1개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
0
It seems like they're trying to fight the conventional pattern. Serverless or not, why would they not authenticate & authorize the user directly via Cognito first, and then use the Cognito JWT as authN/Z to the api call? Everything they are after (group based policies, access control on the api) is essentially trivial if they do the identity bits first.
관련 콘텐츠
- AWS 공식업데이트됨 2년 전
- AWS 공식업데이트됨 일 년 전