Questions tagged with AWS Amplify

Content language: English

Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

Amplify pubsub subscribe won't work on authenticated user

I have a react app with a very simple page that subscribes to a topic once the page is loaded. I followed the instructions from [HERE](https://docs.amplify.aws/lib/pubsub/getting-started/q/platform/js/) and I've created the cognito user pool and identity pool and assign the correct policies. Also I attached an IoT policy to the Identity Pool Id. I assigned permissions to subscribe to a topic for both, Authenticated and Unauthenticated users Now, I test the pubsub subscribe to topic on a test page when the page loads and there is no Authenticated User, there it loads and subscribes to the topic and receives messages. No problem. But when the user is authenticated and gets into the page, Amplify throws an UNDEFINED error. Any ideas what I should be doing wrong? or where can I look and how to get more information on this error? Below are the debug messages I've got Here is what I have in **index.js** ``` import App from './App'; import { Amplify} from 'aws-amplify'; import { AWSIoTProvider } from '@aws-amplify/pubsub'; mplify.Logger.LOG_LEVEL = 'DEBUG'; Amplify.configure({ Auth: { region: config.cognito.REGION, userPoolId: config.cognito.USER_POOL_ID, identityPoolId: config.cognito.IDENTITY_POOL_ID, userPoolWebClientId: config.cognito.APP_CLIENT_ID, } }); Amplify.addPluggable( new AWSIoTProvider({ aws_pubsub_region: config.iot.REGION, aws_pubsub_endpoint: config.iot.PUBSUB_ENDPOINT, }) ); const root = ReactDOM.createRoot(document.getElementById('root')); root.render(<App />); ``` here is what I have in the test page ``` import {PubSub } from 'aws-amplify'; export default function Space() { let mqttSubscription; useEffect(() => { function subscribeToShadowUpdates() { mqttSubscription = PubSub.subscribe('$aws/things/+/shadow/update/documents').subscribe({ //next: (data) => console.log(JSON.stringify(data, null, 2)), next: (data) => console.log(data), error: (error) => console.log('ERROR: ', error), close: () => console.log('Done'), }); }; subscribeToShadowUpdates(); }, []); useEffect(() => { return () => { mqttSubscription.unsubscribe(); } }, []); return ( <div> Test </div> ) } ``` Logs with UNAUTHENTICATED User ``` ConsoleLogger.ts:125 [DEBUG] 25:29.177 Amplify - amplify config {Auth: {…}, API: {…}} ConsoleLogger.ts:115 [DEBUG] 25:29.177 AuthClass - configure Auth ConsoleLogger.ts:125 [DEBUG] 25:29.177 Parser - parse config (3) [{…}, 'to amplifyconfig', {…}] ConsoleLogger.ts:125 [DEBUG] 25:29.178 Hub - Dispatching to auth with {event: 'configured', data: null, message: 'The Auth category has been configured successfully'} ConsoleLogger.ts:125 [DEBUG] 25:29.178 RestAPI - configure Rest API {opt: {…}} ConsoleLogger.ts:115 [DEBUG] 25:29.178 RestAPI - create Rest API instance ConsoleLogger.ts:125 [DEBUG] 25:29.178 RestClient - API Options {endpoints: Array(1), Auth: {…}} ConsoleLogger.ts:115 [DEBUG] 25:29.179 I18n - configure I18n ConsoleLogger.ts:115 [DEBUG] 25:29.179 I18n - create I18n instance ConsoleLogger.ts:125 [DEBUG] 25:29.179 PubSub - configure PubSub {opt: {…}} ConsoleLogger.ts:125 [DEBUG] 25:29.179 GraphQLAPI - configure GraphQL API {opt: {…}} ConsoleLogger.ts:115 [DEBUG] 25:29.179 GraphQLAPI - create Rest instance ConsoleLogger.ts:125 [DEBUG] 25:29.179 RestClient - API Options {Auth: {…}, endpoints: Array(1)} ConsoleLogger.ts:125 [DEBUG] 25:29.179 RestAPI - configure Rest API {opt: {…}} ConsoleLogger.ts:115 [DEBUG] 25:29.179 RestAPI - create Rest API instance ConsoleLogger.ts:125 [DEBUG] 25:29.179 RestClient - API Options {endpoints: Array(1), Auth: {…}} ConsoleLogger.ts:125 [DEBUG] 25:29.180 GraphQLAPI - configure GraphQL API {opt: {…}} ConsoleLogger.ts:115 [DEBUG] 25:29.180 GraphQLAPI - create Rest instance ConsoleLogger.ts:125 [DEBUG] 25:29.180 