Reputation: 307
AWS Cognito - User pool xxxx does not exist
var client = new AmazonCognitoIdentityProviderClient("MYKEY", "MYSECRET", RegionEndpoint.USEast1);
var request = new AdminGetUserRequest();
request.Username = "USERNAME";
request.UserPoolId = "POOLID";
var user = client.AdminGetUserAsync(request).Result; The key/secret are authenticating as a user with Administrator Access. For good measure, I've also given it the AmazonCognitoPowerUser policy.
The region endpoint is correct and the same as the one my user pool is in. The user pool Id is correct. The first part of the user pool ID matches the region.
I'm at a loss for where else this could possibly be going wrong. Any ideas?
Update 8/2/19
Manual CLI command:
PM> aws cognito-idp list-user-pools --region us-east-1 --max-results 10
{
"UserPools": []
}The region is correct, so there must be some issue with permissions. Is there anything I could try tweaking on the pool, or other policies I may need to add to the user?
Upvotes: 6
Views: 23401
Answers (5)
Reputation: 1
var client = new AmazonCognitoIdentityProviderClient("MYKEY", "MYSECRET", RegionEndpoint.USEast1);
var request = new AdminGetUserRequest();
request.Username = "USERNAME";
request.UserPoolId = "POOLID";
var user = client.AdminGetUserAsync(request).Result; Upvotes: 0
Reputation: 91
First I blew away existing amplify auth code, then did: amplify init amplify add auth I had to manually edit (against the dire warnings that it was auto-generated) aws-exports.js with my updated pool id, web-client id etc information. For some reason, the new cognito info hadn't replaced the old when I recreated it. It then worked.
Upvotes: 0
Reputation: 91
I ran into this problem with the AWS CLI and it puzzled me too, but I learned that I needed to provide the profile name in the parameter list to get it to work. So it looked like this:
aws cognito-idp admin-get-user --profile dev-account ....
My profiles are stored on my Mac at cat ~/.aws/config| grep profile
The config file is created by an in-house custom script. This is the contents of what that file looks like.
[profile dev-account]
sso_start_url = https://yourcompanyname.awsapps.com/start#/
sso_region = us-east-1
sso_account_id = 1234567890
sso_role_name = PowerUserAccess
region = us-east-1
output = json
Also, in this folder is a "credentials" file that has some JSON for these variables: profile name, aws_access_key_id, aws_secret_access_key, aws_session_token, aws_expiration
Upvotes: 1
Reputation: 460
Actually your configuration can be wrong , you downloaded awsconfiguration.json and it looks like same I know.. but this configuration can be wrong. When you examine the json you will see a field.. "CognitoUserPool": {PoolId, appclient id ..}
You need to open your user pool and create new client or control existing client information. Check your awsconfiguration.json again with this webpage's pool id, appclient id etc. Update your json... it will solve the problem.
Upvotes: 2
Reputation: 307
So, it looks like this is some sort of AWS glitch with the existing IAM user.
Having created a new user with exactly the same permissions, access works as intended both from CLI and the code in the original question.
Upvotes: 7
Related Questions
- User pool does not exist
- AWS Cognito Error: 'identityPoolId' failed to satisfy constraint
- AWS Cognito: Unable to set some properties for create-user-pool using aws cli
- Adding resource server to a AWS Cognito user pool gives error
- AmazonCognitoIdentityProviderException: User is not authorized to perform cognito-idp:DescribeUserPool on resource
- User Pools for Amazon Cognito - CredentialsError: Missing credentials in config
- AWS Credential provided by Identity Pool is invalid
- aws-cli: getting error "argument --user-pool-id is required"
- Getting an error while creating AWS Cognito user pool
- Call to AWSCognitoIdentityService.GetId for Cognito User Pools returns "Token is not from a supported provider of this identity pool."