Hello and welcome to my AWS Security Workshop.

Today we will learn how to set up and deploy a static React App hosted on AWS using S3 served on Cloudfront secured by Cognito.

Imagine you’re Netflix, and you have a bunch of videos streaming to users, you host this on S3 for its competitive pricing model, but S3 is unsecured and anyone provided the bucket URL will be able to get those videos. So how allow those with correct access to stream whilst restricting those who have not paid?

A simple method is utilising a JWT token or in simple terms an access token for authentication. We achieve this via utilising AWS Cognito service.

Before we begin, this workshop will be hands-on and will require you to have an AWS account. If you don’t sign up here: https://portal.aws.amazon.com/billing/signup#/start.

This WS shouldn’t cause any billing so feel free to sign up.

Enjoy

:) Danny Huang :)