我将AWS MobileHub SDK 与开发人员身份验证设置一起使用。
移动集线器开发工具包有一个处理会话的AWSIdentityManager,我已按照此处的指南使用我的身份提供商登录。
身份提供者工作正常,登录成功,但每当我尝试进行 cloudlogic 调用(调用 lambda 函数)时,都会失败:
AWSiOSSDKv2 [错误] AWSCloudLogic.m 行:47 | __67-[AWSCloudLogic invokeFunction:withParameters:withCompletionBlock:]_block_invoke | invokeFunction:错误:操作无法完成。AccessDeniedException
这表明当调用 lambda 函数时,MobileHub 没有使用正确的 AIM 角色并且 Lambda 拒绝访问。我的 AIM 设置没问题并经过检查,所以我不确定问题出在哪里。
在 AWSIdentityManager 我只修改了这个函数:
- (AWSTask *)initializeClients:(NSDictionary *)logins {
NSLog(@"initializing clients...");
[AWSLogger defaultLogger].logLevel = AWSLogLevelError; //AWSLogLevelVerbose;
[AWSServiceConfiguration addGlobalUserAgentProductToken:AWS_MOBILEHUB_USER_AGENT];
NSString *email = [JNKeychain loadValueForKey:@"email"];
NSDictionary *logins = [NSDictionary dictionaryWithObject:email forKey:developerProvider];
id<AWSCognitoIdentityProvider> identityProvider = [[CBDeveloperAuthenticatedIdentityProvider alloc]
initWithRegionType:AMAZON_COGNITO_REGION
identityId:nil
identityPoolId:AMAZON_COGNITO_IDENTITY_POOL_ID
logins:logins
providerName:developerProvider];
self.credentialsProvider = [[AWSCognitoCredentialsProvider alloc]
initWithRegionType:AMAZON_COGNITO_REGION
identityProvider:identityProvider
unauthRoleArn:nil
authRoleArn:nil];
//I have AWS_COGNITO_UNAUTH_ROLE and AWS_COGNITO_AUTH_ROLE but the docs don't seem to use them... and when I do there is no change
//http://docs.aws.amazon.com/cognito/latest/developerguide/developer-authenticated-identities.html
AWSServiceConfiguration *configuration = [[AWSServiceConfiguration alloc] initWithRegion:AMAZON_COGNITO_REGION
credentialsProvider:self.credentialsProvider];
[AWSServiceManager defaultServiceManager].defaultServiceConfiguration = configuration;
return [self.credentialsProvider getIdentityId];
}
亚马逊有很多分散在各处的信息,但我找不到关于开发人员身份验证的移动集线器的任何信息,但是