Yes, it is possible.
When you create a rule for a specific path (e.g. /get_y) with your Application Load Balancer, you are able to include THEN clause called "Authenticate using Cognito" where you specify your UserPoolID, ClientID, etc. Also you include your target as forward to your ECS. Each HTTP request is then evaluated whether it contains specific token in HTTP headers. If it does not contain it, user is redirected to Cognito. You then create another rule (e.g. /get_x) where you don't require Authentication, so you omit the Authentication clause and just foward to your ECS.
I hope it helps.
Hello AWS Customer,
Application Load Balancers support path-based routing and priority rules (so that multiple services can use the same listener port on a single Application Load Balancer).
You can configure your Application Load Balancer's listener rules to configure different forwarding targets based on routes.
Hope you will find this information useful. Please let me know if you have any further questions or concerns. I will be more than glad to assist you.
I hope you are always healthy and have a nice day.
- Accepted Answerasked 3 years ago
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated a year ago
- How can I use Meta and Amazon Cognito as identity providers to authenticate Application Load Balancer users?AWS OFFICIALUpdated 7 months ago
- EXPERTpublished 3 months ago