We have a website which contain multiple smaller sites (in sub folders). A user or guest could have access to 1 or more of the smaller sites. How should we go about hiding and blocking a sub folder from a guest or authenticated user? The goal for us here is to use static S3 buckets, API Gateway, Lambdas, and Cognito.
Any help or direction would be appreciated.