Here is the flow: A user will try to authenticate to Redshift, and this auth request should flow over to my personal codebase which has an endpoint that will authenticate this user (this endpoint will act as the IDP). The user should then be able to get access in Redshift only the data from a specific folder inside ONE global S3 bucket. (This bucket contains only folders - one per user, and the user should ONLY access data from within their folder).
How can this be built with AWS? Would we need to use API Gateway or Lambda to forward this request to our codebase's server? How can we narrow down the user's access in Redshift to their specific folder in S3? The data from S3 has to be synced over to Redshift for querying, that is, if anything is added to S3, it should appear in Redshift.