Comments (4)
Hi Jack, thanks for the proposal!
Question, what would be the advantage over just deploying Auth@Edge for each client ID?
(You could reuse the same user pool and provide a separate client ID for each deployment)
from cloudfront-authorization-at-edge.
Hey @ottokruse, no problem and thanks for your response.
Yes one could deploy Auth@Edge for each client ID, but that's six lambdas per client ID, with each set performing nearly identical duties. We'd like to use Auth@Edge to host many static sites. I could see us scaling to use 20 or 30 app client IDs. With a new deployment for each client ID, we would have nearly 200 lambda functions that need to be deployed, monitored and maintained. This does not follow the DRY principle.
Alternatively, if we modify the lambdas slightly to handle interfacing with the proper app ID given the request domain name, we could just use 6 lambdas for all of our static sites.
from cloudfront-authorization-at-edge.
What's the background of using a ClientID per site? What's the benefit you're after? Asking since this mechanism can't be used to e.g. have difference in access rights for you User Pool's users. (You'd need e.g. groups for that)
from cloudfront-authorization-at-edge.
What strategy did you end up pursuing @jmorgancusick ?
from cloudfront-authorization-at-edge.
Related Issues (20)
- Unable to change the code and update deployment HOT 8
- Issues with the refresh endpoint endlessly redirecting after signin HOT 33
- CloudFormation did not receive a response from your Custom Resource HOT 19
- Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”) HOT 2
- Refresh issue after token expires HOT 8
- On signout Required String parameter 'redirect_uri' is not present HOT 5
- Possible Open Redirect (CWE-601) in sample code HOT 2
- nonce cookies are not expired HOT 1
- custom domain is not redirecting to cognito hosted ui HOT 1
- Getting blocked by CORS policy but unable to figure out the source HOT 5
- Node version bump HOT 7
- Custom IDP with Amplify and Auth at Edge HOT 9
- Fail on delete of the stack HOT 3
- Function must be in an Active state error on deploying the solution HOT 7
- Errors from Lambda when destroiyng the stack HOT 2
- Cognito TAGS HOT 1
- How Do I add User Pool attributes to Cookies? HOT 1
- A potential risk in cloudfront-authorization-at-edge which can be used to upload malicious code. HOT 4
- Having the ability to tune logs HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cloudfront-authorization-at-edge.