I have an AWS API, with access controlled by an IAM authoriser associated with the unauthenticated role of a Cognito Identity pool. A successful call to the API invokes a Lambda function.
The current process is:
IdentityId
eg eu-west-2:XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
. This is the information I require in my Lambda function - see below.AccessKeyId
, SecretKey
and SessionToken
X-Amz-Security-Token
, obtained from step 1event.headers
includes X-Amz-Security-Token
Is it possible for the Lambda function to identify the identity pool ID of the caller (eg eu-west-2:XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
), either from the data available in the header of the request, or any other means.
Things I have tried:
Invoke with caller credentials
ticked in API Gateway SessionToken
, though this appears only to be a temporary access token rather than containing any useful data like a JWT.If absolutely necessary I can include the identity ID of the user with every request, but I'd prefer to avoid this if possible.
The Cognito ID of the user is included in the requestContext
property of the event
object passed to your Lambda function.
Eg the Identity of the Cognito user that access the API is:
event['requestContext']['identity']['cognitoIdentityId'];
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.