I'd like to request to S3 as a cognito certification qualification.

0

I'd like to request to S3 as a cognito certification qualification.

S3 is using sdk Cognito is using amplify. Use an angular typescript.

I would like to replace the secret key with the cognito authentication information when creating S3.

I want to access s3 with the user I received from Auth.signIn, but the credentials are missing.

I need your help.

public signIn(user: IUser): Promise<any> {
    return Auth.signIn(user.email, user.password).then((user) => {

    AWS.config.region = 'ap-northeast-2';
    AWS.config.credentials = new AWS.CognitoIdentityCredentials({
    IdentityPoolId: 'ap-northeast-2:aaaaaaaa-bbbb-dddd-eeee-ffffffff',
    });
	
	const userSession = Auth.userSession(user);
	const idToken =
        userSession['__zone_symbol__value']['idToken']['jwtToken'];

	 AWS.config.region = 'ap-northeast-2';
        AWS.config.credentials = new AWS.CognitoIdentityCredentials({
          IdentityPoolId:
            'ap-northeast-2:aaaaaaaa-bbbb-dddd-eeee-ffffffff',
          RoleArn: 'arn:aws:iam::111111111111:role/Cognito_role',
          Logins: {
            CognitoIdentityPool:
              'ap-northeast-2:aaaaaaaa-bbbb-dddd-eeee-ffffffff',
            idToken: idToken,
          },
        }));
        
        const s3 = new AWS.S3({
        apiVersion: '2012-10-17',
        region: 'ap-northeast-2',
        params: {
          Bucket: 'Bucketname',
        },
      });
      s3.config.credentials.sessionToken =
        user.signInUserSession['accessToken']['jwtToken'];

      s3.listObjects(function (err, data) {
        if (err) {
          return alert(
            'There was an error: ' + err.message
          );
        } else {
          console.log('***********s3List***********', data);
        }
      });
}

bucket policy

{
    "Version": "2012-10-17",
    "Id": "Policy",
    "Statement": [
        {
            "Sid": "AllowIPmix",
            "Effect": "Allow",
            "Principal": "*",
            "Action": "*",
            "Resource": "arn:aws:s3:::s3name/*",
        }
    ]
}

cognito Role Policies - AmazonS3FullAccess

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:*",
            ],
            "Resource": "*"
        }
    ]
}
1 Answer
0

Please submit a ticket to the AWS Training & Certification customer support team, and they will provide assistance. If you already submitted a case, please allow at least 48 hrs to get a response.

AWS
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions