-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Can I specify IAM user credentials for use in authenticating an AppSync API? #3116
Comments
There is no need to pass access key and secret access key to Amplify, Amplify automatically gets credentials for you if using Cognito user pools and identity pools (assuming you passed auth and appsync config keys to
This is not recommended:
You might be able to do something like this: (haven't tested it, but worth trying) AWS.config.update(
{
accessKeyId: 'XXXXX',
secretAccessKey: 'YYYYY',
region: 'ZZZZ'
}
);
graphql(gql(queries.testQuery, { key: 'value' }))
.then((data) => {
// Do something with result
}) |
Unfortunately, this doesn't work. Amplify is still looking for user pool credentials and I get the following error:
I'm using Amplify in an (essentially) IOT device, and using a Cognito user for authentication will expose this device to a potential DOS attack from repeated logins with an incorrect password. All the attacker would need to know is the account username. As far as I'm aware, IAM credentials have no such failed login restrictions, and so are more suited to my purpose. From a security standpoint, there is no difference between hard-coding IAM credentials and hard-coding Cognito credentials. |
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
Is there anything else I can try, or is what I want to do simply not possible using Amplify? |
I'm getting the exact same issue here |
Using this before Amplify.configure worked for me:
|
@JonathanHolvey does the workaround from @m3Lith work for you? |
I'll take a look, however I may not get an opportunity for a little while. Bear with me |
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
Closing due to inactivity. |
Did you solve this issue? I tried to config AWS credentials but no luck. |
@kumishida This might help.
|
Thanks you for your suggestion!
|
This issue has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs. Looking for a help forum? We recommend joining the Amplify Community Discord server |
I am using Amplify to connect to an existing AppSync API from an automated device running node. This is not a front-end client, so I want to be able to connect using an IAM user's security credentials.
I'm using the following code to confiture Amplify and make a GraphQL query, however I can't find any documentation on how to pass the access key ID and secret access key to
Amplify.configure()
.I'm currently getting the following messages:
Is it possible to connect with IAM security credentials directly, rather than a Cognito Identity Pool? What properties can be passed to
Amplify.configure()
in myconfig
object to achieve this?The text was updated successfully, but these errors were encountered: