AWS Classroom Series – 04/Jul/2020

AWS Cognito User Pools

  • User pool is a user directory with which users can sign into your web/mobile app through Amazon cognito
  • Your users can also sign in through identity providers Google, Facebook, Amazon, Apple, Microsoft etc
  • After succesful authentication Cognito issues JSON web tokens (JWT) that you can use to secure and authorize access

Creating a UserPool

  • Login into AWS Console and select cognito Preview Preview Preview
  • For federated logins use Amazon Cognito Identity pools
  • FOR API Reference Refer Here

AWS Shield

  • AWS provides AWS Shield Standard and AWS Shield Advanced for protection againts DDoS attacks.
  • AWS Shield Advanced provides expanded DDos attack protection for
    • EC2 instances
    • Elastic Loadbalancers
    • Cloudfront distributions
    • Route53 Hosted zones
  • AWS Shield Advanced Supports protection for Layer 7 attacks in addition to layer 3 and layer 4 attacks (Standard Plan)
  • AWS Shield Advanced plan automically includes AWS WAF (Web application Firewall)
  • Types of DDoS attacks:
    1. UDP reflection attacks
    2. SYN flood attack
    3. DNS query flood
    4. Http flood/cache-busting attacks


  • AWS WAF that helps you in monitoring HTTP(s) requests to
    • Cloudfront distribution
    • API Gateway
    • Application Loadbalancer
  • Web ACLs: you can use web access control lists to protect set of AWS resources.
  • Rules – Each rule will have a statement that defines inspection criteria
  • Rules groups: grouping of rules.

AWS Firewall Manager

  • Simplifies using AWS WAF, Shield Advanced, security groups administration and maintanence tasks across multiple accounts and resources.

AWS Step functions

  • Step functions enables to coordinate applications and microservices using visual workflows
  • Two workflows are supported
    • Standard
    • Express workflows

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

About learningthoughtsadmin