- 最新
- 最多得票
- 最多評論
Hi,
Alternate auth mechanisms to the same API are not available at this time, though that is a feature request we've heard before.
This should be possible while still maintaining Cognito as the auth mechanism, though. One way to do it would be that you could create a fake user in your user pool. Using "known" credentials, you could have this user be in an admin group, then lock that operation down to this group in your GraphQL schema. Then you'd give your nightly job safe access to these credentials where it could sign in and access that set of queries/mutations.
Does that make sense?
Thanks,
Jeff
Thank you. I'd love to see something more robust (ideally Cognito User Pools with the option to ALSO allow IAM user access) but this workaround is do-able. Appreciate the help!
Understood - noted as a +1 to prioritizing mixed auth mechanisms for a single API. Thanks for the feedback!
I'm looking for the same functionality here. I have cognito auth in my AppSync service but I want to trigger subscriptions programmatically from the back-end. It would be great to allow IAM access and Cognito at the same time. Please add +1 for me as well =)
It is now possible to assign multiple authentication types. In this case, you could use both @aws_cognito_user_pools as well as @aws_iam authentication. This is now documented here: https://docs.aws.amazon.com/appsync/latest/devguide/security-authz.html
相關內容
- 已提問 10 個月前
- AWS 官方已更新 2 年前
- AWS 官方已更新 2 年前
- AWS 官方已更新 3 年前