Is identity pool mandatory for cognito authentication and authorization

0
votes

I am creating a web app with AWS Cognito to do the authentication and authorization.

Most of the examples I see in the web talks about Identity pools are to give federated access.

In my web app I don't need federated access. But I need to give users different permissions with different IAM roles. As an example users from user pool A and group Admins should have a role which give all the access to the DynamoDB table.

My question is, if I don't need federated identities, do I need identity pools to achieve my requirement?

1
amazon-web-servicesauthenticationamazon-cognitoaws-userpools

1 Answers

1
votes

Identity pool is primarily used to grant users access to AWS resources. It can grant access to users that authenticate using user pool or any of the federated access providers. It can even be used to grant unauntenticated users access. So yes, you will need identity pool to attach a role to. In the identity pool settings select your cognito user pool as access provider.