User: arn:aws:sts::****:assumed-role/aws-lambda-execute/**** is not authorized to perform: cognito-idp:AdminInitiateAuth on resource: arn:aws:cognito

huangapple go评论68阅读模式
英文:

User: arn:aws:sts::****:assumed-role/aws-lambda-execute/**** is not authorized to perform: cognito-idp:AdminInitiateAuth on resource: arn:aws:cognito

问题

I am encountering an error when deploying my frontend nextjs code on vercel, whereas the same code is working correctly on my local machine.

我在将我的前端Next.js代码部署到Vercel时遇到了错误,而在我的本地机器上相同的代码正常运行。

I am using aws lambda and cognito service. lambda already deployed but and its work fine with nextjs local application but when i deploy nextjs app then its gives me the permission issue at the time of login.

我正在使用AWS Lambda和Cognito服务。Lambda已经部署,它在Next.js本地应用程序中运行良好,但当我部署Next.js应用程序时,在登录时出现了权限问题。

> AccessDeniedException: User:
> arn:aws:sts::672624023363:assumed-role/aws-lambda-execute/80a5c4b676c2fd90d3fee4d9b88ff4d1e8f99360429f3df3aa079adeffdecdf0
> is not authorized to perform: cognito-idp:AdminInitiateAuth on
> resource: arn:aws:cognito-idp:us-east-2:6726240

> AccessDeniedException: 用户:
> arn:aws:sts::672624023363:assumed-role/aws-lambda-execute/80a5c4b676c2fd90d3fee4d9b88ff4d1e8f99360429f3df3aa079adeffdecdf0
> 未被授权执行操作: cognito-idp:AdminInitiateAuth
> 在资源上: arn:aws:cognito-idp:us-east-2:6726240

User: arn:aws:sts::****:assumed-role/aws-lambda-execute/**** is not authorized to perform: cognito-idp:AdminInitiateAuth on resource: arn:aws:cognito

User: arn:aws:sts::****:assumed-role/aws-lambda-execute/**** is not authorized to perform: cognito-idp:AdminInitiateAuth on resource: arn:aws:cognito

英文:

Thanks in advace for the help!

I am encountering an error when deploying my frontend nextjs code on vercel, whereas the same code is working correctly on my local machine.

I am using aws lambda and cognito service. lambda already deployed but and its work fine with nextjs local application but when i deploy nextjs app then its gives me the permission issue at the time of login.

> AccessDeniedException: User:
> arn:aws:sts::672624023363:assumed-role/aws-lambda-execute/80a5c4b676c2fd90d3fee4d9b88ff4d1e8f99360429f3df3aa079adeffdecdf0
> is not authorized to perform: cognito-idp:AdminInitiateAuth on
> resource: arn:aws:cognito-idp:us-east-2:6726240

User: arn:aws:sts::****:assumed-role/aws-lambda-execute/**** is not authorized to perform: cognito-idp:AdminInitiateAuth on resource: arn:aws:cognito

答案1

得分: 1

The reason you are getting this issue on Vercel, and not on local is because AWS credentials seems to be missing on Vercel server.

On local machine, you might be having the aws credential profile configured and that profile might be having sufficient permissions to assume the required role.

Solution

  1. Create an IAM user with sufficient permissions, and generate security credentials.

  2. Add following AWS environment variables on your Vercel server where your application is running.

    AWS_ACCESS_KEY_ID=<your access key id>
    AWS_SECRET_ACCESS_KEY=<your access secret key>
    AWS_DEFAULT_REGION=<aws region>
    
英文:

The reason you are getting this issue on Vercel, and not on local is because AWS credentials seems to be missing on Vercel server.

On local machine, you might be having the aws credential profile configured and that profile might be having sufficient permissions to assume the required role.

Solution

  1. Create an IAM user with sufficient permissions, and generate security credentials.

  2. Add following AWS environment variables on your Vercel server where your application is running.

    AWS_ACCESS_KEY_ID=<your access key id>
    AWS_SECRET_ACCESS_KEY=<your access secret key>
    AWS_DEFAULT_REGION=<aws region>
    

    See Vercel docs here learn how to do this.

I also found another blog post explaining the same thing. You may read this as well - How can I use AWS SDK Environment Variables on Vercel?

huangapple
  • 本文由 发表于 2023年5月21日 00:49:32
  • 转载请务必保留本文链接:https://go.coder-hub.com/76296332.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定