AWS Cognito
- This service provides authentication, authorization & user management for web and mobile apps
- Cognito has two major components
- User Pool:
- They provide sign-up/Register and sign options for the users
- Identity Pool:
- Enables you to grant user access
- Enables you to grant user access
- User Pool:
- Refer Here for the authentication flow
- For integration of your web application/mobile application with Cognito User Pools Refer Here
AWS WAF (Web Application Firewall)
- This service lets you montior HTTP(S) requests that are forwareded to
- Cloudfront
- API Gateway
- Loadbalancer
- WAF lets you controll the access.
- Components
- Web ACL: We can use Web ACL to protect AWS resoruces
- Rules
- Rules Groups
AWS Shield
- This service has two levels of Protection against DDOS(Distributed Denial of Service)
- AWS Shield Standard
- Enabled automatically to all AWS Customers
- AWS Shield Advanced
- This lets you protect any of the following resources
- Cloudfront
- Route 53 hosted zones
- ALB
- ELB
- EC2 Elastic IP Address
- With AWS Sheild Advanced, Complex DDos Events can be escalated to AWS DDos Response Team (DRT).
- This lets you protect any of the following resources
- AWS Shield Standard
Prereqs (Next Tuesday 27/Oct)
- Complete this playlist Refer Here
- Linux Playlist Refer Here
Exercise:
- Understand what is private key & public key
- Understand what is difference between Symmetric & Assymetric encryption
- Use
ssh-keygento generate rsa based keys
