HTML table advanced features and accessibility.From object to iframe - other embedding technologies.Assessment: Structuring a page of content.If you know a monitor should only ever be accessed by one user, and you can permission each monitor based on the Cognito sub ID, this may be the cleanest method for you. For example, here's the AWS doc for doing this with S3 prefixes so as to simulate a filesystem with user directories. I'm not sure if this will exactly fit your use-case, but a very clean solution to fine-grained access is to leverage access policies based on the Cognito sub ID. Note: The main reason I came up with this model is it is stateless, fine grain, will not require a permission lookup for each query, and does not require the individual records to be authorization conscious. Finally, is this using Cognito in the intended fashion or are there more efficient approaches for fine grain user control?.Is there a hard or soft service limit I am theoretically going to run into, say with hudreds of users with say tens of monitors each?.If a user has access to hundreds of monitors, is there risk of the token size being obscenely large for this use case?.Leading to thousands of groups within a userpool? Is this a sustainable model if thousands of monitors are created.The group would then be in the JWT token Cognito provides on login, which would be used to authorize the Lambda invocation. I am looking at creating a group for each monitor which will then be assigned to the creating user. My goal is to have permissions defined on the monitor UID level to allow users to only have access to their monitor. I have been looking at Cognito to act as my user store. Queries will ultimately be done against a UID that is assigned to each user specified monitor, that will do a query over a GSI of datetime and the monitorID. I am writing a system monitoring tool that will collect metrics on user specified endpoints periodically using Lambda, store the results in Dynamo, and then allow users to fetch metrics through a react app that will call another Lambda instance to retrieve the data from Dynamo.
0 kommentar(er)
