[英]Identify unauthenticated Cognito Identity ID from request
I have an AWS API, with access controlled by an IAM authoriser associated with the unauthenticated role of a Cognito Identity pool.我有一个 AWS API,其访问权限由与 Cognito Identity 池的未经身份验证角色关联的IAM 授权方控制。 A successful call to the API invokes a Lambda function.成功调用 API 会调用 Lambda function。
The current process is:目前的流程是:
IdentityId
eg eu-west-2:XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
.用户IdentityId
例如eu-west-2:XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
。 This is the information I require in my Lambda function - see below.这是我在 Lambda function 中需要的信息 - 见下文。AccessKeyId
, SecretKey
and SessionToken
访问凭证: AccessKeyId
、 SecretKey
和SessionToken
X-Amz-Security-Token
, obtained from step 1请求的 header 包括X-Amz-Security-Token
,从步骤1获得event.headers
includes X-Amz-Security-Token
如果授权成功,请求将发送到 Lambda function。 event.headers
包括X-Amz-Security-Token
Is it possible for the Lambda function to identify the identity pool ID of the caller (eg eu-west-2:XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
), either from the data available in the header of the request, or any other means. Lambda eu-west-2:XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
是否有可能从请求的 header 中可用的数据或任何其他方法。
Things I have tried:我尝试过的事情:
Invoke with caller credentials
ticked in API Gateway sts.getCallerIdentity with Invoke with caller credentials
在 API 网关中勾选SessionToken
, though this appears only to be a temporary access token rather than containing any useful data like a JWT.查看SessionToken
,虽然这似乎只是一个临时访问令牌,而不是包含任何有用的数据,如 JWT。If absolutely necessary I can include the identity ID of the user with every request, but I'd prefer to avoid this if possible.如果绝对必要,我可以在每个请求中包含用户的身份 ID,但我希望尽可能避免这种情况。
The Cognito ID of the user is included in the requestContext
property of the event
object passed to your Lambda function.用户的 Cognito ID 包含在传递给您的 Lambda function 的event
object 的requestContext
属性中。
Eg the Identity of the Cognito user that access the API is:例如,访问 API 的 Cognito 用户的身份是:
event['requestContext']['identity']['cognitoIdentityId'];
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.