In the previous chapters, we learned how to create serverless functions, REST APIs, and data stores. In this chapter, we will use Amazon Cognito to provide application-level security and user management, including user sign-in, sign-up, and access control. We will also discuss Cognito's integration with API gateway APIs.
Like we did in the other chapters, we will discuss provisioning resources using both AWS CLI commands and CloudFormation templates. For application flows, we will mostly use the AWS CLI, without Java Lambda code. In general, Cognito is used with the frontend, mostly using the JavaScript SDK, as we will see in Chapter 9, Serverless Programming Practices and Patterns.
The following are the prerequisites required for completing the recipes in this chapter:
- A working AWS account
- Configuring the AWS CLI, as discussed in the recipe Your first Lambda with AWS CLI, in Chapter 1, Getting Started with Serverless Computing on AWS
- A basic understanding of security concepts