2

I am currently working on a react app to integrate a map using AWS Location Services. I've followed this tutorial online. The tutorial uses AWS Cognito for user authentication but my application already has our own in-house authentication method. Thus, I was looking to implement the map without authentication (from Cognito).

I've followed the same youtube tutorial's code linked here, but I kept on facing issues with the authentication. The code uses the createRequestTransformer() function from the amazon-location-helpers package, requiring credentials but since I want to allow unauthenticated access I'm using Identity Pool ID instead.

This is the error that I am facing on my React app and I've received a wide range of errors for authentication from 400, 403 to 404.

Unhandled Rejection (InvalidIdentityPoolConfigurationException): Invalid identity pool configuration. Check assigned IAM roles for this pool.

Error faced

I have tried all solutions from the stackoverflow post here but to no avail. Although I am unable to access, my AWS Cognito console adds in a user count whenever I refresh the page as seen in the image below. Cognito console

Goh Jia Yi
  • 329
  • 3
  • 16

1 Answers1

0

This error is related to the Cognito User Assumed IAM role not having the correct access to the resources you are attempting to call in the code.

Even though the user is unauthenticated - the unauthenticated role is still assumed. Go to the Cognito Identity Pool console and note the specified IAM Role. Go to that role in the IAM console and apply the necessary IAM policy so that an unauthenticated Cognito User can assume that role.

Here is the IAM related Document for Amazon Location: https://docs.aws.amazon.com/location/latest/developerguide/security_iam_id-based-policy-examples.html

So once done

  useEffect(() => {
    const fetchCredentials = async () => {
      setCredentials(await Auth.currentUserCredentials());
    };

    fetchCredentials();
  }, []);

Specifically await Auth.currentUserCredentials() will get the temporary credentials for the user which will have the correct access rights to Amazon Location as you per your specification in the applied IAM policy on the unauthenticated Cognito Identity Pool IAM Role.

Leon Africa
  • 509
  • 6
  • 11