AWS Cognito
Crawford, Jeffrey
jcrawford at it.ucla.edu
Wed Sep 12 16:21:09 EDT 2018
Hi All,
I’m trying to wrap my head around this, We have a department interested in using Cognito. It looks like it just reuses the IdP config in the IAM Identity Provider section, so does that means all Cognito Identity providers use the same release policy? Meaning it would have to be given the same attribute access that is used to log into the aws console?
The biggest problem I can see is the need for entitlements, the the broad sharing of such entitlements, especially if you have several Cognito Identity Providers.
I’m also assuming that the same account that is utilizing the IDP login would need to set up data sharing between accounts if you wanted to allow another account access to login via your IdP you would need to set up sharing between accounts that granted user access to resources in a different account.
Thanks
Jeffrey Crawford
IAMUCLA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20180912/c580f3ba/attachment.html>
More information about the users
mailing list