API Gateway Security Mechanisms | AWS_IAM Vs Cognito User Pool Vs Identity Pool Vs Lambda Authorizer
Рет қаралды 37,596
4 жыл бұрынIn this video, we will compare different AWS API Gateway Security Mechanisms - AWS_IAM, Cognito User Pool, Cognito Identity Pool, Lambda Authorizer. We will also go over for what use case you should use which mechanism along with pros cons.
*My Courses*
Discounted Link for My Serverless Course: www.udemy.com/course/aws-serv...
Discounted Link for my CloudFormation, CDK with Devops, Interview Guide Course: www.udemy.com/course/rocking-...
*Connect with me*
Connect with me in LinkedIN: / rajdeep-sa-at-aws
Follow me on twitter: / cloudwithraj
Follow me on instagram: / raj_does_cloud
DEFINITELY DO NOT CLICK: / @cloudwithraj
@kappaj01 4 жыл бұрын
Using the Scopes it is possible to get fine-grained access. Interesting is that the initial sign-in process with Cognito User Pool you get back a JWT with, identity, access and refresh tokens. Depending upon whether you pass in the identity or the access token, you get quite different approaches on how API Gateway Authorizer will apply it.
@cloudwithraj 4 жыл бұрын
You are correct, I will do a deep down video on Cognito. Thanks for the feedback and thanks for watching :)
@icheston 3 жыл бұрын
@@cloudwithraj is there any videos on this concept? Or using the concept of user pool groups?
@gauravtiwari981 2 жыл бұрын
@@cloudwithraj on 11th minute you are explaining the IAM Role 3 with UserPool but lets say we use a single identity provider (facebook or Cognito Userpool) , can we have separate IAM Roles returned ? If yes then how ?
@MohammedNoureldin 3 жыл бұрын
Great video, now I understand the differences correctly! Thanks a lot!
@artemyevtushenko8722 3 жыл бұрын
best video on the topic on the youtube
@jorgemartin6148 3 жыл бұрын
Great explanation! I'm amazed by your videos, they are so clear. Thanks you so much.
@cloudwithraj 3 жыл бұрын
Glad you like them!
@kakumanus1 2 жыл бұрын
Good job Raj. Clear and concise with very good illustrations
@lordwilfrandosy6791 3 жыл бұрын
Thanks for making this video. You explained the topic clearly.
@cloudwithraj 3 жыл бұрын
Glad you liked it
@AVISH747 Жыл бұрын
This is awesome..!
@tusharanand4059 Жыл бұрын
Most clear description of Cognito so far. and yes I have smashed that like button.
@cloudwithraj Жыл бұрын
haha ty Tushar
@tcooksey1972 Жыл бұрын
Nice job Raj.
@prime8krish 3 жыл бұрын
Pretty good explanation on the differences. Thank u. Keep posting such awesome videos.
@cloudwithraj 3 жыл бұрын
Thanks Srikanth for watching. I am glad you found this video helpful.
@nickqi5487 Жыл бұрын
Bravo! the best explanation I found around this topic. In AWS HTTP API gateway, I believe you have JWT authrorizer which does acts similarly as the Lambda authorizor. It checks the signature using the public key of the identity provider along with scopes and audiences
@yekohein1528 4 ай бұрын
Thank you sir. Explaining with picture and flow is very clear to understand.
@MrAditya9019 Жыл бұрын
Great Explanation
@shantisagargebise2883 7 ай бұрын
Great explanation, sorted my queries related to different authentication and authorization methods with AWS. Thanks.
@__noob__coder__ 2 жыл бұрын
video was relly helpful
@amrindersingh4295 3 жыл бұрын
very well explained....thanks much!
@cloudwithraj 3 жыл бұрын
Glad it was helpful!
@SpookFilthy 4 жыл бұрын
If you want fine-grained authorisation using Cognito user pools, you can potentially use oauth scopes and not have to create more user pools.
@cloudwithraj 4 жыл бұрын
You are correct, I will do a deep down video on Cognito. Thanks for the feedback and thanks for watching :)
@milesbaker9843 3 жыл бұрын
Excellent explanation! Thank you.
@cloudwithraj 3 жыл бұрын
Glad it was helpful!
@MarianoGomezBidondo 2 жыл бұрын
Excelent video!, thanks for sharing!
@cloudwithraj 2 жыл бұрын
Thanks for watching!
