Item level authorisation in Amplify (Gen 2)

0

I'm building a multi tenant application. Every user belongs to an organisation, in Cognito the organisation ID is stored in a custom attribute.

I'm using Amplify (Gen 2). How would one implement Item level authorisation based on a custom user attribute?

Group-based data access and Multi-user data access doesn't seem to be the solution.

Group-based data access: only a limited amount of groups are allowed per user pool (10k), I'm expecting much higher numbers.

Multi-user data access: Not efficient... due to the high number of users in an organisation. a.allow.multipleOwners().inField("organisation_id")

Amplify docs: https://docs.amplify.aws/gen2/build-a-backend/data/customize-authz/

Any help would be more than welcome.

Thanks!

主题

前端 Web 和移动安全、身份和合规性

标签

AWS Amplify Amazon Cognito

语言

English

已提问 3 个月前61 查看次数

没有答案

最新
投票最多
评论最多

相关内容

怎么使用OpenID Connect为构建在Azure上的应用提供基于Cognito User Pool的SSO
专家
rePost Polyglot
已提问 5 个月前
The ciphertext refers to a customer master key that does not exist, does not exist in this region, or you are not allowed to access (Query Id: b2c74c7e-21ed-4375-8712-cd1579eab9a7)
专家
rePost Polyglot
已提问 5 个月前
连接EKS集群时遇到错误：You must be logged in to the server (Unauthorized)。
专家
rePost Polyglot
已提问 5 个月前
报错 : If Bucket contains '.' like part.txt in any url in rest api
专家
rePost Polyglot
已提问 5 个月前
为什么当我尝试重新创建存储桶时，会从 Amazon S3 收到 "A conflicting conditional operation is currently in progress against this resource"（当前正在对此资源进行冲突的条件操作）错误？
AWS 官方已更新 2 年前
为什么我的 CloudFormation 堆栈停滞在 IN_PROGRESS 状态？
AWS 官方已更新 1 年前
如何解决 AWS CloudFormation 中的“Custom Named Resource already exists in stack（自定义名称资源已存在于堆栈中）”错误？
AWS 官方已更新 2 年前
当我尝试删除 Amazon EBS 快照时，为什么收到了“The snapshot is currently in use by an AMI”错误？
AWS 官方已更新 4 个月前
保留不健康的 Auto Scaling 实例 -- 分离不健康的 ASG 实例而不是终止
支持工程师
Tim
已发布 4 天前
通过自定义终止策略，让AWS自动伸缩组（ASG）始终终止最旧的实例
支持工程师
Tim
已发布 4 天前