AWS Cognito SMS角色:无法创建或分配新角色 [英] AWS Cognito SMS Role : Cannot create or assign a new role
问题描述
我无法获取验证码和移动应用.我删除了角色.我尝试在cognito中重新创建角色,但它没有任何选择.
I am not able to get verification codes(sms) and mobile app. i deleted the role. i tried recreating the role in cognito but it doesn't give any option to do so.
我创建新用户时的错误响应: 角色没有信任关系,允许Cognito担任该角色"
在将验证设置保存在我的Cognito上(先前的角色被困在其中)时,它会显示"您的角色仍在创建中"
On saving the verification settings on my cognito (with the previous role arn stuck in there) it say "Your roles are still being created"
推荐答案
我也遇到了同样的问题.让我分享解决问题的方法,我认为虽然不是最佳方法,但我希望它会有所帮助:
I too faced the same issue. Let me share the method in which i solved it, Although not the optimal method, i think, but i hope it helps:
1)我有另一个Cognito用户池,在该用户池中我没有创建sms角色,并且在该用户池下创建了与我删除的SMS角色名称相同的SMS角色(只是让aws创建角色)和政策本身,因为我很懒;-)).
1) I had another cognito userpool, in which i hadn't created the sms role and under that userpool i created the SMS role with same name as the name of the SMS role i deleted(Just to let aws create the roles and policy by itself, and because i am lazy ;-)).
2)在新创建的SMS角色的信任关系条件下,我用我的主用户池的externalID替换了externalID.
2) Under the newly created SMS Role's trust relationship condition, i substituted the externalID with my main userpool's externalID.
您可以使用aws cli获取externalID.
You can get the externalID using aws cli.
aws cognito-idp describe-user-pool --user-pool-id <user-pool-id>
或者您可以创建具有相同名称的SMS服务角色,并为其附加SNS写入策略,并与您的Cognito用户池建立信任关系,以使其承担角色.
Or you can create SMS service role with the same name and attach SNS write policy with it and create trust relationship with your cognito userpool, to let it assume the role.
希望它会有所帮助.干杯.
Hope it helps. Cheers.
这篇关于AWS Cognito SMS角色:无法创建或分配新角色的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
