Hi Oleg :)
I think this answer outlines well the options for role based authorizations: https://repost.aws/questions/QUpYtLZR5wQVqOSWI4BcblQQ/rbac-for-api-gateway-endpoints-using-cognito-user-groups.
Hope it helps
I understand that "AWS Gateway" is "API Gateway".
You cannot set multiple authorizers in combination in API Gateway.
So you have to implement your custom logic in the Lambda authorizer.
Validate Cognito's JWT in Lambda and check for the target user pool. Then perform custom processing.
The following documents may be helpful.
- Accepted Answerasked 3 months ago
- Accepted Answer
- asked a month ago
- How do I allow API Gateway REST API users to run Lambda using the execution role from an Amazon Cognito user pool group?AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 2 years ago
- How do I troubleshoot HTTP 403 Forbidden errors when using a Lambda authorizer with an API Gateway REST API?AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated a year ago
- EXPERTpublished 4 months ago
- EXPERTpublished 3 months ago