I have a web server backend implemented in node.js. Web Backend exposes REST APIs which are consumed by the web client running in a web browser.
I want to add access control for the REST APIs based on the currently logged in user.
For example: Administrator can access few REST APIs which are not accessible to other users.
For user registration and login I am using AWS Cognito and IAM role.
I can control access to AWS services but not at granular level for specific REST APIs running in EC2.
This can be achieved using AWS API Gateway, but is there anyway we can implement in EC2 only.