RestClient - API Options {Auth: {…}, endpoints: Array(1)} ConsoleLogger.ts:125 [DEBUG] 25:29.181 AbstractPubSubProvider - configure AWSIoTProvider {Auth: {…}, API: {…}, aws_pubsub_region: 'us-east-2', aws_pubsub_endpoint: 'wss://a3e8rmm32eyr8h-ats.iot.us-east-2.amazonaws.com/mqtt', clientId: '72df23de-feed-4a8f-aa8d-80ce14d5160b'} ConsoleLogger.ts:125 [DEBUG] 25:30.377 PubSub - subscribe options undefined ConsoleLogger.ts:125 [DEBUG] 25:30.377 MqttOverWSProvider - Subscribing to topic(s) $aws/things/+/shadow/update/documents ConsoleLogger.ts:115 [DEBUG] 25:30.378 Credentials - getting credentials ConsoleLogger.ts:115 [DEBUG] 25:30.378 Credentials - picking up credentials ConsoleLogger.ts:115 [DEBUG] 25:30.378 Credentials - getting new cred promise ConsoleLogger.ts:115 [DEBUG] 25:30.379 Credentials - checking if credentials exists and not expired ConsoleLogger.ts:115 [DEBUG] 25:30.379 Credentials - need to get a new credential or refresh the existing one ConsoleLogger.ts:115 [DEBUG] 25:30.379 Credentials - no credentials for expiration check ConsoleLogger.ts:115 [DEBUG] 25:30.379 AuthClass - Getting current user credentials ConsoleLogger.ts:115 [DEBUG] 25:30.384 AuthClass - Getting current session ConsoleLogger.ts:115 [DEBUG] 25:30.384 AuthClass - Failed to get user from user pool ConsoleLogger.ts:125 [DEBUG] 25:30.384 AuthClass - Failed to get the current user No current user ConsoleLogger.ts:115 [DEBUG] 25:30.384 AuthClass - getting guest credentials ConsoleLogger.ts:115 [DEBUG] 25:30.384 Credentials - setting credentials for guest ConsoleLogger.ts:125 [DEBUG] 25:30.920 Credentials - Load credentials successfully {identityId: 'us-east-2:xxx', accessKeyId: 'xxxx', secretAccessKey: 'xxx', sessionToken: 'xxx…xxx', expiration: Wed Nov 02 2022 11:25:30 GMT+0100 (Central European Standard Time)} ConsoleLogger.ts:118 [DEBUG] 25:30.924 Signer {region: 'xx-xxx-x', service: 'iotdevicegateway'} ConsoleLogger.ts:125 [DEBUG] 25:30.926 MqttOverWSProvider - Creating new MQTT client 72df23de-feed-4a8f-aa8d-80ce14d5160b ``` Logs with AUTHENTICATED USER ``` [DEBUG] 27:26.427 Credentials - checking if credentials exists and not expired ConsoleLogger.ts:125 [DEBUG] 27:26.427 Credentials - are these credentials expired? {accessKeyId: 'xxx', secretAccessKey: 'xxx', sessionToken: 'xxxxxx', expiration: Wed Nov 02 2022 11:27:22 GMT+0100 (Central European Standard Time), identityId: 'us-east-2:xxxxx', …} ConsoleLogger.ts:115 [DEBUG] 27:26.427 Credentials - credentials not changed and not expired, directly return ConsoleLogger.ts:118 [DEBUG] 27:26.434 Signer {region: 'us-east-2', service: 'iotdevicegateway'} ConsoleLogger.ts:125 [DEBUG] 27:26.436 MqttOverWSProvider - Creating new MQTT client 09db81a1-f3eb-4e70-95fb-d286da21b209 ERROR: {provider: AWSIoTProvider, error: undefined} [DEBUG] 27:26.952 MqttOverWSProvider - Unsubscribing from topic(s) $aws/things/+/shadow/update/documents ``` And this is the JSON in undefined ```` { "provider": { "_config": { "Auth": { "region": "us-east-2", "userPoolId": "us-east-2_xxxx", "identityPoolId": "us-east-2:xxxxx", "userPoolWebClientId": "xxxx" }, "API": { "endpoints": [ { "name": "spaces", "endpoint": "https://xxxxx.execute-api.us-xxx-x.amazonaws.com", "region": "us-xxx-x" } ] }, "aws_pubsub_region": "us-east-2", "aws_pubsub_endpoint": "wss://xxxx-ats.iot.us-xxx-x.amazonaws.com/mqtt", "clientId": "09db81a1-f3eb-4e70-95fb-d286da21b209" }, "_clientsQueue": { "promises": {} }, "connectionStateMonitor": { "_linkedConnectionState": { "networkState": "connected", "connectionState": "disconnected", "intendedConnectionState": "disconnected", "keepAliveState": "healthy" }, "_linkedConnectionStateObservable": {}, "_linkedConnectionStateObserver": { "_subscription": { "_observer": {}, "_state": "ready" } } }, "_topicObservers": {}, "_clientIdObservers": {} } } ```
1
answers
0
votes
19
views
mvp
asked 25 days ago

