AWS Cognito

Crawford, Jeffrey jcrawford at
Wed Sep 12 16:21:09 EDT 2018

Hi All,

I’m trying to wrap my head around this, We have a department interested in using Cognito. It looks like it just reuses the IdP config in the IAM Identity Provider section, so does that means all Cognito Identity providers use the same release policy? Meaning it would have to be given the same attribute access that is used to log into the aws console?

The biggest problem I can see is the need for entitlements, the the broad sharing of such entitlements, especially if you have several Cognito Identity Providers.

I’m also assuming that the same account that is utilizing the IDP login would need to set up data sharing between accounts if you wanted to allow another account access to login via your IdP you would need to set up sharing between accounts that granted user access to resources in a different account.

Jeffrey Crawford
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list