Come posso decodificare e verificare la firma di un token Web JSON di Amazon Cognito?

Come posso risolvere l'errore: "The following parameters are not defined for the specified group” quando aggiorno la versione del motore del cluster RDS utilizzando CloudFormation?

Come faccio a evitare l'errore "Unable to validate the following destination configurations" con le notifiche degli eventi Lambda in CloudFormation?

Come faccio a correggere l'errore "Unable to validate the following destination configurations" in AWS CloudFormation?

Does this work without the scope claim (to check syntax) or if you use a different value (to check that aws:0123456789012 isn't being treated special)?  https://docs.aws.amazon.com/en_en/IAM/latest/UserGuide/reference_policies_iam-condition-keys.html#condition-keys-wif lists (:aud, :azp, :amr, sub) explicitly, but unclear about other claims.

Given the following JWT Payload:


```
{
  "iss": "https://use.us.auth0.com/",
  "sub": "auth0|633c9a79c4920862610fa",
  "aud": "some-aud",
  "iat": 1664984891,
  "exp": 1665071291,
  "azp": "kWfeLjcWoT1ToQKmyYZQft7liE",
  "scope": "aws:0123456789012"
}
```
is a trust policy such as this one not valid?  I only want to issue a token if the scope matches


```
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "Federated": "arn:aws:iam::123456789012:oidc-provider/user.us.auth0.com/"
            },
            "Action": "sts:AssumeRoleWithWebIdentity",
            "Condition": {
                "StringEquals": {
                    "johnnorton.us.auth0.com/:aud": "some-aud",
                    "johnnorton.us.auth0.com/:scope": "aws:0123456789012"
                }
            }
        }
    ]
}
```

However this condition does not seem to be validated.  Are all claims available in trust policies?

ODIC Custom Claim using sts:AssumeRoleWithWebIdentity condition

Contenuto pertinente