1 回答
- 最新
- 投票最多
- 评论最多
1
The docs here https://docs.aws.amazon.com/elasticloadbalancing/latest/application/listener-authenticate-users.html#authentication-flow (see step #9) show that an authentication session cookie, issued by the ALB, is required to proceed to forwarding of traffic to the Target Group. The ALB here will actually sign the JWT being sent back to the target group itself, not Cognito in this case.
Depending upon your use case, you may want to use API Gateway to achieve this design rather than ALB. You could use this NodeJS JWT authorizer code within a custom lambda authorizer instead. Not sure that's possible with your application but should meet your design expectations of using the Cognito issued JWT.
已回答 2 年前
相关内容
- AWS 官方已更新 9 个月前
- AWS 官方已更新 2 年前
- AWS 官方已更新 1 年前
- AWS 官方已更新 1 年前
Thanks @Chris_S. We are using EKS for our services deployment. I dont think AWS API Gateway will fit here.
Hi @Chris_S, sadly the use case of using API Gateway is not possible for multiple use cases due to its limitations (Maximum payload & response time). Are there any other ways of solving this problem? API Gateway is not possible to use, ALB with Cognito doesn't allow on using JWT token that are generated with it, which is quite necessary in the current concept of microservices.