Problems selecting cognito user pool in appsync

0

I have user pools in different regions. I can select the user pools from N. Virginia fine. But when selecting Stockholm it says there are no user pools in this region even though I have 2 created with the same settings as the one in N. Virginia.

In the console I get this error:

main.js:263 
        
       Refused to connect to 'https://cognito-idp.eu-north-1.amazonaws.com/' because it violates the following Content Security Policy directive: "connect-src https://eu-north-1.console.aws.amazon.com/appsync/tb/creds https://eu-north-1.console.aws.amazon.com/p/ https://eu-north-1.console.aws.amazon.com/phd/ https://*.ccs.amazonaws.com https://eu-north-1.console.aws.amazon.com/api/ https://us-east-1.console.aws.amazon.com/feedback/custsat/ https://*.analytics.console.aws.a2z.com https://console.aws.amazon.com/aperture/ https://console.aws.amazon.com/panoramaroute https://console.aws.amazon.com/panoramaroute/allowlist https://phd.aws.amazon.com https://unifiedsearch.amazonaws.com/search https://eu-north-1.console.aws.amazon.com/panoramaroute https://eu-north-1.console.aws.amazon.com/panoramaroute/allowlist https://ccs.amazonaws.com https://global.console.aws.amazon.com/lotus/metadata https://eu-north-1.console.aws.amazon.com/lotus/metadata https://eu-north-1.prod.signer.console-api.aws.amazon.com https://health.aws.amazon.com https://us-east-1.ctrl.prod.os.notifications.aws.dev https://eu-north-1.console.aws.amazon.com/features-proxy/ https://telemetry.cell-0.eu-north-1.prod.tangerinebox.console.aws.a2z.com/telemetry https://cognito-idp.us-west-2.amazonaws.com https://cognito-idp.us-east-1.amazonaws.com https://cognito-idp.us-east-2.amazonaws.com https://cognito-idp.eu-west-1.amazonaws.com https://cognito-idp.eu-west-2.amazonaws.com https://cognito-idp.ap-southeast-2.amazonaws.com https://cognito-idp.ap-northeast-1.amazonaws.com https://cognito-idp.eu-central-1.amazonaws.com https://cognito-idp.ap-southeast-1.amazonaws.com https://cognito-idp.ap-south-1.amazonaws.com https://cognito-idp.ap-northeast-2.amazonaws.com https://cognito-idp.eu-west-3.amazonaws.com https://cognito-idp.sa-east-1.amazonaws.com https://cognito-idp.us-west-1.amazonaws.com https://cognito-idp.ca-central-1.amazonaws.com https://cognito-idp.eu-south-1.amazonaws.com https://cognito-idp.me-south-1.amazonaws.com https://es.us-west-2.amazonaws.com https://es.us-east-1.amazonaws.com https://es.us-east-2.amazonaws.com https://es.eu-west-1.amazonaws.com https://es.eu-west-2.amazonaws.com https://es.ap-southeast-2.amazonaws.com https://es.ap-northeast-1.amazonaws.com https://es.eu-central-1.amazonaws.com https://es.ap-southeast-1.amazonaws.com https://es.ap-south-1.amazonaws.com https://es.ap-northeast-2.amazonaws.com https://es.eu-north-1.amazonaws.com https://es.eu-west-3.amazonaws.com https://es.sa-east-1.amazonaws.com https://es.us-west-1.amazonaws.com https://es.ca-central-1.amazonaws.com https://es.eu-south-1.amazonaws.com https://es.me-south-1.amazonaws.com https://es.ap-east-1.amazonaws.com https://es.ap-northeast-3.amazonaws.com https://es.ap-southeast-3.amazonaws.com https://es.af-south-1.amazonaws.com https://dynamodb.us-west-2.amazonaws.com https://dynamodb.us-east-1.amazonaws.com https://dynamodb.us-east-2.amazonaws.com https://dynamodb.eu-west-1.amazonaws.com https://dynamodb.eu-west-2.amazonaws.com https://dynamodb.ap-southeast-2.amazonaws.com https://dynamodb.ap-northeast-1.amazonaws.com https://dynamodb.eu-central-1.amazonaws.com https://dynamodb.ap-southeast-1.amazonaws.com https://dynamodb.ap-south-1.amazonaws.com https://dynamodb.ap-northeast-2.amazonaws.com https://dynamodb.eu-north-1.amazonaws.com https://dynamodb.eu-west-3.amazonaws.com https://dynamodb.sa-east-1.amazonaws.com https://dynamodb.us-west-1.amazonaws.com https://dynamodb.ca-central-1.amazonaws.com https://dynamodb.eu-south-1.amazonaws.com https://dynamodb.me-south-1.amazonaws.com https://dynamodb.ap-east-1.amazonaws.com https://dynamodb.ap-northeast-3.amazonaws.com https://dynamodb.ap-southeast-3.amazonaws.com https://dynamodb.af-south-1.amazonaws.com https://rds.us-west-2.amazonaws.com https://rds.us-east-1.amazonaws.com https://rds.us-east-2.amazonaws.com https://rds.eu-west-1.amazonaws.com https://rds.eu-west-2.amazonaws.com https://rds.ap-southeast-2.amazonaws.com https://rds.ap-northeast-1.amazonaws.com https://rds.eu-central-1.amazonaws.com https://rds.ap-southeast-1.amazonaws.com https://rds.ap-south-1.amazonaws.com https://rds.ap-northeast-2.amazonaws.com https://rds.eu-north-1.amazonaws.com https://rds.eu-west-3.amazonaws.com https://rds.sa-east-1.amazonaws.com https://rds.us-west-1.amazonaws.com https://rds.ca-central-1.amazonaws.com https://rds.eu-south-1.amazonaws.com https://rds.me-south-1.amazonaws.com https://rds.ap-east-1.amazonaws.com https://rds.ap-northeast-3.amazonaws.com https://rds.ap-southeast-3.amazonaws.com https://rds.af-south-1.amazonaws.com https://secretsmanager.us-west-2.amazonaws.com https://secretsmanager.us-east-1.amazonaws.com https://secretsmanager.us-east-2.amazonaws.com https://secretsmanager.eu-west-1.amazonaws.com https://secretsmanager.eu-west-2.amazonaws.com https://secretsmanager.ap-southeast-2.amazonaws.com https://secretsmanager.ap-northeast-1.amazonaws.com https://secretsmanager.eu-central-1.amazonaws.com
1개 답변
0

The error message you provided indicates that there is a Content Security Policy (CSP) violation preventing the connection to the Cognito Identity Provider (cognito-idp) endpoint in the eu-north-1 (Stockholm) region. This could be due to a misconfiguration or restriction in your application's CSP settings.

Resolution

To resolve this issue, you need to update the CSP directive to include the necessary connect sources for the Cognito user pool in the Stockholm region. The connect sources are the URLs or domains that your application is allowed to connect to.

Based on the error message, you're using AWS AppSync, so you should update the CSP directive in your application's configuration related to AppSync.

Once you've updated the CSP directive, try accessing the Cognito user pool in the Stockholm region again. It should no longer give you the "no user pools in this region" error, and the connection to the cognito-idp endpoint should be allowed.

Remember to review and adjust your CSP settings carefully to ensure they align with your application's security requirements.

For more information on adding security headers please see: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/example-function-add-security-headers.html

AWS
Lucky_M
답변함 10달 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