Home Page Icon
Home Page
Table of Contents for
Working with Cognito groups
Close
Working with Cognito groups
by Heartin Kanikathottu
AWS Security Cookbook
Title Page
Copyright and Credits
AWS Security Cookbook
Dedication
About Packt
Why subscribe?
Contributors
About the author
About the reviewers
Packt is searching for authors like you
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Download the color images
Conventions used
Sections
Getting ready
How to do it…
How it works…
There's more…
See also
Get in touch
Reviews
Managing AWS Accounts with IAM and Organizations
Technical requirements
Configuring IAM for a new account
Getting ready
How to do it...
Creating a billing alarm
How it works...
There's more...
See also
Creating IAM policies
Getting ready
How to do it...
Creating policies with the IAM visual editor
Creating policies using the AWS CLI
How it works...
There's more...
See also
Creating a master account for AWS Organizations
Getting ready
How to do it...
How it works...
There's more...
See also
Creating a new account under an AWS Organization
Getting ready
How to do it...
Creating an account and OU from the CLI
Creating and moving an account from the console
How it works...
There's more...
See also
Switching roles with AWS Organizations
Getting ready
How to do it...
Switching as an administrator
Granting permission for a non-admin user to switch roles
Granting permission for a non-admin user to switch roles using the CLI
How it works...
Switching roles between any two accounts
There's more...
See also
Securing Data on S3 with Policies and Techniques
Technical requirements
Creating S3 access control lists
Getting ready
How to do it...
Granting READ ACLs for a bucket to everyone from the console
Granting READ for AWS users using predefined groups from the CLI
Granting public READ for an object with canned ACLs from the CLI
How it works...
There's more...
Comparing ACLs, bucket policies, and IAM policies
See also
Creating an S3 bucket policy
Getting ready
How to do it...
Bucket public access with a bucket policy from the console
Bucket list access with a bucket policy from the CLI
How it works...
There's more...
See also
S3 cross-account access from the CLI
Getting ready
How to do it...
Uploading to a bucket in another account
Uploading to a bucket in another account with a bucket policy
How it works...
There's more...
See also
S3 pre-signed URLs with an expiry time using the CLI and Python
Getting ready
How to do it...
Generating a pre-signed URL from the CLI
Generating a pre-signed URL using the Python SDK
How it works...
There's more...
See also
Encrypting data on S3
Getting ready
How to do it...
Server-side encryption with S3-managed keys (SSE-S3)
Server-side encryption with KMS-managed keys (SSE-KMS)
Server-side encryption with customer-managed keys (SSE-C)
How it works...
There's more...
See also
Protecting data with versioning
Getting ready
How to do it...
How it works...
There's more...
See also
Implementing S3 cross-region replication within the same account
Getting ready
How to do it...
How it works...
There's more...
See also
Implementing S3 cross-region replication across accounts
Getting ready
How to do it...
How it works...
There's more...
See also
User Pools and Identity Pools with Cognito
Technical requirements
Creating Amazon Cognito user pools
Getting ready
How to do it...
How it works...
There's more...
See also
Creating an Amazon Cognito app client
Getting ready
How to do it...
How it works...
There's more...
Customizing workflows with triggers
See also
User creation and user signups
Getting ready
How to do it...
Creating a user by an administrator
Creating a user through self-signup with admin confirmation
Creating a user through self-signup with self-confirmation
How it works...
There's more...
See also
Implementing an admin authentication flow
Getting ready
How to do it...
How it works...
There's more...
See also
Implementing a client-side authentication flow
Getting ready
How to do it...
How it works...
There's more...
See also
Working with Cognito groups
Getting ready
How to do it...
How it works...
There's more...
See also
Federated identity with Cognito user pools
Getting ready
How to do it...
Configuring within the Amazon developer portal
Configuring in Cognito
How it works...
There's more...
See also
Key Management with KMS and CloudHSM
Technical requirements
Creating keys in KMS
Getting ready
How to do it...
How it works...
There's more...
See also
Using keys with external key material
Getting ready
How to do it...
Creating key configuration for an external key
Generating our key material using OpenSSL
Continuing with key creation from the console
How it works...
There's more...
See also
Rotating keys in KMS
Getting ready
How to do it...
How it works...
There's more...
See also
Granting permissions programmatically with grants
Getting ready
How to do it...
How it works...
There's more...
See also
Using key policies with conditional keys
Getting ready
How to do it...
How it works...
There's more...
See also
Sharing customer-managed keys across accounts
Getting ready
How to do it...
Creating a key and giving permission to the other account
Using the key as an administrator user from account 2
Using the key as a non-admin user from account 2
How it works...
There's more...
See also
Creating a CloudHSM cluster
Getting ready
How to do it...
How it works...
There's more...
See also
Initializing and activating a CloudHSM cluster
Getting ready
How to do it...
Initializing the cluster and creating our first HSM
Launching an EC2 client instance and activating the cluster
How it works...
There's more...
See also
Network Security with VPC
Technical requirements
Creating a VPC in AWS
Getting ready
How to do it...
How it works...
There's more...
See also
Creating subnets in a VPC
Getting ready
How to do it...
How it works...
There's more...
See also
Configuring an internet gateway and a route table for internet access
Getting ready
How to do it...
How it works...
There's more...
See also
Setting up and configuring NAT gateways
Getting ready
How to do it...
How it works...
There's more...
See also
Working with NACLs
Getting ready
How to do it...
How it works...
There's more...
