I working with AWS Amplify and calling a lambda function through the API gateway. I am getting back a 403 error which was mentioned in this previous question that is was probably API gateway rejecting authentication from Cognito by default.
I altered my project so it should have both IAM and Cognito permissions, but I'm still getting this error.
Graph QL Template
type Config @model @auth(rules: [{allow: private}, {allow: private, provider: iam}]) {
id: ID!
name: String!
value: String!
}
type File @model @auth(rules: [{allow: private}, {allow: private, provider: iam}]) {
id: ID!
Lawyers: [Lawyer] @manyToMany(relationName: "LawyerFile")
}
type Lawyer @model @auth(rules: [{allow: private}, {allow: private, provider: iam}]) {
id: ID!
Files: [File] @manyToMany(relationName: "LawyerFile")
}
backend-config.json
"api18ddb8a0": {
"dependsOn": [
{
"attributes": [
"Name",
"Arn"
],
"category": "function",
"resourceName": "avalWebAppSearchFunction"
}
],
"providerPlugin": "awscloudformation",
"service": "API Gateway"
},
"avalwebapp": {
"dependsOn": [
{
"attributes": [
"UserPoolId"
],
"category": "auth",
"resourceName": "avalwebapp66db36ee"
}
],
"output": {
"authConfig": {
"additionalAuthenticationProviders": [
{
"authenticationType": "AWS_IAM"
}
],
"defaultAuthentication": {
"authenticationType": "AMAZON_COGNITO_USER_POOLS",
"userPoolConfig": {
"userPoolId": "authavalwebapp66db36ee"
}
}
}
},
"providerPlugin": "awscloudformation",
"service": "AppSync"
}
},
I'm being trying different configurations and tweaks from amplify cli and also amplify studio for days but I'm stuck on how to get this to work. The Cognito is needed to authenticate by default with GraphQL but I also want IAM to work with API gateway by default. Its all frustrating.
