1

我将AWS MobileHub SDK 与开发人员身份验证设置一起使用。

移动集线器开发工具包有一个处理会话的AWSIdentityManager,我已按照此处的指南使用我的身份提供商登录。

身份提供者工作正常,登录成功,但每当我尝试进行 cloudlogic 调用(调用 lambda 函数)时,都会失败:

AWSiOSSDKv2 [错误] AWSCloudLogic.m 行:47 | __67-[AWSCloudLogic invokeFunction:withParameters:withCompletionBlock:]_block_invoke | invokeFunction:错误:操作无法完成。AccessDeniedException

这表明当调用 lambda 函数时,MobileHub 没有使用正确的 AIM 角色并且 Lambda 拒绝访问。我的 AIM 设置没问题并经过检查,所以我不确定问题出在哪里。

在 AWSIdentityManager 我只修改了这个函数

- (AWSTask *)initializeClients:(NSDictionary *)logins {

NSLog(@"initializing clients...");

[AWSLogger defaultLogger].logLevel = AWSLogLevelError; //AWSLogLevelVerbose;
[AWSServiceConfiguration addGlobalUserAgentProductToken:AWS_MOBILEHUB_USER_AGENT];

NSString *email = [JNKeychain loadValueForKey:@"email"]; 
NSDictionary *logins = [NSDictionary dictionaryWithObject:email forKey:developerProvider];

    id<AWSCognitoIdentityProvider> identityProvider = [[CBDeveloperAuthenticatedIdentityProvider alloc]
                                                       initWithRegionType:AMAZON_COGNITO_REGION
                                                       identityId:nil
                                                       identityPoolId:AMAZON_COGNITO_IDENTITY_POOL_ID
                                                       logins:logins
                                                       providerName:developerProvider];


    self.credentialsProvider = [[AWSCognitoCredentialsProvider alloc]
                                initWithRegionType:AMAZON_COGNITO_REGION
                                identityProvider:identityProvider
                                unauthRoleArn:nil
                                authRoleArn:nil];

   //I have AWS_COGNITO_UNAUTH_ROLE and AWS_COGNITO_AUTH_ROLE but the docs don't seem to use them... and when I do there is no change
   //http://docs.aws.amazon.com/cognito/latest/developerguide/developer-authenticated-identities.html





AWSServiceConfiguration *configuration = [[AWSServiceConfiguration alloc] initWithRegion:AMAZON_COGNITO_REGION
                                                                     credentialsProvider:self.credentialsProvider];

[AWSServiceManager defaultServiceManager].defaultServiceConfiguration = configuration;


return [self.credentialsProvider getIdentityId];
}

亚马逊有很多分散在各处的信息,但我找不到关于开发人员身份验证的移动集线器的任何信息,但是

4

0 回答 0