@wordmagicawriting4629 2 жыл бұрын
Such cool videos Raj 👍
@anshikagupta4931 2 жыл бұрын
Another great one, Raj. I am a fellow Amazonian too, and this playlist is a great learning tool!
@cloudwithraj 2 жыл бұрын
Ty Anshika for your kind words (and the helpful pointer about ALB X-region using IP and VPC peering ). I love when fellow amazonians find my videos helpful 👊
@JafarUlla15 4 ай бұрын
Very well described. Great . THANK YOU
@cloudwithraj 4 ай бұрын
Glad it was helpful!
@Shaunmcdonogh-shaunsurfing Жыл бұрын
Amazing vid man
@cloudwithraj Жыл бұрын
Appreciate it
@SuperSam881 3 жыл бұрын
I'm trying to control access to individual methods of my API Gateway using Cognito Identity Pool like you say I can but cannot get it to work. Do you have a video which explains the setup in more depth with example?
@MS-mq4gd 4 жыл бұрын
Please upload more in-depth videos of aws services
@totsubo2000 2 жыл бұрын
I got lost during the Cognito Identity Pool. You skipped explaining how the GIP knows which IAM role to assign to a user. Do users logging using Facebook only ever get IAM role 1, and those using User pool only ever get IAM role 3? Where and how is that logic configured.
@atuljoshi6182 3 жыл бұрын
Excellent explanation
@cloudwithraj 3 жыл бұрын
Glad it was helpful!
@KoyaMel 3 жыл бұрын
Another great video my friend. Very well explained. I always don't skip ads on your videos :) Using the "VS" logo of Street Fighter enticed me to click this video. JK.
@cloudwithraj 3 жыл бұрын
You rock Koya!
@saurabrakshit405 2 жыл бұрын
Amazing Video ! Please make a separate vdo on below topic coz there is no resource in internet related to this topic. I want to know how to do the Sign Up, Login & other MFA in React-Native App, if I already have a existing backend in AWS Cognito . And have the below details of the existing backend :- aws_cognito_identity_pool_id: aws_cognito_region: aws_user_pools_id: aws_user_pools_web_client_id:
@venkataramanagovindu5244 3 жыл бұрын
Can we use O355/OpenID authentication with API gateway
@virendrabhatia4639 Жыл бұрын
Can we use roe level security whiile accessing redshift via cognito user->API->redshift data ApI
@user-no1sg9xt2t Жыл бұрын
Thank you for the nice video, I did not find your udemy course of Rocking AWS serverless, is the name changed?
@virendrabhatia4639 Жыл бұрын
Can we use row level security while accessing redshift for cognito user....Login via cognito user->API->Lambds->redshift data ApI with row levelsecurity for example Cognito user1 can only see US data and user2 can only see UK data
@bpradeep9284 3 жыл бұрын
Hi Raj, Excellent Video ! We can leverage Cognito User Pool Groups to define different IAM role/policies right ?
@cloudwithraj 3 жыл бұрын
That's correct Pradeep!
@gauravtiwari981 2 жыл бұрын
@@cloudwithraj Now lets say we use SAML Federation with on-premises AD in Cognito UserPool . How will I have the user groups since the user is not created in Cognito.
@cloud_architector 4 жыл бұрын
Nice video as usual 👍 Btw how you did this lambda?
@cloudwithraj 4 жыл бұрын
Thanks Denys :). Ya I bought nanoleaf panels and made it in lambda pattern
@Lodayaprashant 2 жыл бұрын
Ideally IAM should be applied to roles and not to users.
@user-lp5qi9ju1y 2 жыл бұрын
3:59 not sure what the word is, 'you are in trouble because they don't ____ it' ?
@cloudwithraj 2 жыл бұрын
"rotate" , apologies for not spelling it super crisp, thanks for watching
@user-lp5qi9ju1y 2 жыл бұрын
@@cloudwithraj thank you!
@jackgeniosky Жыл бұрын
The API key method is not well described
@piercef7343 3 жыл бұрын
You should try speaking a little bit slower!
Majestic.cloud
Рет қаралды 16 М.
Be A Better Dev
Рет қаралды 150 М.
AWS Events
Рет қаралды 5 М.
Majestic.cloud
Рет қаралды 4,4 М.
Сколько смартфонов я купил за свои деньги? #техника #технологии #android #смартфон #обзор #техноблог
Павел Хмурчик
Рет қаралды 43 М.
Syncswift
Рет қаралды 1,4 МЛН
JOON Italian
Рет қаралды 1,3 МЛН
flaco
Рет қаралды 680 М.