Open Radagan opened 1 year ago
Hi @Radagan ,
Above, you're referencing the custom Lambda I wrote for the IoT-related component:
But the error is coming from a Lambda function created by the AWS Amplify CLI as part of the CLI's built-in Auth
module. Specifically, looks like something that helps support Cognito's MFA capability.
Per https://github.com/aws-amplify/amplify-cli/issues/8363#issuecomment-934941831, it sounds like the latest version of the Amplify CLI requires an additional permission that was not needed, nor defined, by the Amplify CLI at the time I first made this project.
Looks like you just need to add the policy statement below to this policy in the Auth template:
- PolicyName: awstood5af8046_sns_pass_role_policy
PolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Action:
- 'iam:PassRole'
Resource: !GetAtt SNSRole.Arn
I haven't tested any of this, but pretty sure this is what you're looking for.
Let me know if it helps?
Thank you for providing what looks to be a great example of Amplify PubSub, unfortunately I'm having a little difficulty getting it to push.
Here's the error I encounter:
Looking at the CloudWatch logs gives:
The account that I'm running amplify as has administrator permissions, and I tried adding : to your lambda definition as below, but it didn't make a difference:
Any idea what I'm doing wrong?