See also
Using a VPC gateway endpoint to connect to S3
Getting ready
How to do it...
How it works...
There's more...
See also
Configuring and using VPC flow logs
Getting ready
How to do it...
How it works...
There's more...
See also
Working with EC2 Instances
Technical requirements
Creating and configuring security groups
Getting ready
How to do it...
How it works...
There's more...
See also
Launching an EC2 instance into a VPC
Getting ready
How to do it...
General steps for launching an EC2 instance and doing SSH
Launching an instance into our public subnet
Launching an instance into our private subnet
How it works...
There's more...
See also
Setting up and configuring NAT instances
Getting ready
How to do it...
Adding a route for the NAT instance
How it works...
There's more...
See also
Creating and attaching an IAM role to an EC2 instance
Getting ready
How to do it...
How it works...
There's more...
See also
Using our own private and public keys with EC2
Getting ready
How to do it...
Generating the keys
Uploading a key to EC2
How it works...
There's more... 
See also
Using EC2 user data to launch an instance with a web server
Getting ready
How to do it...
How it works...
There's more...
See also
Storing sensitive data with the Systems Manager Parameter Store
Getting ready
How to do it...
Creating a parameter in the AWS Systems Manager Parameter Store
Creating and attaching role for the AWS Systems Manager
Retrieving parameters from the AWS Systems Manager Parameter Store
How it works...
There's more...
See also
Using KMS to encrypt data in EBS
Getting ready
How to do it...
How it works...
There's more...
See also
Web Security Using ELBs, CloudFront, and WAF
Technical requirements
Enabling HTTPS on an EC2 instance 
Getting ready
How to do it...
How it works...
There's more...
See also
Creating an SSL/TLS certificate with ACM
Getting ready
How to do it...
How it works...
There's more...
See also
Creating a classic load balancer
Getting ready
How to do it...
How it works...
There's more...
See also
Creating ELB target groups
Getting ready
How to do it...
How it works...
There's more...
See also
Using an application load balancer with TLS termination at the ELB
Getting ready
How to do it...
How it works...
There's more...
See also
Using a network load balancer with TLS termination at EC2
Getting ready
How to do it...
How it works...
There's more...
See also
Securing S3 using CloudFront and TLS
Getting ready
How to do it...
CloudFront distribution with CloudFront default domain
CloudFront distribution with a custom domain and ACM certificate
How it works...
There's more...
See also
Configuring and using the AWS web application firewall (WAF)
Getting ready
How to do it...
How it works...
There's more...
See also
Monitoring with CloudWatch, CloudTrail, and Config
Technical requirements
Creating an SNS topic to send emails
Getting ready
How to do it...
How it works...
There's more...
See also
Working with CloudWatch alarms and metrics
Getting ready
How to do it...
How it works...
There's more...
See also
Creating a dashboard in CloudWatch
Getting ready
How to do it...
How it works...
There's more...
See also
Creating a CloudWatch log group
Getting ready
How to do it...
How it works...
There's more...
See also
Working with CloudWatch events
Getting ready
How to do it...
How it works...
There's more...
See also
Reading and filtering logs in CloudTrail
Getting ready
How to do it...
How it works...
There's more...
See also
Creating a trail in CloudTrail
Getting ready
How to do it...
How it works...
There's more...
See also
Using Athena to query CloudTrail logs in S3
Getting ready
How to do it...
How it works...
There's more...
See also
Cross-account CloudTrail logging
Getting ready
How to do it...
How it works...
There's more...
See also
Integrating CloudWatch and CloudTrail
Getting ready
How to do it...
How it works...
There's more...
See also
Setting up and using AWS Config
Getting ready
How to do it...
How it works...
There's more...
See also
Compliance with GuardDuty, Macie, and Inspector
Technical requirements
Setting up and using Amazon GuardDuty
Getting ready
How to do it...
How it works...
There's more...
See also
Aggregating findings from multiple accounts in GuardDuty
Getting ready
How to do it...
How it works...
There's more...
See also
Setting up and using Amazon Macie
Getting ready
How to do it...
How it works...
There's more...
See also
Setting up and using Amazon Inspector
Getting ready
How to do it...
How it works...
There's more...
See also
Creating a custom Inspector template
Getting ready
How to do it...
How it works...
There's more...
See also
Additional Services and Practices for AWS Security
Technical requirements
Setting up and using AWS Security Hub
Getting ready
How to do it...
How it works...
There's more...
See also
Setting up and using AWS SSO
Getting ready
How to do it...
How it works...
There's more...
See also
Setting up and using AWS Resource Access Manager
Getting ready
How to do it...
How it works...
There's more...
See also
Protecting S3 Glacier vaults with Vault Lock
Getting ready
How to do it...
How it works...
There's more...
See also
Using AWS Secrets Manager to manage RDS credentials
Getting ready
How to do it...
How it works...
There's more...
See also
Creating an AMI instead of using EC2 user data
Getting ready
How to do it...
How it works...
There's more...
See also
Using security products from AWS Marketplace
Getting ready
How to do it...
How it works...
There's more...
See also
Using AWS Trusted Advisor for recommendations
Getting ready
How to do it...
How it works...
There's more...
See also
Using AWS Artifact for compliance reports
Getting ready
How to do it...
How it works...
There's more...
See also
Other Books You May Enjoy
Leave a review - let other readers know what you think
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
See also
Next
Next Chapter
Getting ready
Working with Cognito groups
In this recipe, we will create two groups and assign users to those groups.
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset