We need to setup an S3 bucket so we can use AWS JS SDK to upload files from a web application only for logged in users.
We already have a Cognito user pool, e.g., self-managed, and/or tied to a corporate SSO or social networks. Users may have different permissions depending on custom groups they are on. There is an app client, which is used to authenticate users in our web app.