AWS + Serverless-如何获取由Cognito用户池生成的密钥

时间:2018-12-29 07:49:12

标签: amazon-web-services amazon-cognito serverless

我一直在关注https://serverless-stack.com/chapters/configure-cognito-user-pool-in-serverless.html上的无服务器教程

我有以下无服务器的Yaml代码段

Resources:
  CognitoUserPool:
    Type: AWS::Cognito::UserPool
    Properties:
      # Generate a name based on the stage
      UserPoolName: ${self:custom.stage}-moochless-user-pool
      # Set email as an alias
      UsernameAttributes:
      - email
      AutoVerifiedAttributes:
      - email

  CognitoUserPoolClient:
    Type: AWS::Cognito::UserPoolClient
    Properties:
      # Generate an app client name based on the stage
      ClientName: ${self:custom.stage}-user-pool-client
      UserPoolId:
        Ref: CognitoUserPool
      ExplicitAuthFlows:
      - ADMIN_NO_SRP_AUTH
      # >>>>> HOW DO I GET THIS VALUE IN OUTPUT <<<<<
      GenerateSecret: true

# Print out the Id of the User Pool that is created
Outputs:
  UserPoolId:
    Value:
      Ref: CognitoUserPool

  UserPoolClientId:
    Value:
      Ref: CognitoUserPoolClient
  #UserPoolSecret:
  #   WHAT GOES HERE?

我正在将所有其他配置变量导出到json文件(供移动应用使用,因此我需要密钥)。

如何生成生成的密钥以显示在输出列表中?

1 个答案:

答案 0 :(得分:2)

检索密钥的理想方法是在cloudformation模板中使用“ CognitoUserPoolClient.ClientSecret”。

UserPoolClientIdSecret:
  Value:    
   !GetAtt CognitoUserPoolClient.ClientSecret

但不支持here,它不支持,并且给出消息,如图所示:Not supported 您可以运行以下CLI命令来检索密钥,以解决此问题:

aws cognito-idp describe-user-pool-client --user-pool-id "us-west-XXXXXX"  --region us-west-2 --client-id "XXXXXXXXXXXXX" --query 'UserPoolClient.ClientSecret' --output text
相关问题
最新问题