我需要使用临时凭据来调用API Gateway,并依次使用congito用户组IAM角色。我使用下面的代码获得了临时的证明。
var data = {
UserPoolId: config.cognito.USER_POOL_ID,
ClientId: config.cognito.APP_CLIENT_ID,
};
var userPool = new cognito.CognitoUserPool(data);
var cognitoUser = userPool.getCurrentUser();
if (cognitoUser != null) {
cognitoUser.getSession(function(err, session) {
if (err) {
console.log(err);
return;
}
console.log('session validity: ' + session.isValid());
console.log('session Identity token: ' + session.getIdToken().getJwtToken());
AWS.config.region = config.cognito.REGION;
AWS.config.credentials = new AWS.CognitoIdentityCredentials({
IdentityPoolId : config.cognito.IDENTITY_POOL_ID,
Logins : {
// Change the key below according to the specific region your user pool is in.
'cognito-idp.ap-south-1.amazonaws.com/ap-south-1_G7YbVmvPG': session.getIdToken().getJwtToken()
}
});
AWS.config.credentials.get(function(err,data) {
if (!err) {
var id = AWS.config.credentials.identityId;
var key = AWS.config.credentials.accessKeyId;
var secretkey = AWS.config.credentials.secretAccessKey;
var sessionToken = AWS.config.credentials.sessionToken;
console.log('Cognito Identity ID '+ id);
console.log('Cognito Key '+ key);
console.log('Cognito Secret Key '+ secretkey);
console.log('Cognito SessionToken '+ sessionToken);
}
});
});
}
当依次调用必要的IAM角色时,我如何需要用sigv4签名APi网关请求并将此凭据发送给它?
谢谢 感谢您的帮助