search

AnomalyInnovations / serverless-stack-demo-api

Source for the demo app API in the Serverless Stack Guide
https://demo.serverless-stack.com
MIT License
518 stars 197 forks source link

Could not load credentials from CognitoIdentityCredential #31

Closed josoroma-zz closed 4 years ago

josoroma-zz commented 4 years ago

Hi hackers!

I am hitting this error response when trying to delete an s3 object:

image

import AWS from "aws-sdk";
import * as dynamoDbLib from "../libs/dynamodb-lib";
import { success, failure } from "../libs/response-lib";

export async function main(event, context) {
  const contentId = event.pathParameters.noteContentId;
  const contentType = event.pathParameters.noteContentType;

  AWS.config.update({
    region: 'us-east-1',
    credentials: new AWS.CognitoIdentityCredentials({
      IdentityPoolId: 'us-east-1:...',
      IdentityId: event.requestContext.identity.cognitoIdentityId,
      RoleArn: 'arn:aws:iam::...'
    })
  });

  const getParams = {
    TableName: process.env.tableName,
    Key: {
      userId: event.requestContext.identity.cognitoIdentityId,
      noteId: event.pathParameters.noteId
    },
    ExpressionAttributeNames: {
      '#content': 'content',
      '#type': contentType,
      '#id': contentId,
    },
    ProjectionExpression: '#content.#type.#id',
  };

  try {
    const getResponse = await dynamoDbLib.call("get", getParams);

    try {
      const s3Response = await AWS.S3({
        apiVersion: '2006-03-01',
      })
      .deleteObject({
        Bucket: 'personal-development-source',
        Key: `private/${getResponse.Item.content[contentType][contentId].source['key']}`,
      }).promise();

      return success(s3Response);
    } catch (error) {
      return failure(error);
    }

    return success(getResponse.Item);
  } catch (error) {
    return failure(error);
  }
}

Probably I am missing something ;)

Thanks!

josoroma-zz commented 4 years ago

and no luck using:

  AWS.config.update({
    region: 'us-east-1',
    credentials: new AWS.CognitoIdentityCredentials({
      IdentityPoolId: 'us-east-1:7...',
    })
  });

  AWS.config.credentials.get(function(err) {
    if (err) {
      return failure(err);
    } else {
      return success(AWS.config.credentials);
    }
  });

Reference: https://forums.aws.amazon.com/thread.jspa?threadID=176098

Thanks in advance!

josoroma-zz commented 4 years ago

I am also not allowed to delete s3 objects:

image

  try {
    s3ObjectKey = `/private/${event.requestContext.identity.cognitoIdentityId}/${getResponse.Item.content[contentType][contentId].source['key']}`;

    s3Response = await new AWS.S3({
      apiVersion: '2006-03-01',
    })
    .deleteObject({
      Bucket: 'source-bucket',
      Key: s3ObjectKey,
    }).promise();
  } catch (error) {
    return failure({
      ...error,
      event: 's3Response',
      s3ObjectKey: s3ObjectKey,
      getResponse: getResponse
    });
  }
jayair commented 4 years ago

Hi there, can you post these on our forums instead? https://discourse.serverless-stack.com