Tag: 亚马逊亚马逊认知

创build一个私有的Amazon API网关

我想为我的应用程序创build一个只能通过我的应用程序访问的api。 我已经将AWS Cognito标识添加到我的appDelegate中，如下所示： AWSCognitoCredentialsProvider *credentialsProvider = [[DeveloperAuthenticationProvider alloc] initWithRegionType:AWSRegionUSEast1 identityPoolId:@"poolId"]; AWSServiceConfiguration *configuration = [[AWSServiceConfiguration alloc] initWithRegion:AWSRegionUSEast1 credentialsProvider:credentialsProvider]; AWSServiceManager.defaultServiceManager.defaultServiceConfiguration = configuration; __block NSString *cognitoId = nil; // Retrieve your Amazon Cognito ID [[credentialsProvider getIdentityId] continueWithBlock:^id(AWSTask *task) { if (task.error) { NSLog(@"Error: %@", task.error); } else { // the task result will contain the identity id cognitoId […]

Cognito / IAM策略和S3获取对象

我正在尝试将S3和Cognito集成到我的iOS应用程序中，到目前为止还没有成功。 我相信错误是连接到我的身份validation和Unauth用户的IAM策略。 所以这是我的政策： { "Version": "2012-10-17", "Statement": [{ "Effect":"Allow", "Action":"cognito-sync:*", "Resource":["arn:aws:cognito-sync:us-east-1:XXXXXXXXXXXX:identitypool/${cognito-identity.amazonaws.com:aud}/identity/${cognito-identity.amazonaws.com:sub}/*"] }, { "Effect":"Allow", "Action": "s3:*", "Resource": ["arn:aws:s3:::my_bucket", "arn:aws:s3:::my_bucket/*"] } ] } 这里是我打电话给S3的地方： AWSS3GetObjectRequest *getObjectRequest = [[AWSS3GetObjectRequest alloc] init]; getObjectRequest.key = KEY; getObjectRequest.bucket = BUCKET; //default service has been configured previously AWSS3 *s3 = [[AWSS3 new] initWithConfiguration:[AWSServiceManager defaultServiceManager].defaultServiceConfiguration]; [[s3 getObject:getObjectRequest] continueWithBlock:^id(BFTask *task) { if(task.error) { […]