-
Notifications
You must be signed in to change notification settings - Fork 314
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Can't list tasks - 400 (Bad Request) #46
Comments
Facing same issue ... CognitoIdentityCredentials is not authorized to perform: dynamodb:Query on resource |
If you were getting issue like this
It could be a permission issue. Edit inline JSON
Please note , resource should be your dynamo ARN and notice * at the end. |
You're right. The bug is that when you create the DynamoDB table, the table is added to the policy but the index is not. I think the bug is in the awsmobile cli. It seems to create the user ok and it's index, but adding a table and index via cli only adds the table to the policy
|
The issue is the instructions to set up the table are missing the step to add the DateSorted column. There are instructions to add the index to DateSorted, but not to add the column |
I think DateSorted is index name and you don't need to create a column named "DateSorted" ... Main issue was cognito user did not have permission to access the index as it was not added in the policy. If you add * at the end of tasks arn , any resource related to tasks table will be included. I was able to run the demo adding * at the end of arn. |
You're right, you don't need to add the column. You are partially correct about the index. Adding * does work but you have now enabled access to everything under that table. If you follow the instructions regarding adding the index you end up with
|
@LXensen that's the perfect solution. Adding index explicitly rather using *. Thank you ! |
@LXensen @just4give I am new to Ionic and AWS and trying to setup this starter project. Could you explain in a little more detail how I can edit the inline JSON to fix this issue? |
@emmafass if you login to your aws console , you can search for IAM. Once you are there, on left hand pane, you should see a menu "Roles" . Click on that. Then you should see all the roles. The one you need to look for should have a name with auth_MOBILEHUB /unauth_MOBILEHUB ( if you created mobile hub project ) . You need to click on that role. It will show all the permissions for that role. You should look for permission name nosqldatabase_MOBILEHUB . If you expand that ( click on the triangle icon) you should see a button "Edit JSON" . That's the JSON you need to edit. Please let me know if this helps. |
Find the Role in IAM that was created by the CLI ( it will be something like YOUR_PROJECT_NAME_auth_MOBILEHUB_XXXXXXXXX - where x is some obscure number). Click on that role. In the Permissions tab, find the Policy name for nosqldatabase that matches the Role name ( YOUR_PROJECT_NAME_nosqldatabase_MOBILEHUB_XXXXXXXXX ). Click the arrow on the left to expand the policy and the index as I pointed out in the previous comment |
Thanks so much! That worked :) For some reason |
@emmafass I had exact same issue and I created the index on the console too. |
I think we all had the same issue. I think that's where the bug is. You can also use the awsmobile CLI to edit the configuration after it fails. I did it that way and it updated the JSON policy properly. Now if one of you cold help me out with my other problem that'd be great ;-)) |
@LXensen what is your other issue? |
I can't access a DynamoDB table that I created outside the CLI. I've used the previous version of this Starter. In that Starter, if I created a DynamoDB table within DynamoDB console, copied the ARN and added it to the Policy created by the Starter ( just like we are discussing here ) I was able to access it via the application. But now I'm getting a permissions issue. I even raised a second ticket: |
The aws.dynamodb.ts is different in the previous version also. Credentials were not required when creating the DocumentClient. I tried this approach in the new version but I get a 'Error: Missing credentials in config' error
|
Aaaaand I figured it out: I was using the scan function incorrectly. Here is my solution:
I copied the example from the Task file and modified it
I have a requirement for encrypted tables. Since the CLI does not allow you to create an encrypted table, you would have to do that through the DynamoDB console |
For everyone having this problem, just create the table with the cli but don't add the index, run Your app will work without problem. As others have pointed out, it seems to be a bug with the awsmobile cli. |
I am able to add new tasks ( I can see new tasks in DynamoDB console ) but I am getting a 400 error in the console when I go to the tasks page. And none are displayed.
polyfills.js:3 POST https://dynamodb.us-east-1.amazonaws.com/ 400 (Bad Request)
The text was updated successfully, but these errors were encountered: