Can you set a Cognito Identity Pool to include all users/EC2s of the acct?

0

I followed a tutorial for how to create a QnA bot that used a CloudFormation stack.

That stack created an identity pool. Using either my own secretAccessKey/accessKeyId, or an EC2 server's creds works for signing into the service. When I look at the identity pool, I see that the authenticated identities look like regions followed by "_" and then some letters and numbers. Are these identities references to account-wide VPC values or something? I don't understand how you can make an identity that includes all users/servers of the AWS account. Googling doesn't help me understand what's going on here.

ShaneS
已提問 4 年前檢視次數 218 次
1 個回答
0

Ok, so I figured out a more accurate way to look at this.

I shouldn't be using identity pools at all.

I can specify a certain AWS service's (EC2 or Lambda, etc) role as having access to any other service.
I can restrict access to an IP address range.
I can specify a particular AWS User's account.
I can specify a group of AWS user accounts in a Cognito User Group.
I can specify a Cognito User Group or other IDP provider, or an unauthenticated user in a Congito Identity Pool.

Edited by: ShaneS on Sep 28, 2020 7:52 AM

ShaneS
已回答 3 年前

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南