By using AWS re:Post, you agree to the Terms of Use
Questions in Compute
Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

Add new user to user pool groups as Admin

Hi team, I have a Cognito user pool with 3 Groups, I want to create users inside Groups as System Administrator: - the system Admin will fill out a form about client's: given name, surname, email address + some custom attributes - when sending the form (invitation), my lambda function should create the user inside my Cognito user pool Group with all the above attributes. - the client will receive a link via email to validate the **invitation** - when the client clicks the link (custom Domain link), he validates the invitation In the SDK documentation, I found that a system Admin can add users to the Cognito group using the `adminAddUserToGroup` API call ``` var params = { GroupName: 'STRING_VALUE', /* required */ UserPoolId: 'STRING_VALUE', /* required */ Username: 'STRING_VALUE' /* required */ }; cognitoidentityserviceprovider.adminAddUserToGroup(params, function(err, data) { if (err) console.log(err, err.stack); // an error occurred else console.log(data); // successful response }); ``` but the `adminAddUserToGroup` API call, only take as params the GroupName, UserPoolId and Username ``` { "GroupName": "string", "Username": "string", "UserPoolId": "string" } ``` - how can I get my user created (with the given name, surname, email, and custom attributes...) with this call: `adminAddUserToGroup`? - the username on the params above is it the sys admin username or the user name of the client to create? - how can I validate the invitation once the client clicks the verification link? - should I create a new lambda that sends the verification link or the API call `adminAddUserToGroup` send the email to the user on our behalf? the critical part is how can the system admin create a new user (with all attributes: given name, email....), via the `adminAddUserToGroup` API call and how can I validate the invitation when the user clicks the verification link? Thank you team for your help!
1
answers
1
votes
14
views
asked 3 hours ago

Https call to API Gateway via VPC Endpoint fails to make connection intermittently

I have a private API gateway in its own account. It is used by clients having VPC Endpoint interfaces to execute-api service, and until now these have had Private DNS enabled, and there have been no issues. A new client uses some existing public APIs, so Private DNS is disabled. However, they have had intermittent connectivity to the gateway during their testing. I tried reproducing this from a second account with a test Lambda (node.js, v16, arm) in a VPC, using a VPC Endpoint with Private DNS disabled. I was able to reproduce the intermittent connectivity, but I can't understand why this happens. [Edit: The subnets attached to the VPC use the same security group, and this allows htttps ingress from 10.57.150.0/24] I found that when using the generic endpoint DNS Name (no AZ marker in the name) the intermittent issue could be reproduced. If I switch to using the Endpoint DNS Names that include the AZ marker, then 1 of the DNS Names connected every time, but the other 2 (we use 3 AZs and 1 subnet per AZ) fail to connect with a timeout error. I added a call to resolve the hostname passed in, and all three hosts resolve to what I would expect (10.57.150.x), so I think this is a routing issue rather than DNS. The route tables for all three subnets are the same, 2 routes for the s3 and DynamoDB prefix lists, a route for 10.57.150.0/24 and the remaining 0.0.0.0/0 going via a transit gateway instance. I'm not sure what other information I would need to add here. Has anyone seen anything like this before?
0
answers
0
votes
13
views
asked 6 hours ago

Webclient SDK Angular Integration

I am currently looking to include the NICE DCV Webclient SDK into an **angular** project but have stumbled onto a problem: With the default setup the following error is displayed in the browser: ``` DOMException: Failed to execute 'importScripts' on 'WorkerGlobalScope': The script at 'https://<server-url>/recon/dcv/dcvjs/dcv/broadwayh264decoder-worker.js' failed to load. ``` The same is true for the file *lz4decoder-worker.js*. It seems that the way angular generates the url-path is causing this problem and is not providing the source files in the location the dcv.js file expects them to be. The html-file that contains the dcv-viewer div component is located at 'https://<server-url>/recon/dcv/' and provided by angular. It is now working using a workaround. In the **dcv.js** there is a line where the location of the source files seems to be generated with the baseurl of the site and then appending 'dcvjs': ``` ...?e.baseUrl.replace(/^\/+|\/+$/g,""):"dcvjs",!new RegExp("^http","i")... ``` Replacing "dcvjs" with the correct url directly ("https://<server-url>/recon/assets/dcvjs" Using this, the application can now correctly locate the necessary .js files. This is, however, for obvious reasons a rather dirty solution to the problem. We would have to replace the static server-url adress manually for each environment. So now my question is, is it somehow possible to configure the project in a way where the resources are correctly provided to the application in angular? Further, I have noticed that the sample application of AWS AppStream 2.0 uses NICE DCV in an angular context. Is it possible to provide an angular plugin similar to the react component already included in the SDK? The perfect solution of course would be to be able to install the SDK using npm :) Thanks in advance, Julian
1
answers
0
votes
7
views
asked 10 hours ago

Cannot add environment variable through Ebextensions

I'm using .ebextensions to create VPCEndpoints so in the **Resources** section I've addded the needed section for the VPCEndpoint. Then after that in the **option_settings** section I'm trying to add an environment variable in my elastic beanstalk application referencing the created VPCEndpoint, but when i check the environment variables from the elastic beanstalk console the value is added as a plain text not the Ref of the VPCEndpoint (Check the screenshot) So how can i make it interpret the Ref of the endpoint ? ![Enter image description here](/media/postImages/original/IMkQEkAlsLRyCG5pYs1i8hkA) ``` Resources: NewsonarVPCEndpoint: Type: AWS::EC2::VPCEndpoint Properties: PrivateDnsEnabled: false SecurityGroupIds: - {"Fn::GetOptionSetting": {"Namespace": "aws:elasticbeanstalk:application:environment", "OptionName": "ALLOW_INBOUND_FROM_VPC_SECURITY_GROUP", "DefaultValue": "default_value"}} ServiceName: { "Fn::Join": [ "", [ "com.amazonaws.vpce.",{"Fn::GetOptionSetting": {"Namespace": "aws:elasticbeanstalk:application:environment", "OptionName": "AWS_REGION", "DefaultValue": "us-east-1"}},".",{"Ref": "sonarVPCEndpointService"}]] } SubnetIds: - { "Ref": "Subnet1Id" } - { "Ref": "Subnet2Id" } - { "Ref": "Subnet3Id" } VpcEndpointType: Interface VpcId: { "Ref": "VpcId" } option_settings: aws:elasticbeanstalk:application:environment: VPC_ENDPOINT: '`{"Ref" : "NewsonarVPCEndpoint"}`' ```
0
answers
0
votes
4
views
asked 11 hours ago