Warning: file_get_contents(/data/phpspider/zhask/data//catemap/1/dart/3.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
来自Android的AWS DynamoDB访问,对表的访问被拒绝_Android_Amazon Web Services - Fatal编程技术网
Fatal编程技术网
  • android/
  • 来自Android的AWS DynamoDB访问,对表的访问被拒绝

来自Android的AWS DynamoDB访问,对表的访问被拒绝

android amazon-web-services

来自Android的AWS DynamoDB访问,对表的访问被拒绝,android,amazon-web-services,Android,Amazon Web Services,我试图在NoSQL DynamoDB上执行CRUD操作,我最初没有在AWS Mobile Hub上将CognitoPool与我的项目集成,但我没有这样做,而是在我的项目的“raw”目录中替换了我的json文件。DB是完全公开的,无论是读还是写,但出于某种原因,我一直收到以下错误: com.amazonaws.AmazonServiceException: User: arn:aws:sts::1234567890:assumed-role/shoppinglist_unauth_MOBILEHU

我试图在NoSQL DynamoDB上执行CRUD操作,我最初没有在AWS Mobile Hub上将CognitoPool与我的项目集成,但我没有这样做,而是在我的项目的“raw”目录中替换了我的json文件。DB是完全公开的,无论是读还是写,但出于某种原因,我一直收到以下错误:

com.amazonaws.AmazonServiceException: User: arn:aws:sts::1234567890:assumed-role/shoppinglist_unauth_MOBILEHUB_1234567890/CognitoIdentityCredentials is not authorized to perform: dynamodb:DescribeTable on resource: arn:aws:dynamodb:us-east-1:1234567890:table/ShoppingLists (Service: AmazonDynamoDB; Status Code: 400; Error Code: AccessDeniedException; Request ID: BQ0HAP7PUGO6AUC04LOHUND1V3VV4KQNSO5AEMVJF66Q9ASUAAJG)
出于安全考虑,我已将所有识别号码改为1234567890

这是我的.json文件:

{
  "UserAgent": "MobileHub/1.0",
  "Version": "1.0",
  "CredentialsProvider": {
    "CognitoIdentity": {
      "Default": {
        "PoolId": "us-east-1******************,
        "Region": "us-east-1"
      }
    }
  },
  "IdentityManager": {
    "Default": {}
  },
  "CognitoUserPool": {
    "Default": {
      "PoolId": "us-east-1_*******",
      "AppClientId": "5lg571jsd60ruvair8jiqpefbs",
      "AppClientSecret": "bqn8edlp19gfgogfhf4j9qg1mq8u8ftpb328f652n0451gl2dnt",
      "Region": "us-east-1"
    }
  },
  "DynamoDBObjectMapper": {
    "Default": {
      "Region": "us-east-1"
    }
  },
  "PinpointAnalytics": {
    "Default": {
      "AppId": "27e0f3ee2e63419c9dc8f18f23a294fe",
      "Region": "us-east-1"
    }
  },
  "PinpointTargeting": {
    "Default": {
      "Region": "us-east-1"
    }
  }
}
这是我的主活动类中的onCreate()方法

AWSMobileClient.getInstance().initialize(this, awsStartupResult ->
        Log.d("YourMainActivity", "AWSMobileClient is instantiated and you are connected to AWS!"))
        .execute();

// Instantiate a AmazonDynamoDBMapperClient
AmazonDynamoDBClient dynamoDBClient = new AmazonDynamoDBClient(AWSMobileClient.getInstance().getCredentialsProvider());
this.dynamoDBMapper = DynamoDBMapper.builder()
        .dynamoDBClient(dynamoDBClient)
        .awsConfiguration(AWSMobileClient.getInstance().getConfiguration())
        .build();

Runnable runnable = () -> {
    dbClient = new AmazonDynamoDBClient(AWSMobileClient.getInstance().getCredentialsProvider());
    // Create a table reference
    dbTable = Table.loadTable(dbClient, "ShoppingLists");
    Document memo = new Document();
    memo.put("Apple", "apple");
    dbTable.putItem(memo);
};
Thread myThread = new Thread(runnable);
myThread.start();
我的build.gradle应该包含正确的依赖项,它们在这里,尽管它可能有点混乱:

    implementation fileTree(include: ['*.jar'], dir: 'libs')
    implementation 'com.android.support:appcompat-v7:27.1.1'
    implementation 'com.android.support.constraint:constraint-layout:1.1.0'
    testImplementation 'junit:junit:4.12'
    androidTestImplementation 'com.android.support.test:runner:1.0.1'
    androidTestImplementation 'com.android.support.test.espresso:espresso-core:3.0.1'
    implementation 'com.android.support:recyclerview-v7:27.1.1'
    implementation ('com.amazonaws:aws-android-sdk-mobile-client:2.6.+@aar') { transitive = true }
    implementation 'com.amazonaws:aws-android-sdk-core:2.6.18'
    implementation 'com.amazonaws:aws-android-sdk-s3:2.6.18'
    implementation 'com.amazonaws:aws-android-sdk-ddb:2.6.18'
    implementation 'com.amazonaws:aws-android-sdk-ddb-mapper:2.6.18'
    compile 'com.amazonaws:aws-android-sdk-core:2.6.18'
    compile 'com.amazonaws:aws-android-sdk-ddb:2.6.18'
    compile 'com.amazonaws:aws-android-sdk-ddb-document:2.4.4'
    // Mobile Client for initializing the SDK
    implementation ('com.amazonaws:aws-android-sdk-mobile-client:2.6.+@aar') { transitive = true }

    // Cognito UserPools for SignIn
    implementation 'com.android.support:support-v4:27.1.1'
    implementation ('com.amazonaws:aws-android-sdk-auth-userpools:2.6.+@aar') { transitive = true }

    // Sign in UI Library
    implementation 'com.android.support:appcompat-v7:27.1.1'
    implementation ('com.amazonaws:aws-android-sdk-auth-ui:2.6.+@aar') { transitive = true }
据我所知,这应该可以很好地工作,我在这里得到了另一个有用的人的帮助,使它能够连接到AWS,它在某一点上确实做到了,但我似乎无法访问该表

我想我有两个问题,有没有可能在完全没有Cognito池的情况下,让它完全不安全呢?如果没有,我该如何让它与Cognito池一起工作?cognito池应该有与之关联的用户名吗?

让我试着回答你的问题

1) 没有Cognito身份池,你能做到这一点吗?答案是肯定的。这并不自动意味着它不安全-您可以使用为IAM用户设置的AWS凭据。然而,最佳实践是使用Cognito标识池,它将为您提供短期有效的临时AWS凭证

2) 创建Cognito标识池时,会自动创建两个角色(名为auth和unauth)。“auth”角色适用于有登录用户的情况(例如,使用Facebook等社交登录登录并通过身份池与AWS联合),而“unauth”角色适用于尚未登录的用户。您可以使用IAM策略微调这些角色的访问权限,以最适合应用程序的需要

请参阅本页()了解如何使其工作的具体说明。

这一点加上另一个人,你们让我度过了美好的一天。这很有效,非常感谢!