here is the scenario.
AWS accountA has an S3 bucket. AWS acountB has cognito user pool and cognito identity set up. Also accountB is running a amplify app (so there is a fixed origin url)
I want to allow logged users from accountB to put/get objects from bucket in AccountA.
How do I configure the bucket to allow that? How do I configure the identity pool?
This is simple, the bucket would need to be updated to include a bucket policy that grants access to the role that the group in the identity pool uses.
Once this is done you would need to update the policy on the IAM role to grant access to the bucket referencing the actions and resources as if they're in your account.
Take a look at the How can I provide cross-account access to objects that are in Amazon S3 buckets? article to get in depth instructions for enabling cross account support for the S3 bucket.
