AWS Step Functions allow you to reorganize functions and services into individual steps that can be analyzed, you can even allow human approval be required at a certain point in the process. Step Functions make it easy to alter your applications as well through a visual workflow, think similar to coding blocks. I will be covering Cognito in this post as well since the Step Function portion was so short, I would highly recommend doing your own research on Step Functions though. With Cognito you have your Cognito user pools, this is a serverless database of users that have access to your web and mobile apps. You can have a username and password, password reset, MFA, and even utilize federated identities. Your Cognito User pool can access your applications through an API gateway or ALB. Next up, we have Cognito Identity Pools, these are interesting in the fact that they essentially provide temporary login directly into your AWS account, with IAM permissions specified of course. How it works is the client gets an authentication token from SAML, Cognito User Pool, or even a federated identity like Google or FaceBook and passes that token onto the Cognito Identity pool which will then provide token for temporary credentials to the client so they may access AWS directly, permissions can be fine-tuned per user as well. With an Identity Pool you could utilize row-level security on DynamoDB by only allowing certain users certain access to certain values, or rows, on the table. I hope you enjoyed this post and as always feel free to leave a comment if you have any feedback!