amazon-cognito

问题 I have the following policy defined on a Cognito role { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "dynamodb:GetItem", "dynamodb:Scan", "dynamodb:UpdateItem" ], "Resource": [ "arn:aws:dynamodb:ap-southeast-2: NUMBER:table/myapplication_product" ], "Condition": { "ForAllValues:StringEquals": { "dynamodb:LeadingKeys": [ "${cognito-identity.amazonaws.com:sub}" ] } } } ] } As you can see, it should allow access to GetItem, UpdateItem and Scan, but I'm finding that

问题 I'm new to AWS and still figuring out how to do things. Part of my web application is using AWS S3 for file storage, but I want each user to be only able to access specific folders(for CRUD) in the bucket. The backend server will track what folders the user will be able to access. I know it is possible to define policies that allow access to specific folders(by matching prefix of objects), but can I generate these policies dynamically and get credentials with these policies attached (probably

问题 I'm using the aws-sdk javascript in my back-end and I can use AWS fine but when I try to use the getOpenIdTokenForDeveloperIdentity method I get a "Missing region in config error" as a response. var config = new AWS.Config({ accessKeyId: "MYACCESSKEY", secretAccessKey: "MYSECRETYKEY", region: 'us-east-1' }); var params = { IdentityPoolId: 'MYIDENTITYPOOLID', /* required */ Logins: { /* required */ "login.my.myapp": 'string', /* anotherKey: ... */ }, IdentityId: null, TokenDuration: 0 };

问题 We have been using Amplify and Cognito to register our users for an Angular6 application deployed to Lambda. The client wanted to transition from email to username as primary user identification. So we created a new user pool / client. I don't have visibility into the configuration settings, I was simply given new user pool, identity pool, and client id's. Then I changed the code for application signup to look like this: return from(Auth.signUp({ 'username': username, // was email 'password':

问题 Background I've been working on a front end javascript application that consumes AWS resources (mostly Lambdas behind API Gateway). The API Gateway resources are protected with IAM, and the app uses most of what Cognito offers accordingly. This includes an Identity Pool with Unauthenticated Identities enabled, and federation with both a Cognito User Pool and multiple social and custom OIDC providers. Cognito is interacted with solely from our front end javascript code, using Amazon's SDK.

问题 With AWS-Cognito-Identity-Js I obtain a session ID token session.getIdToken().getJwtToken() for a authenticated Cognito User. I pass this token to my AWSInitialize function and update the AWS Credentials: var AWSInitialize = function(token){ Logins = {}; Logins['cognito-idp.' + AWSCognito.config.region + '.amazonaws.com/' + poolData.UserPoolId] = token; AWS.config.update({ region: AWSCognito.config.region, credentials: new AWS.CognitoIdentityCredentials({ IdentityPoolId : identityPoolId,

问题 I am trying to integrate SAML Service provider with AWS cognito pool.I have gone through lot of documents and tried to implement .However redirecting is not happening when i click on log in .[scenario is it should redirect to Microsoft login Page] Cognito pool and identity providers are configured correctly. Problem comes when i need to authenticate from front end application could anyone please help me to rectify the same..? here is my code step 1: npm install amazon-cognito-auth-js --save

问题 I have tried using Dialog API and office-js-helpers for authenticating users in my Outlook Addin React app and both of them create pop-ups for auth but they are both blank screens. Both methods return the following error The character encoding of the plain text document was not declared. The document will render with garbled text in some browser configurations if the document contains characters from outside the US-ASCII range. The character encoding of the file needs to be declared in the

问题 I know admin can reset user's temporary password from console using the following command aws cognito-idp admin-create-user --region us-east-1 --user-pool-id us-east-1_youruserpoolid --username theusername --message-action RESEND But here I need something where user have a trigger option, and after that trigger he should get new temp password to his email. It is something like self service option, where user don't have to call admin for resetting his temp password. I tried using

问题 I am using the AWS SDK for Android alongside Cognito to authenticate users (via Login With Amazon) to my AWS resources. What I am attempting to do is to setup an S3 bucket like so: ./my-bucket ├── first_user@email.com └── second_user@email.com So, the my-bucket bucket will have folders based on the user's e-mail address. My first stab to setup the policy was as such: { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": ["s3:ListBucket"], "Resource": ["arn:aws:s3:::my