From 34cf1e48077cee414af32f1d24513655282ee90f Mon Sep 17 00:00:00 2001 From: sn0arlax Date: Wed, 15 Mar 2023 12:20:13 +0000 Subject: [PATCH] Minor fixes with some typos. --- docs/aws/services/Cognito.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/aws/services/Cognito.md b/docs/aws/services/Cognito.md index 90b51b4..4f29cdc 100644 --- a/docs/aws/services/Cognito.md +++ b/docs/aws/services/Cognito.md @@ -7,7 +7,7 @@ AWS Cognito is a managed identity provider and user management service comprised - User pools - Identity pools -A user pool is a directory of users . It integrates with other SSO providers such as Google, Amazon and Apple. This allows customers to create a user account in the user pool by simply authenticating with their chosen SSO provider. It uses OpenID Connect or SAML to delegate authentication to third party identity providers. Additionally, it can be used to store custom attributes about users. Users can be assigned read/ write permissions to these attributes when the user pool is configured. +A user pool is a directory of users. It integrates with other SSO providers such as Google, Amazon and Apple. This allows customers to create a user account in the user pool by simply authenticating with their chosen SSO provider. It uses OpenID Connect or SAML to delegate authentication to third party identity providers. Additionally, it can be used to store custom attributes about users. Users can be assigned read/ write permissions to these attributes when the user pool is configured. An identity pool allows users to access the accounts AWS resources, by provisioning a specific IAM role which a person who is authenticated with a user pool can assume. It can also allow unauthenticated users to assume a different IAM role if configured to do so. @@ -110,9 +110,9 @@ aws cognito-identity get-id --identity-pool-id --login = cognito-identity get-credentials-for-identity --identity-id --login = ``` -*\ is equivalent to the issuer of the token, which can be found inside the payload of the ID token JWT* +*ISS is equivalent to the issuer of the token, which can be found inside the payload of the ID token JWT.* -**When configuring an identity pool, apply the principle of least privilege. Disable the unauthenticated role if possible, and apply the minimum privileges required for the authenticated role using IAM policies. See [here](https://docs.aws.amazon.com/cognito/latest/developerguide/role-based-access-control.html) for more details** +**When configuring an identity pool, apply the principle of least privilege. Disable the unauthenticated role if possible, and apply the minimum privileges required for the authenticated role using IAM policies. See [here](https://docs.aws.amazon.com/cognito/latest/developerguide/role-based-access-control.html) for more details.** ## Operational Notes