-aws
Follow me on twitter: / cloudwithraj
Follow me on instagram: / raj_does_cloud
DEFINITELY DO NOT CLICK: / @cloudwithraj - Наука та технологія
Using the Scopes it is possible to get fine-grained access. Interesting is that the initial sign-in process with Cognito User Pool you get back a JWT with, identity, access and refresh tokens. Depending upon whether you pass in the identity or the access token, you get quite different approaches on how API Gateway Authorizer will apply it.
You are correct, I will do a deep down video on Cognito. Thanks for the feedback and thanks for watching :)
@@cloudwithraj is there any videos on this concept? Or using the concept of user pool groups?
@@cloudwithraj on 11th minute you are explaining the IAM Role 3 with UserPool but lets say we use a single identity provider (facebook or Cognito Userpool) , can we have separate IAM Roles returned ? If yes then how ?
Great video, now I understand the differences correctly! Thanks a lot!
Good job Raj. Clear and concise with very good illustrations
Great explanation! I'm amazed by your videos, they are so clear. Thanks you so much.
Glad you like them!
Thank you sir. Explaining with picture and flow is very clear to understand.
Thanks for making this video. You explained the topic clearly.
Glad you liked it
best video on the topic on the youtube
Pretty good explanation on the differences. Thank u. Keep posting such awesome videos.
Thanks Srikanth for watching. I am glad you found this video helpful.
Great explanation, sorted my queries related to different authentication and authorization methods with AWS. Thanks.
Most clear description of Cognito so far. and yes I have smashed that like button.
haha ty Tushar
video was relly helpful
Bravo! the best explanation I found around this topic. In AWS HTTP API gateway, I believe you have JWT authrorizer which does acts similarly as the Lambda authorizor. It checks the signature using the public key of the identity provider along with scopes and audiences
This is awesome..!
Great Explanation
Very well described. Great . THANK YOU
Glad it was helpful!
Excellent explanation! Thank you.
Glad it was helpful!
very well explained....thanks much!
Glad it was helpful!
Nice job Raj.
Excelent video!, thanks for sharing!
Thanks for watching!
Such cool videos Raj 👍
Another great one, Raj. I am a fellow Amazonian too, and this playlist is a great learning tool!
Ty Anshika for your kind words (and the helpful pointer about ALB X-region using IP and VPC peering ). I love when fellow amazonians find my videos helpful 👊
If you want fine-grained authorisation using Cognito user pools, you can potentially use oauth scopes and not have to create more user pools.
You are correct, I will do a deep down video on Cognito. Thanks for the feedback and thanks for watching :)
Excellent explanation
Glad it was helpful!
I'm trying to control access to individual methods of my API Gateway using Cognito Identity Pool like you say I can but cannot get it to work. Do you have a video which explains the setup in more depth with example?
Please upload more in-depth videos of aws services
Another great video my friend. Very well explained. I always don't skip ads on your videos :)
Using the "VS" logo of Street Fighter enticed me to click this video. JK.
You rock Koya!
Amazing vid man
Appreciate it
Thank you for the nice video, I did not find your udemy course of Rocking AWS serverless, is the name changed?
I got lost during the Cognito Identity Pool. You skipped explaining how the GIP knows which IAM role to assign to a user. Do users logging using Facebook only ever get IAM role 1, and those using User pool only ever get IAM role 3? Where and how is that logic configured.
Amazing Video !
Please make a separate vdo on below topic coz there is no resource in internet related to this topic.
I want to know how to do the Sign Up, Login
& other MFA in React-Native App, if I already have a existing
backend in AWS Cognito .
And have the below details of the existing backend :-
aws_cognito_identity_pool_id:
aws_cognito_region:
aws_user_pools_id:
aws_user_pools_web_client_id:
Can we use roe level security whiile accessing redshift via cognito user->API->redshift data ApI
Can we use O355/OpenID authentication with API gateway
Hi Raj, Excellent Video ! We can leverage Cognito User Pool Groups to define different IAM role/policies right ?
That's correct Pradeep!
@@cloudwithraj Now lets say we use SAML Federation with on-premises AD in Cognito UserPool . How will I have the user groups since the user is not created in Cognito.
Nice video as usual 👍 Btw how you did this lambda?
Thanks Denys :). Ya I bought nanoleaf panels and made it in lambda pattern
Can we use row level security while accessing redshift for cognito user....Login via cognito user->API->Lambds->redshift data ApI with row levelsecurity for example Cognito user1 can only see US data and user2 can only see UK data
3:59 not sure what the word is, 'you are in trouble because they don't ____ it' ?
"rotate" , apologies for not spelling it super crisp, thanks for watching
@@cloudwithraj thank you!
Ideally IAM should be applied to roles and not to users.
The API key method is not well described
You should try speaking a little bit slower!