Reader small image

You're reading from  Implementing Identity Management on AWS

Product typeBook
Published inOct 2021
PublisherPackt
ISBN-139781800562288
Edition1st Edition
Tools
Right arrow
Author (1)
Jon Lehtinen
Jon Lehtinen
author image
Jon Lehtinen

Jon Lehtinen has 16 years of enterprise identity and access management experience and specializes in both the strategy and execution of IAM transformation in global-scale organizations such as Thomson Reuters, General Electric, and Apollo Education Group. In addition to his work in the enterprise space, he has held positions on Ping Identity's Customer Advisory Board and as an advisor to identity verification start-up EvidentID. He currently owns the workforce and customer identity implementations at Okta. Jon is dedicated to the growth and maturity of IAM as a profession and serves on the Board of Directors for IDPro org. He is also a member of the Kantara Initiative, ISC2, OpenID Foundation, and Women in Identity. Jon has presented his work at several conferences, including RSA, Identiverse, and KuppingerCole's European Identity and Cloud Conference. Currently, he owns Okta's workforce and customer IAM implementations as their Director of Okta on Okta.
Read more about Jon Lehtinen

Right arrow

Creating an Amazon Cognito identity pool

Since we now have a user pool that can provide federated identities, we can create an identity pool. Doing so will allow the federated identities from that user pool to access AWS resources. To do this from the Management Console, follow these steps:

  1. Go to the Amazon Cognito service and select Manage Identity Pools.
  2. Since we have no existing identity pools, we are taken directly to the wizard to configure our first one. Let's call this one rbiidentitypool:

    Figure 5.51 – Naming the new identity pool

  3. An interesting capability of identity pools is that they allow unauthenticated users to obtain temporary credentials to access AWS resources. It may seem counterintuitive to permit this, but there may be use cases where access to a resource, such as placing a file into a bucket or adding an entry into an Amazon DynamoDB database, may be deemed so sufficiently low risk that identifying principals taking these actions may...
lock icon
The rest of the page is locked
Previous PageNext Page
You have been reading a chapter from
Implementing Identity Management on AWS
Published in: Oct 2021Publisher: PacktISBN-13: 9781800562288

Author (1)

author image
Jon Lehtinen

Jon Lehtinen has 16 years of enterprise identity and access management experience and specializes in both the strategy and execution of IAM transformation in global-scale organizations such as Thomson Reuters, General Electric, and Apollo Education Group. In addition to his work in the enterprise space, he has held positions on Ping Identity's Customer Advisory Board and as an advisor to identity verification start-up EvidentID. He currently owns the workforce and customer identity implementations at Okta. Jon is dedicated to the growth and maturity of IAM as a profession and serves on the Board of Directors for IDPro org. He is also a member of the Kantara Initiative, ISC2, OpenID Foundation, and Women in Identity. Jon has presented his work at several conferences, including RSA, Identiverse, and KuppingerCole's European Identity and Cloud Conference. Currently, he owns Okta's workforce and customer IAM implementations as their Director of Okta on Okta.
Read more about Jon Lehtinen