Questions tagged with Serverless

Content language: English

Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

getTemporaryPassword from Cognito for a specific user

Hi team, I have a validation flow of a cognito user that happen in tow steps: * **step1** 1 - add a new user in Cognito user pool using `adminCreateUser` API call 2 - add RELATED user info inside a dynamoDB table 3 - send an invitation link to the user (valid for 2 days) => when the user clicks the link he will be asked to provide only a new password while creating the user with `adminCreateUser` I assign to him a TemporaryPassword (generated by my code or let Cognito generate it) * **Step2** 1- When the user clicks the invitation link, gives his new password and confirm 2- on the backend I will call `adminInitiateAuth` to get `NEW_PASSWORD_REQUIRED` challenge 3- the call `respondToAuthChallenge` and provide `NEW_PASSWORD` that the user provided 4- user is confirmed in Cognito let's say the user will click on the invitation link 1.5 days after receiving it, provide his new password and confirm. then I call `adminInitiateAuth` ( point 2 of step 2) ==> for this, I need to provide the `TemporaryPassword` that I set in step 1 during `adminCreateUser` call. as step 2 is separate from step 1 and they can have a few days between them, is there an API method that allows me to get the TemporaryPassword from Cognito, so in Step 2 I can `adminInitiateAuth` and continue with `NEW_PASSWORD_REQUIRED` challenge. if I store the password temporarily in the Redis cache, the key can expire and I will lose the password (since if the first link is expired I can Resend the invitation link again and again always for the same user created in Step 1 with `adminCreateUser` API call, but I still need the TemporaryPassword for that user). how can I get the TemporaryPassword from Cognito for a specific user so that I can finalize step 2 and confirm the user (by doing `adminInitiateAuth` + `respondToAuthChallenge`) is it a bad practice if I set the TemporaryPassword **hard coded** during user creation `adminCreateUser` so I will always know it for `adminInitiateAuth`, then update the user's password with `respondToAuthChallenge` if I use Redis should the password be stored in encrypted form? can I store the password as is in DynamoDB user table along with the user's info without further encryption? (as the DDB user table itself is already encrypted with KMS) appreciate your Help!
1
answers
0
votes
44
views
Jess
asked a month ago
1
answers
0
votes
36
views
asked a month ago
0
answers
1
votes
25
views
asked a month ago

The AthenaJdbcConnector serverless application is no longer available on the serverless repo

The AthenaJdbcConnector seems to be gone from the aws serverless repo. As a result it is not possible to deploy it. To reproduce with the CLI: ``` aws --region us-east-1 serverlessrepo get-application --application-id arn:aws:serverlessrepo:us-east-1:292517598671:applications/AthenaJdbcConnector An error occurred (AccessDeniedException) when calling the GetApplication operation: User: arn:aws:sts::REDACTED:REDACTED is not authorized to perform: serverlessrepo:GetApplication on resource: arn:aws:serverlessrepo:us-east-1:292517598671:applications/AthenaJdbcConnector ``` Cloudformation: ``` AthenaJdbcConnector: Type: AWS::Serverless::Application Properties: Location: ApplicationId: arn:aws:serverlessrepo:us-east-1:292517598671:applications/AthenaJdbcConnector SemanticVersion: 2022.2.1 Parameters: DefaultConnectionString: !Sub "mysql://jdbc:mysql://${RdsEndpoint}:${RdsPort}/${DatabaseName}?${!${RdsSecretName}}" LambdaFunctionName: datacatalogname SecretNamePrefix: !Ref RdsSecretName SecurityGroupIds: !Ref SecurityGroupId SpillBucket: !Ref SpillBucketName SubnetIds: !Join [",", [!Ref PrivateSubnet1, !Ref PrivateSubnet2, !Ref PrivateSubnet3]] ``` Cloudformation Error: ``` Transform AWS::Serverless-2016-10-31 failed with: Invalid Serverless Application Specification document. Number of errors found: 1. Resource with id [AthenaJdbcConnector] is invalid. User: arn:aws:sts::REDACTED:REDACTED is not authorized to perform: serverlessrepo:CreateCloudFormationTemplate on resource: arn:aws:serverlessrepo:us-east-1:292517598671:applications/AthenaJdbcConnector ``` Moreover, the [web page of the AthenaJdbcConnector](https://serverlessrepo.aws.amazon.com/applications/us-east-1/292517598671/AthenaJdbcConnector) while still being indexed by search engines, is no longer available. While it might seem like a permission error, the fact that the application page is gone and that we get the same error even with a user with admin privileges makes us think that the application was removed/retired/made-private.
1
answers
1
votes
56
views
asked a month ago