Fatal编程技术网

Aws lambda SAM让我接触Cognito

aws-lambda amazon-cloudformation

Aws lambda SAM让我接触Cognito,aws-lambda,amazon-cloudformation,amazon-cognito,aws-serverless,serverless-application-model,Aws Lambda,Amazon Cloudformation,Amazon Cognito,Aws Serverless,Serverless Application Model,我希望能够在Python环境中从Lambda函数通过boto3调用cognito函数。提供这种访问的最佳方式是什么?我已经完成了以下yaml,但不确定这是最佳实践还是我正在延长模板 AWSTemplateFormatVersion: '2010-09-09' Transform: AWS::Serverless-2016-10-31 Description: > sam-app Sample SAM Template for sam-app Resources: Hello

我希望能够在Python环境中从Lambda函数通过boto3调用cognito函数。提供这种访问的最佳方式是什么?我已经完成了以下yaml,但不确定这是最佳实践还是我正在延长模板

AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: >
  sam-app

  Sample SAM Template for sam-app

Resources:
  HelloWorldFunction:
    Type: AWS::Serverless::Function # More info about Function Resource: https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#awsserverlessfunction
    Properties:
      CodeUri: hello_world/
      Handler: app.lambda_handler
      Runtime: python3.7
      Policies:
       - AWSLambdaExecute # Managed Policy
       - Version: '2012-10-17' # Policy Document
         Statement:
           - Effect: Allow
             Action:
               - cognito-idp:ListUsers
             Resource: 'arn:aws:cognito-idp:us-east-2:****:*****'

      Events:
        HelloWorld:
          Type: Api # More info about API Event Source: https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#api
          Properties:
            Path: /hello
            Method: get

Outputs:
  # ServerlessRestApi is an implicit API created out of Events key under Serverless::Function
  # Find out more about other implicit resources you can reference within SAM
  # https://github.com/awslabs/serverless-application-model/blob/master/docs/internals/generated_resources.rst#api
  HelloWorldApi:
    Description: "API Gateway endpoint URL for Prod stage for Hello World function"
    Value: !Sub "https://${ServerlessRestApi}.execute-api.${AWS::Region}.amazonaws.com/Prod/hello/"
  HelloWorldFunction:
    Description: "Hello World Lambda Function ARN"
    Value: !GetAtt HelloWorldFunction.Arn
  HelloWorldFunctionIamRole:
    Description: "Implicit IAM Role created for Hello World function"
    Value: !GetAtt HelloWorldFunctionRole.Arn
我说的是“政策”,我的模板符合标准吗?还是有捷径可以走