Menu
I want to invoke a Lambda function using the Javascript API.
I want it to be invoked with the cognito userpool credentials of the user who is authenticated on the browser.
The objective is that the Lambda function will have the same level of access to S3 as the user from the cognito userpool.
How can I do this?
thanks
664
You can do that by federating user pool token with Cognito federated identity, this will give you temporary AWS credentials to call AWS Lambda function. You will need to create an identity pool and create a role with permission lambda:InvokeFunction.
Also keep in mind that, all the users of user pool will be able to call lambda function if you choose authentication role based resolution, if you want to restrict it to subset of users, you can use groups in user pools and token or rule based mapping in federated identities to determine the role.
52
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
