I have provided following roles to my user though I am getting the error in the ui:
"Unexpected error: SupersetApiError: Forbidden":
Roles: [Admin, Public, Gamma]
Following are the APIs that are giving "Access is denied/Forbidden" :
/dynamic-plugins/api/read
/api/v1/dashboard/1
/api/v1/dashboard/1/charts
/api/v1/dashboard/1/datasets
Also in the below api I am getting role field as
/api/v1/me/roles/
API response:
{
firstName: "test"
isActive: false
isAnonymous: false
lastName: "test"
permissions: {}
roles: {}
username: "test"
}
Can anyone please guide me what I would be missing ?
Related
I'm beginner to blockchain development, and I have a question in the polygon documentation in order to make a deployment using hradhat, you need to pass account: process.env.PRIVATE_KEY, but how do I get the user's private key when logging in to the metamask on the site?
require('dotenv').config();
require("#nomiclabs/hardhat-ethers");
require("#nomiclabs/hardhat-etherscan");
module.exports = {
defaultNetwork: "matic",
networks: {
hardhat: {
},
matic: {
url: "https://rpc-mumbai.maticvigil.com",
accounts: [process.env.PRIVATE_KEY]
}
},
etherscan: {
apiKey: process.env.POLYGONSCAN_API_KEY
},
solidity: {
version: "0.7.0",
settings: {
optimizer: {
enabled: true,
runs: 200
}
}
},
}
In MetaMask's "Account details" there is an "export private key" option
Yes, you can get the MetaMask Private key through Google Chrome Extension.
Go to Account Details
Export Private Key
Enter your Password
Private Key Reveal to you
Make sure you do not share this with anyone this address have a all your assets stored.
I am trying to update attributes from users from a AWS Cognito userpool with AWS Amplify.
try {
const user = await Auth.currentAuthenticatedUser();
await Auth.updateUserAttributes(user, {
'nickname': 'newtestname'
});
} catch (error) {
console.log(error);
}
But I get the following error:
InvalidParameterException: user.nickname: Attribute cannot be updated.
I would expect it to be updateable because I made the attributes writable in the userpool-client section in my SAM template:
WriteAttributes:
- email
- nickname
UserPoolId: !Ref MyCognitoUserPool
This is also reflected correctly in the console:
I have no app client secret and all auth flows enabled. The security configuration is set to enabled.
Users can register, so I assume that the Amplify config in the client is alright.
What is wrong here?
I found the issue. On creation of the userpool I had to set the mutable flag within the schema definition, like so:
Schema:
- Name: email
Mutable: true
...
- Name: nickname
Mutable: true
...
https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html
I am trying to assign a custom IAM role to a user (google account) in a GCP Project via Deployment Manager but received a 403 Error code.
I have followed the sample provided in the Google Cloud Platform repo:
https://github.com/GoogleCloudPlatform/deploymentmanager-samples/tree/master/community/cloud-foundation/templates/iam_member
Basically I created a configuration YAML file with the following content:
- path: ../iam_member.py
name: iam_member.py
resources:
- name: iam-member-oval-unity-test-0
type: iam_member.py
properties:
projectId: oval-unity-88908
type: string
roles:
- role: roles/GARawDataViewer
members:
- user:<USER_EMAIL>
GARawDataViewer is a custom role created in the project oval-unity-88908 and is the value of the user email address to whom I am trying to assign the custom IAM role.
