- User signs up to User Pool.
- User signs in && get Token.
- Trade it for a policy in AWS Cog. Identity Pool. (e.g policy allows to query dynamodb table)
- User gerenate a script with tons of requests to the table OR user shares its credentials to fleet of hosts in order to spam a single dynamodb endpoint / table.
Can it be prevented?
Did not try anything.