2

I am trying to set up row-level access control in Postgres through a Cognito user pool. I have set up the user pool and can successfully authenticate users through it, but I am not sure how to link it to Postgres for row-level access control purposes.

I have been looking into using Postgres roles and policies to manage row level access control, but I have no idea how to properly set it up with cognito, or if this is even the correct approach.

Has anyone successfully set up row-level access control in Postgres through a Cognito user pool? Could you please provide some guidance on how to do it?

Thanks in advance for any help!

Kival M
  • 182
  • 1
  • 10

1 Answers1

0

This article might be helpful: https://5k-team.trilogy.com/hc/en-us/articles/360016997699-Using-PostgreSQL-Row-Level-Security-to-isolate-Tenant-data-in-generated-GraphQL-CRUD-APIs Basically adding custom attributes to Cognito User Pools, enabling a policy for Row Level Security in Postgres based on the Custom Attribute which gets passed as part of the token. Depends on what you have between Cognito and Postgres. But the API layer+backend would extract the Custom Attribute and pass it to the request to PostGres.

John Henry
  • 183
  • 3
  • 10