pdkovacs
commented
1 year ago Authentication
A close match to the nginx/oauth-proxy solution doesn't seem to be available on AWS.
- API Gateway 1.2. jwt-authorizer is not good enough even as Authorization code with PKCE 1.3 Lambda authorizer is to expensive in terms of effort
- Application Load Balancer 2.1. OIDC authentication seems to require verifying the loadbalancer's signature on the claims &ndash seems too much effort to integrate a custom environment
Hence: https://github.com/pdkovacs/igo-repo/issues/9
Push-notification fan-out
SNS seems the most optimal candidat
For this project, testing locally is meant to be only a helper, a cheap way of exercising function of the app needed in production (in AWS) as well. A constant "reality-check" is desirable on what solutions are possible and/or optimal on AWS to avoid "digression" with the local env/features.