A/B Testing with Lambda@Edge - Imagine you have a static website or a Single Page Application served through the CDN. You want to experiment two versions with actual users.
A Green/Blue deployment to AWS - CloudFront requires the CNAME in the distribution config to be unique across your entire account. So controlling blue/green via DNS to different distributions will not work. There is a hack rolling around that would use wild cards but that makes no guarantee that the correct files are served. Controlling blue/green via DNS and CloudFront is not feasible.
Understanding Amazon Cognito user pool OAuth 2.0 grants AWS Cognito is simplest replacement of OAuth2 Authorization Server, which is configurable using IaC principles. In addition to using the Amazon Cognito-specific user APIs to authenticate users, Amazon Cognito user pools also support the OAuth 2.0 authorization framework for authenticating users. The article explains supported flows and Cognito nuances on using them.
Server to Server Auth with Amazon Cognito Step-by-Step guide Client Credentials Grant OAuth2 flow implementation with AWS Cognito