S3 bucket per tenant approach. Can I assign different IAM roles for diefferent users in the amplify project?

Please let me know if this a valid approach or I am missing something fundamental.. **Requirement**: - I need to be able to restrict each tenant users from accessing each other s3 files - and be able to measure each tenant space usage in the s3. **Solution I think to implement**: Upon user signup, we check if this is a sign up by invitation to already existing tenant space or a new registration - if it's a new tenant than we register him in a custom dynamodb table and create an s3 bucket for him - if it's a new user in existing tenant we we only adding him to the IAM Role that can access the tenant s3 bucket **Details**: I currently am using cognito custom attribute to save tenant ID (it's configured to not be changeable by the user itself) and struggle to figure out how I can affect the role mapping in the cognito Identity pool to implement the above logic. Please give me directions to dig further or advises on the overall approach in general. Some of the ideas are taken from this article https://medium.com/@dantasfiles/multi-tenant-aws-amplify-method-2-cognito-groups-38b40ace2e9e and it also suggests to use cognito dynamic groups to differ tenants and it seems to resolve the s3 issue as well, but with dynamic groups sync events won't work, right? > Known limitation: Real-time subscriptions are not supported for dynamic group authorization. https://docs.amplify.aws/cli/graphql/authorization-rules/#user-group-based-data-access There is also this question https://repost.aws/questions/QUW1WibDWjQd2rOll4mDiPMA which suggest to use a lymbda and presigned s3 urls to regulate the access to s3 files based on the tenant logic
1
answers
0
votes
56
views
Arsen
asked a month ago

Can not call HTTP API with Custom domain which provided by Google Domain

I'm going to connect HTTP API to my domain and use it. My domain is ***.art and I'm using it from Google. First, I connected CNAME to connect to AWS Amplify. Below is a captured copy of the Admin tab for the Amplify domain and the DNS settings status for the Google domain. ![Enter image description here](/media/postImages/original/IMB_v0nABCQlCCYiDg12-d2w) ![Enter image description here](/media/postImages/original/IMFAxZpx67SJuQywDFZY_7kQ) Subsequently, we created an HTTP API and verified calls through that URL.![Enter image description here](/media/postImages/original/IMvwgkwY8cT26mAvQkxWUziQ) The path and CORS settings of the API are shown in the screenshot below. ![Enter image description here](/media/postImages/original/IMgV_fMCrZTCmDIGUNWS_OYg)![Enter image description here](/media/postImages/original/IMiNitf33iQamWTYY5xe6QPQ) And the settings for the custom domain are as follows. ![Enter image description here](/media/postImages/original/IMbAtfy-xzStmVm9fP81rLBg) ![Enter image description here](/media/postImages/original/IMDBwuYv4gSV2Ro_3u-Yhz3A) Finally, the certificate and the DNS setting of the Google domain to which it was applied are as follows. ![Enter image description here](/media/postImages/original/IM6kXCEe7ZRiKUxDoIX4hkyA) ![Enter image description here](/media/postImages/original/IMSm3e45NJTMCJZW9Khrwvyw) I would appreciate it if you could tell me which part went wrong. The following is an error response when Chrome accessed the HTTP API address through my custom domain. ![Enter image description here](/media/postImages/original/IMWg1T0EeAQq-SgV5FTYm_dA) ![Enter image description here](/media/postImages/original/IM-KMgzjgITX-I3u_N-Lr5JQ)
0
answers
0
votes
23
views
asked a month ago

How to pull amplify backend without error? (Might related python env?)

