So I have a generic question in javascript, cant seem to find the answer for a question i.e. Spring security ACL lets to authorize users at an instance level for example if you have a blog and users are commenting, in spring security ACL particular user (or a role) can be banned from commenting on that particular blog dynamically that means blog owner could make a call to backend via block button or something to block a user or roles. How can such a fine grained authorization be achieved using AWS serverless approach using JavaScript, Lambdas, dynamo db etc. i cant seem to find the design or better an open source example which I can learn from. Javascript or Typescript example would be awesome to learn from as I only these.
I was expecting atleast one answer being new here but no worries for others who are searching for same solution please user ABAC (Attribute Based Access Control) Authorization. Following are the examples:
https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html
https://scalesec.com/blog/practical-attribute-based-access-control-with-aws/