I created a user pool and an identity pool in one region.
Can I use the credentials from the identity pool (accessKeyId, secretAccessKey, securityToken) to access data in another region?
Asked
Active
Viewed 94 times
1 Answers
2
All IAM credentials are global credentials, so by default this would work.
You can limit this by applying policies with the aws:RequestedRegion condition - more on that in the docs.
These policies can be either applied to the role Cognito creates credentials for or via a Service Control Policy, that limits which regions the account has access to.
Maurice
- 11,482
- 2
- 25
- 45