我有javascript客户端执行认证与提供者(Facebook,谷歌,Twitter等)的认证登录。我可以看到它已成功获取凭证:AWS认知同步管理器错误同步到云
var cognitoParam = {
'IdentityPoolId': 'ap-northeast-1:c8250ce6-xxxx-xxxx-xxxx-xxxxxxxxxxxx',
'RoleArn': 'arn:aws:iam::xxxxxxxxxxxx:role/roleName'
'Logins': {
'accounts.google.com': response.detail.id_token
}
};
var cognitoCred = new AWS.CognitoIdentityCredentials(cognitoParam);
它返回所有凭证对象。而且我也在AWS控制台上进行了检查,池ID已在联合身份池中列出/记录为与供应商进行身份验证登录。
获取证书后,我想Cognito同步经理合作,将多个用户的信息存储到云:
var syncManager = new AWS.CognitoSyncManager();
syncManager.openOrCreateDataset('profileSet', function(err, dataset) {
// dataset.get
// dataset.put
// dataset.remove
});
所有方法(GET,PUT删除)工作得很好,但我有一个问题要运行方法同步。在例子中,提出了新的数据集后:
dataset.put("keyTes", "english", function(err,record){
if(!err){
dataset.synchronize({
onSuccess: function(dataset, newRecords) {
console.log(newRecords);
},
onFailure: function(err) {
console.log("Error while synchronizing data to the cloud: " + err);
}
});
}
});
它显示错误:
错误而同步数据到云:AccessDeniedException异常: 用户: 阿尔恩:AWS:STS :: XXXXXXXXXXXX:assumed-角色/角色名称/网络身份 未被授权执行:资源上的cognito-sync:ListRecords: arn:aws:cognito-sync:ap-northeast-1:xxxxxxxxxxxx:identitypool/ap-northeast-1:c8250ce6-xxxx -xxxx-xxxx-xxxxxxxxxxxx/identity/ap-northeast-1:653aeca2-xxxx-xxxx-xxxx-xxxxxxxxxxxx/dataset/profileSet
在我的IAM角色,我设置为:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Federated": "cognito-identity.amazonaws.com"
},
"Action": "sts:AssumeRoleWithWebIdentity",
"Condition": {
"StringEquals": {
"cognito-identity.amazonaws.com:aud": "default"
},
"ForAnyValue:StringLike": {
"cognito-identity.amazonaws.com:amr": "authenticated"
}
}
}
]
}
和政策:
{ “版本”: “2012年10月17日”, “声明”: [ { “操作”: “cognito同步:”, “效果”: “允许”, “资源”: “” } ] }
我遵循的链接参考:
Amazon Cognito Sync Manager for JavaScript
有人能帮助我,好吗?