amazon-cognito

Send username to aws Lambda function triggered by aws Cognito user confirm

半世苍凉 提交于 2019-12-07 22:43:02
问题 I am trying to write a Lambda function that makes a folder in an s3 bucket named after a newly confirmed cognito user. This will allow me to keep that user's access limited to their folder. I have created a Lambda function that can create a folder in s3 using a username passed through Lambda's test event object. I know cognito has a "confirmation event" trigger, and I have selected my function to run on that trigger, but I do not know how to retrieve the username from that event. Screenshot

User pools for users who register via twitter?

╄→гoц情女王★ 提交于 2019-12-07 11:38:15
问题 I'm new to Cognito. So I need some clarification about how I should be registering users who have signed up via a social login. I've created both a user pool and a federated identity pool. Then I performed a basic oauth request to twitter upon the user's login button click, and then with the twitter token and secret that I receive after successfully logging them in, I perform a request to get Cognito Identity credentials. var params = { IdentityPoolId: 'my-pool-id', Logins: { 'api.twitter.com

User Migration to Cognito using Lambda trigger in python

家住魔仙堡 提交于 2019-12-07 08:25:39
问题 I've created a Lambda function in Python to migrate users from RDS to AWS Cognito. The problem I am facing is the return type for my function in order for Cognito to create the user. At first I was returning JSON: return { "response": { "userAttributes": { "email": event["userName"], }, "finalUserStatus": "CONFIRMED", "messageAction": "SUPPRESS", "desiredDeliveryMediums": "EMAIL", "forceAliasCreation": "false" } } Which resulted in an exception: I also tried to follow the only code Sample

Will Cognito User Pools support internationalization?

烈酒焚心 提交于 2019-12-07 08:13:54
问题 We are very excited about the new Cognito User Pools. But it looks like that there is no way to support multiple languages in messages. For example a User from Germany should get a verification message in German while a user from New Zealand should get it in English. Without internationalization nobody could use Cognito User Pools outside of English speaking countries. Will this be a feature in the final release on Cognito User Pools? 回答1: You can use the Lambda Triggers functionality with

How to check for custom OpenID claim in an IAM role's trust policy?

社会主义新天地 提交于 2019-12-07 04:49:47
问题 I am authenticating users with auth0 to receive a id token containing the following claim "http://myapp.com/scope": "write" Using a Cognito identity pool with an OpenID authentication provider (namely, auth0), I am able to successfully get temporary credentials to access aws services. However, I want to restrict access to these services based on my custom claim above. I believe the proper way to do this is by editing the trust policy associated with my identity pool, but I am not sure how to

How can I get the Amazon Cognito Identity SDK working in Aurelia?

岁酱吖の 提交于 2019-12-06 23:43:22
问题 I am trying to get the Amazon Cognito Identity SDK working in Aurelia. I do not have a lot of Javascript experience and am very unfamiliar with the various dependency systems. I installed the Cognito SDK using: npm install --save amazon-cognito-identity-js I then edited my aurelia_project/aurelia.json file as suggested in the Aurelia documentation to include a new client library dependency in build.bundles vendor-bundle dependencies: "sjcl", "jsbn", { "name": "aws-sdk", "path": "../node

Is it safe to show the AWS cognito pool ID in my html?

霸气de小男生 提交于 2019-12-06 23:07:26
问题 I am building a serverless website with AWS Cognito, Lambda, S3 and a dozen more of their services. My HTML/JS in my login page has the cognito pool ID. How safe is this? I know that it is best practise to hide sensitive stuff. But this is not client-server. Its all client if im honest. I do access some sensitive data via a lambda call. But even this call requires some plain-text sensitive inputs like the user ID. <script src="https://sdk.amazonaws.com/js/aws-sdk-2.3.7.min.js"> </script>

Giving user capability of resetting expired temporary password in cognito

心已入冬 提交于 2019-12-06 14:15:18
I know admin can reset user's temporary password from console using the following command aws cognito-idp admin-create-user --region us-east-1 --user-pool-id us-east-1_youruserpoolid --username theusername --message-action RESEND But here I need something where user have a trigger option, and after that trigger he should get new temp password to his email. It is something like self service option, where user don't have to call admin for resetting his temp password. I tried using resendConfirmationCode from https://github.com/aws-amplify/amplify-js/blob/master/packages/amazon-cognito-identity

How to get Cognito user pool “sub” attribute on iOS

浪子不回头ぞ 提交于 2019-12-06 09:33:56
I am using a "Cognito User Pool authorizer" (no "AWS_IAM" option, no custom coded authorizer) to call Lambda methods via API Gateway and identify the user logged in on the iOS client. On Lambda, I use the user id I get from the Cognito User Pool authorizer via event.requestContext.authorizer.claims.sub (to store the user id with some DynamoDB items). I now need to compare this with the id of the logged in user in the iOS client. I found [AWSIdentityManager defaultIdentityManager].identityId , but this (obviously) returns he IdentityID (which I can look up in the AWS console in Cognito -->

DynamoDB fine-grained access control: is it possible to use ${cognito-identity.amazonaws.com:email}?

谁说我不能喝 提交于 2019-12-06 07:52:54
问题 My users have Cognito accounts. According to this article we can restrict access to the DynamoDB API with policy like that: { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "dynamodb:GetItem", "dynamodb:PutItem", "dynamodb:Query" ], "Resource": [ "arn:aws:dynamodb: <REGION>:<AWS_ACCOUNT_ID>:table/<TABLE>" ], "Condition": { "ForAllValues:StringEquals": { "dynamodb:LeadingKeys": [ "${cognito-identity.amazonaws.com:sub}" ] } } } ] } Looks pretty straightforward for my
订阅 amazon-cognito