- Newest
- Most votes
- Most comments
I think you are looking for this: Using attributes for access control.
First of all, thanks for the reply. After taking a look at it, I don't think it helps me solve the problem I'm having. Although it's great that you can create these custom mappings using Cognito User attributes, it looks like it only solves the problem when a user has only ONE permission level.
Please correct me if I'm wrong, but since cognito user attributes can only be a String or a Number, this way the user can't have multiple-levels of permissions, which would require something like an array.
Example: Let's say there is a music app. Users can create a group, add music files to that group, and add other users to have access to these music files. Each user only has access to the music files of a group he is a member. In this case, we can't set a one permission level to the user to access group X, Y and Z. He needs multiple permissions level. If is part of group X, Y, he will have access to music files from X and Y, not Z.
Hey, have you found a solution to your problem yet? I'm having a similar issue: I have a Cognito user pool with multiple users where each user is in one or more user groups. For each user group, there's a folder in my S3 bucket with the same name as the group and I want to give all users in this group access to the files in that folder. I'm looking forward to your response!
Relevant content
- Accepted Answerasked 2 years ago
- Accepted Answerasked 5 months ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
How do the users access their files on s3 ? through an application or directly ?
With this scale and complexity you might need to consider a proper file system with granular permission management such as Microsoft AD and FSx for Windows.
They access through an application