Authentication & Authorization

Amazon Cognito

• Manages users and credentials
• Issues JWT tokens
• Integrated with Go middleware

IAM

• Separate IAM roles for API and consumer
• Least-privilege access to S3, SQS, logs