问题
I am trying to use newly added User Groups in User Pool and integrate the same with Federated Identities.
I followed these steps:
- Create Groups in user pool with roles created in IAM having separate policies
- Create User and add them to user groups
Create an Identity Pool and add that Cognito provider under Authentication providers using app id and client id.
Here I don't get Authenticated role selection under which I have to select Choose role from token
I Save Changes and generate the default policies for authenticated and unauthenticated users
After the Identity Pool creation i edit it to get Authenticated role selection and select Choose role from token and save it.
- After saving the changes if I go back to edit it i see Use default role is selected.
Is anyone facing the same problem or I have some errors. The policies and Roles work if I define for authenticated role but it overrides User Group roles.
来源:https://stackoverflow.com/questions/41247295/amazon-cognito-assigning-iam-roles-to-groups-in-user-pool-and-integration-with-i