-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow userPool auth flow in S3 storage #13831
Labels
Comments
github-actions
bot
added
pending-triage
Issue is pending triage
pending-maintainer-response
Issue is pending a response from the Amplify team.
labels
Sep 19, 2024
cwomack
added
Storage
Related to Storage components/category
feature-request
Request a new feature
and removed
pending-triage
Issue is pending triage
labels
Sep 19, 2024
Hello, @anthonyhoegberg and thanks for opening this feature request. I'll review this with our team internally, and follow up with any further questions we have or needs additional context. Thanks! |
github-actions
bot
removed
the
pending-maintainer-response
Issue is pending a response from the Amplify team.
label
Sep 19, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
Is this related to a new or existing framework?
React
Is this related to a new or existing API?
Authentication, Storage
Is this related to another service?
No response
Describe the feature you'd like to request
So in the amplify docs, when setting up authentication we can do smth like
and to describe our table and allow groups and only own users to access data we can do
So then since we are using userPool flow currently when setting up S3 we can do smth like
however this current aproach does not align with the applications login flow etc
and since this approach forces identity pool we cant have owned resources together with groups etc. Also currently using authenticator or other amazon resources when getting the logged in user we are getting the userpools user id and not identity id so we cant use identity id here.
Describe the solution you'd like
The ideal solution would be to allow the S3 configuration to also use userpool id as is, and therefor be able to do smth like this
and when accessing data using api etc, we can use the logged in users permisions etc to access resources and non logged in users or other users cant access another users resources. However users with group permissions can access the data as described
Describe alternatives you've considered
None, currently removing security is the fix for me but i dont like that.
Additional context
No response
Is this something that you'd be interested in working on?
The text was updated successfully, but these errors were encountered: