@rakannimer How to protect identity pool ID?
Because, Identity pool id which store in frontend client (in mobile, web browser) easyly get it. Hacker can use it to attack by put logs to CloudWatch Logs spamming.
With authenticated user, they need login successfully => no problem
With unauthenticated user, they use identity pool id to have temporatory credentials and use it to put logs to CloudWatch.
However, Identity pool id store in Clientside that is not safe. Hacker can look for identity pool id and attack by put logs to CloudWatch.
Please, any solution?
Thank you!
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
@rakannimer How to protect identity pool ID?
Because, Identity pool id which store in frontend client (in mobile, web browser) easyly get it. Hacker can use it to attack by put logs to CloudWatch Logs spamming.
With authenticated user, they need login successfully => no problem
With unauthenticated user, they use identity pool id to have temporatory credentials and use it to put logs to CloudWatch.
However, Identity pool id store in Clientside that is not safe. Hacker can look for identity pool id and attack by put logs to CloudWatch.
Please, any solution?
Thank you!