Hi Yogesh,

You can if the RBAC roles can be converted to scopes. For ex: In some identity products, you can restrict the OAuth 2 scopes on a per user basis depending on the users group membership. I don’t think Cognito supports that model. You can refer this blog https://medium.com/@awskarthik82/map-forgerock-openam-roles-to-aws-cognito-role-based-access-control-rbac-to-control-access-to-aws-970406a53a21. It doesn’t exactly match your use case, but it is somewhat similar.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store