Menu
I've been looking to use various AWS services to handle the infrastructure for our next major project. We started looking at docker containers on EC2 instances, but after looking into AWS Lambda a bit more - it seems like a worthy path to explore.
Using the AWS Lambda paradigm, we would simply use Lambda functions as the logical glue to hold our data and events (from other AWS services) together.
For instance, if a user of our product creates a new record, AWS Lambda can be triggered on that event and we can call a lambda function to add that record to AWS Cloudsearch, thus keeping our search up to date.
I'm a little uncertain when it comes to user management, authentication and so on within this type of paradigm. I've read some documentation on IAM and Cognito in looking for an AWS service to offload user sign up, login, logout, forgot password, etc to. It doesn't seem like that's what these services are actually for. IAM is identity management for the organization (not the user base), and cognito is more focused on syncing identity information across many devices or app instances (post authentication).
I'm currently wondering if what I should be doing is writing sign up, login, forgot password etc code as lambda functions myself? or is there some solution or set of solutions within the AWS stack that would scratch this particular itch?
979
You can use your own authentication system with Cognito and then use IAM for authorisation, even for your user base.
GetOpenIdTokenForDeveloperIdentity.GetCredentialsForIdentity.LookupDeveloperIdentity.Check the authentication flow and some more examples
135
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
