Menu
I'm working on a nodejs application on AWS for the first time and am still learning all the services. I'm working on my applications authentication and authorization and am at the point to create my user roles and groups. Is the AWS IAM service meant for both AWS management and for your application's user authorization or should I use one of nodejs's ACL modules and manage my roles and users outside of AWS IAM service?
429
Should you use AWS IAM roles and permission for application users?
No, you should not. AWS IAM roles and permission control AWS user/instance access to AWS services only via EC2 user profiles and instances. They are not intended to be used for specifying user authentication or roles in a proprietary application.
Should I use one of nodejs's ACL modules and manage my roles and users outside of AWS IAM service?
Yes, correct. Use native methods/libraries for managing application specific user authentication and roles in your app.
163
With the rise of API gateway and lambda, I'm wondering if this advice still holds true.
i have a very simple API in node, which is pretty much just ACL around storing a blob of JSON in mongo.
If i could model my permissions in IAM and use a lambda function for handling the mongo write/read, it would seem sensible to use IAM for my application user creds.
Possibly this is what Cognito was released to support? (although i haven't looked into this much)
24
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
