I'm new to Serverless/AWS and will appreciate some advice about pros/cons of storing "users" data in Dynamodb vs. AWS Cognito and about handling security/permissions properly.
AFAIK, we can define a DynamoDB table in serverless.yaml or in our lambda function code and libs like Dynamoose or Dynogels can help with Models/Schema and queries.
Or we can also create Dynamodb tables via AWS UI and store our users data in AWS Cognito tables.
Say, I want to query several tables (and access few users' info) and return a composite Graphql response via single API endpoint for all queries and mutations (thus, making less requests for data, e.g. users + posts + comments + votes...). So...
1) How can/should lambda code access a Cognito table to get a list of relevant Users (i.e. names, uuids etc.)?
2) Pros/Cons of storing User-related data (passwords, settings) in Cognito vs. custom Users Table?
3) How to handle per document permissions properly?
Particularly I'm working on a social/forum app that will:
* let users create profiles and make posts and comments and follow some posts, tags, other users's activity.
* let users edit only their own content/settings (but admins/moderators can edit for other users)
* let users search and filter through posts.