ykethan
commented
1 year ago Hey @Jyoti-dmi, thank you for reaching out. I was able to reproduce this issue. Marking as bug. Transferring the issue to Amplify CLI repository as I was able to reproduce this using the CLI.
Reproduction steps:
- create a user pool and identity pool with auth and unauth roles on the AWS Cognito console.
- amplify import auth
- amplify push
- amplify add storage
- amplify push
Observe errors on S3 policies as the template refers to the authRole.
rtpascual
github-actions[bot]
Describe the feature you'd like to request
To be able to use the service role : arn:aws:iam:::role/service-role/my-role create by the Cognito with Amplify Studio Console to integrate-File storage(i.e. using Create a new S3 bucket).
Describe your use case and how the feature would improve your experience.
When creating the roles using Congito Console, the Cognito console will prepend service-role/ to whatever IAM role name you specify.
For example:
The role arn will be created as:
arn:aws:iam::<account-id>:role/service-role/testroleHowever, when adding the storage using Amplify Studio Console, it is throwing an error message as mentioned below even if the role name is fine:
The specified value for roleName is invalid. It must contain only alphanumeric characters and/or the following: +=,.@_-Reproduction steps:
The specified value for roleName is invalid. It must contain only alphanumeric characters and/or the following: +=,.@_-For example:When I am using another auth/unauth roles(which is in format:
arn:aws:iam::<account-id>:role/my-role-name), then it is getting integrated successfully.I see here: https://github.com/aws-amplify/amplify-cli/issues/12817 that Amplify CLI supports service roles now. Would it be possible to add the same for Amplify Studio Console as well?
Describe alternatives you've considered
When I am using another auth/unauth roles(which is in format:
arn:aws:iam::<account-id>:role/my-role-name), then it is getting integrated successfully.Additional context
No response