With authenticated user, they need login successfully => no problem
With unauthenticated user, they use identity pool id to have temporatory credentials and use it to put logs to CloudWatch.
However, Identity pool id store in Clientside that is not safe. Hacker can look for identity pool id and attack by put logs to CloudWatch.
Please, any solution?
Thank you!
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
With authenticated user, they need login successfully => no problem
With unauthenticated user, they use identity pool id to have temporatory credentials and use it to put logs to CloudWatch.
However, Identity pool id store in Clientside that is not safe. Hacker can look for identity pool id and attack by put logs to CloudWatch.
Please, any solution?
Thank you!