I don't think that works because you can only have 500 cognito user groups and users will need to have access to specific projects so each project's access will need their own cognito group I think. I have updated the user access diagram maybe that will make it more clear
There can also be a user 3 in above diagram that is a freelancer in both Company 1 & 2 and has access to only project A & C
You can use the user attribute (tenant) in combination with cognito groups (projects) or create multiple user attributes
I don't think that works because you can only have 500 cognito user groups and users will need to have access to specific projects so each project's access will need their own cognito group I think. I have updated the user access diagram maybe that will make it more clear
There can also be a user 3 in above diagram that is a freelancer in both Company 1 & 2 and has access to only project A & C
The number of Cognito groups now is 10,000.
And a user can belong to 100 groups.
docs.aws.amazon.com/cognito/latest...