aws-samples / aws-cognito-quicksight-auth Goto Github PK
View Code? Open in Web Editor NEWA simple JavaScript frontend and SAM template to spin up a serverless backend, federating Cognito User Pools users to QuickSight.
License: Apache License 2.0
A simple JavaScript frontend and SAM template to spin up a serverless backend, federating Cognito User Pools users to QuickSight.
License: Apache License 2.0
Failed to create the changeset: Waiter ChangeSetCreateComplete failed: Waiter encountered a terminal failure state Status: FAILED. Reason: Template format error: Unrecognized resource types: [AWS::Cognito::UserPool, AWS::Cognito::IdentityPoolRoleAttachment, AWS::Cognito::UserPoolClient, AWS::Cognito::IdentityPool]
Hi - not an issue maybe but guidance, please. All works fine but I am using groups created in the User Pool in the claim of the Identify Pool Authentication provider (new role with rules). The default as provided in the stack works fine, but I'm battling to get a member of a group to login to Quicksight and see either dashboards specified as a resource or dashboards published to a group which is again specified in the IAM permissions. e.g. of IAM policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "quicksight:CreateReader",
"Effect": "Allow",
"Resource": ""
},
{
"Action": "quicksight:CreateGroupMembership",
"Effect": "Allow",
"Resource": "arn:aws:quicksight:::group/default/"
}
]
}
I've changed this around a few times to use only the groupmembership action, RegisterUser and specified the dashboard ARN for resource without success. This may be me missing something on IAM knowledge but if it is please let me know!
Hi all,
How do I get the specific username of the person who logged in? Currently, it is showing on Quicksight as 'RoleName/CognitoCredentials'. Every cognito user that exist in my user pool can access this unique quicksight user using '/CognitoCredentials'.
For example, let's suppose that my cognito user pool has two users "user1" and "user2" and I want to restrict some dashboards for them. When "user1" or "user2" is logged in, the quicksight user is 'RoleName/CognitoCredentials'. In other words, the same quicksight user is accessed by the two cognito users and it is not possible to restrict dashboards for them.
Actually what I really wanna do is to have one Quicksight user for each Cognito user. It should be something like 'RoleName/UserCredentials' and not be using the cognito user pool credentials.
Is that possible? How can I use the user credentials (id token)?
Please, your prompt reply is highly appreciated.
Regards,
Bruno
The big-data blog post url no longer exists - does it live anywhere else ? Thanks
aws-cognito-quicksight-auth/quicksight.yaml
Line 124 in acf7847
I'm getting a cloudformation error related to "CodeUri"
This works..
CodeUri:
Bucket: bucket-name
Key: lambda.zip
does this code suffer from the confused deputy vulnerability?
it looks as though the frontend sends an arbitrary URL to a lambda, which then requests it and returns the payload, without any sanitisation ๐ค
Hi,
I have followed all mentioned steps to integrate AWS cognito to one end point (e.g, "https://google.com")
After finishing configuration part, I was successfully got opened out cloudFrount link for creating account, but I'm getting message like Token expired or invalid signing out! while signing up.
Please help me to solve this issue.
I am trying to follow your sample to build quicksight with cognito, but I get this error message when I access the static website
Uncaught TypeError: AWSCognito.CognitoIdentityServiceProvider.CognitoAuth is not a constructor
I had already involved aws-cognito-sdk.js and amazon-cognito-auth.min.js
We used these library.
<script src="aws-cognito-sdk.js"></script>
<script src="amazon-cognito-auth.min.js"></script>
We got the error below.
Uncaught TypeError: cognitoUser.getUserAttributes is not a function
cognitoUser.getUserAttributes(function(err, result) {
if (err) {
alert(err);
return;
}
userData = result;
});
We followed the document
It seems that current library does not support getUserAttribute. Is there any possible way to get or update userAttribute?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.