Hi, I tried to pull the backend by the cli command that shows in Amplify console, but got an error. amplify pull --appId xxxxxxxxxx --envName yyyyyyyyyy My environment: amplify --version 10.0.0 python --version Python 3.9.13 pyenv --version pyenv 2.3.3 How should I do to solve this? Error: Failed to pull the backend. Report saved: /ar/folders/xp/.... Sending zip File at path: '/xxxxxxxxxx/amplify/backend/amplify-meta.json' does not exist ✖ Sending zip 🛑 ENOENT: no such file or directory, stat '/xxxxxxxxxx/amplify/.temp/#current-cloud-backend/function/xxxxxxxxxx/.venv/bin/python' Error: ENOENT: no such file or directory, stat '/xxxxxxxxxx/amplify/.temp/#current-cloud-backend/function/xxxxxxxxxx/.venv/bin/python' at Object.statSync (fs.js:1131:3) at Object.statSync (pkg/prelude/bootstrap.js:1345:32) at Object.statSync (/snapshot/repo/build/node_modules/graceful-fs/polyfills.js:311:34) at getStatsSync (/snapshot/repo/build/node_modules/fs-extra/lib/util/stat.js:58:18) at Object.checkPathsSync (/snapshot/repo/build/node_modules/fs-extra/lib/util/stat.js:90:33) at copyDirItem (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:119:29) at /snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:113:39 at Array.forEach (<anonymous>) at copyDir (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:113:23) at mkDirAndCopy (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:108:3) at onDir (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:99:25) at getStats (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:45:37) at startCopy (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:38:10) at copyDirItem (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:120:10) at /snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:113:39 at Array.forEach (<anonymous>) at copyDir (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:113:23) at mkDirAndCopy (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:108:3) at onDir (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:99:25) at getStats (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:45:37) at startCopy (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:38:10) at copyDirItem (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:120:10) at /snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:113:39 at Array.forEach (<anonymous>) at copyDir (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:113:23) at mkDirAndCopy (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:108:3) at onDir (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:99:25) at getStats (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:45:37) at startCopy (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:38:10) at copyDirItem (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:120:10) at /snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:113:39 at Array.forEach (<anonymous>) at copyDir (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:113:23) at mkDirAndCopy (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:108:3) at onDir (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:99:25) at getStats (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:45:37) at startCopy (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:38:10) at copyDirItem (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:120:10) at /snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:113:39 at Array.forEach (<anonymous>) at copyDir (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:113:23) at onDir (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:103:10) at getStats (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:45:37) at startCopy (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:38:10) at handleFilterAndCopy (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:33:10) at Object.copySync (/snapshot/repo/build/node_modules/fs-extra/lib/copy-sync/copy-sync.js:26:10) at downloadBackend (/snapshot/repo/build/node_modules/amplify-provider-awscloudformation/lib/attach-backend.js:389:8) at async Object.run (/snapshot/repo/build/node_modules/amplify-provider-awscloudformation/lib/attach-backend.js:116:3) at async Object.attachBackend (/snapshot/repo/build/node_modules/amplify-provider-awscloudformation/lib/index.js:208:3) at async queryProvider (/snapshot/repo/build/node_modules/@aws-amplify/cli-internal/lib/attach-backend-steps/a10-queryProvider.js:31:5) at async attachBackend (/snapshot/repo/build/node_modules/@aws-amplify/cli-internal/lib/attach-backend.js:38:9) at async Object.run (/snapshot/repo/build/node_modules/@aws-amplify/cli-internal/lib/commands/pull.js:70:9) at async Object.executeAmplifyCommand (/snapshot/repo/build/node_modules/@aws-amplify/cli-internal/lib/index.js:292:9) at async executePluginModuleCommand (/snapshot/repo/build/node_modules/@aws-amplify/cli-internal/lib/execution-manager.js:142:5) at async executeCommand (/snapshot/repo/build/node_modules/@aws-amplify/cli-internal/lib/execution-manager.js:40:9) at async Object.run (/snapshot/repo/build/node_modules/@aws-amplify/cli-internal/lib/index.js:165:13) Thanks,
1
answers
0
votes
11
views
asked a month ago