I am creating a simple CRUD api using NodeJS + TS and AWS SDK. I configured AWSCognito and IAM services for accessing S3 resources.
User can for example request a service that returns all the objects in a S3 bucket. Because not all users should be able to read from S3 bucket, the user should be authenticated when calling the service.
Do I need to instantiate a new S3 client for every user request (and configure it with new user credentials)? If not, what is the best way to pass authenticated user credentials to AWS SDK client?