AWS-首次创建联合身份时是否有办法“钩住"? [英] AWS - Is there a way to 'hook' into when a federated identity is created for the first time?
问题描述
我有一个Cognito身份池,用于对前端用户进行身份验证,并为他们提供我的应用程序中的某些权限.但是,在给这些用户授予访问IoT的权限时遇到了一个问题,这涉及到调用Lambda调用 iot.addPrincipalPolicy(),一旦完成,便可以正常工作.
I have a Cognito Identity Pool that is used to authenticate my front end users, as well as give them certain permissions in my application. However, I have encountered an issue with giving these users permission to access IoT, which involves invoking a Lambda calling iot.addPrincipalPolicy(), and once that is done then everything works flawlessly.
但是,我面临的问题是,当我的用户实际上每次只需要在用户注册时才运行身份验证时,就会立即调用此函数.有没有办法确保它只运行一次?我当时在考虑使用Cognito用户池触发器,但这仅适用于通过Cognito(而不是Facebook或Google)进行身份验证的用户.
However, the issue I am facing is that right now I am running this function is being called every time my user requests authentication, when it really only needs to be ran when the user signs up. Is there a way to make sure that it only gets ran once? I was thinking of using a Cognito User Pool trigger, but that will only work for my users who authenticate with Cognito and not with Facebook or Google.
因此,基本上,我只想在用户首次获得身份池ID时调用一次此函数.我有办法做到这一点对所有登录方法都适用吗?
So basically, I would like to only call this function once, the first time that the user gets an Identity Pool ID. Is there a way I can do this that will work for all login methods?
推荐答案
由于我的代表点不足以简单地发表评论,因此我将其保留在这里,以防万一它对您有所帮助.
As I don't have enough rep points to simply put a comment, I will leave this here just in case it helps you.
Cognito用户池最近获得了对Facebook和Google身份提供者的支持,因此您可以在需要时为用户提供用户池触发器.
Cognito User Pool recently gained support for Facebook and Google identity providers, so you COULD user a User pool trigger if needed.
http://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-social.html
这篇关于AWS-首次创建联合身份时是否有办法“钩住"?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