Finally, I deployed running the following command:
gcloud deployment-manager deployments create deployment-oval-unity-member-test --config examples/oval_unity_member.yaml
After running the gcloud deployment-manager I received the following error message:
- code: CONDITION_NOT_MET
location: /deployments/deployment-oval-unity-member-test/resources/get-iam-policy-iam-member-oval-unity-test-0-0-0->$.properties->$.policy
message: |-
InputMapping for field [policy] for method [setIamPolicy] could not be set from input, mapping was: [$.gcpIamMemberBinding($.intent, $.inputs.policy.response, $.resource.properties)], and evaluation context was:
{
"deployment" : {
"id" : 4858392305054927640,
"name" : "deployment-oval-unity-member-test"
},
"extensions" : {
"EnableAdditionalJsonPathFunctions" : true,
"EnableGoogleTypeProviderFunctionsExperiment" : true
},
"inputs" : {
"policy" : {
"error" : {
"code" : "403",
"message" : "{\"code\":403,\"message\":\"The caller does not have permission\",\"status\":\"PERMISSION_DENIED\",\"statusMessage\":\"Forbidden\",\"requestPath\":\"https://cloudresourcemanager.googleapis.com/v1/projects/oval-unity-88908:getIamPolicy\",\"httpMethod\":\"POST\"}"
}
}
},
"intent" : "CREATE",
"matches" : [ ],
"project" : "dm-creation-project-0",
"requestId" : "f3c7f0c4-1ff7-3e26-a060-b0adc068866d",
"resource" : {
"name" : "get-iam-policy-iam-member-oval-unity-test-0-0-0",
"previous" : { },
"properties" : {
"member" : "<USER_EMAIL_ADDRESS!>",
"resource" : "oval-unity-88908",
"role" : "roles/GARawDataViewer"
},
"self" : { }
}
}
Error was:
Parameter for gcpIamMemberBinding at position 1 is not of type map, value was [null]
The interesting thing is that I have been able to deploy successfully assigning a predefined role like 'editor': roles/editor, but it is failing using a custom role.
I have even tried using the full path to the custom role: projects/oval-unity-88908/roles/GARawDataViewer
but still showing the same error.
Do you have any idea how could I solve this issue?
Thanks in advance!
The issue might be, that you did not gave the service account which is used by the deployment manager the proper rights to handle IAM things. As described here you can possibly fix this issue by completing the following steps:
Go to the IAM page in the GCP Console of your project.
If prompted, select your project from the list.
Look for the Google APIs service account, which has the email address in the following format: [PROJECT_NUMBER]#cloudservices.gserviceaccount.com.
Grant the APIs service account the roles/owner roles
Let me know if you need further help!
I've been pulling out my hair trying to set Appsync and Cognito in my React Native app.
I've tried the two following ways:
Amplify.configure(config);
OR
Amplify.configure({
Auth: {
region: config.aws_cognito_region, // REQUIRED - Amazon Cognito Region
userPoolId: config.aws_user_pools_id, // OPTIONAL - Amazon Cognito User Pool ID
userPoolWebClientId: config.aws_user_pools_web_client_id, // User Pool App Client ID
},
});
AND
const client = new AWSAppSyncClient({
url: appSyncConfig.graphqlEndpoint,
region: appSyncConfig.region,
auth: {
type: appSyncConfig.authType,
jwtToken: async () => (await Auth.currentSession()).getIdToken().getJwtToken(),
},
});
OR
const client = new AWSAppSyncClient({
url: appSyncConfig.graphqlEndpoint,
region: appSyncConfig.region,
auth: {
type: appSyncConfig.authType,
apiKey: appSyncConfig.apiKey,
},
});
I've also followed these two tutorials Tackling user auth, Building a notes app.
In both cases, I get the following error in GraphQL with no description:
Error: Network error: Response not successful: Received status code
This is while in Authorization Type is Amazon Cognito User Pool. I've also tried AWS Identity and Access Management (IAM), but that gives me a 403 error. Can someone point me in a direction where I can debug this further?
It might be caused a typo in the docs / article you've read. Trying replacing :
auth: {
type: appSyncConfig.authType,
apiKey: appSyncConfig.apiKey
}
with :
auth: {
type: appSyncConfig.authenticationType,
apiKey: appSyncConfig.apiKey
}
I have the following code and its working for me:
import Amplify, { Auth } from 'aws-amplify';
import API, { graphqlOperation } from '#aws-amplify/api'
window.LOG_LEVEL = 'DEBUG';
Amplify.configure({
Auth: {
"identityPoolId":'ap-southeast-1:xxxxxx',
"mandatorySignIn": false,
"region": "ap-southeast-1",
"userPoolId": "ap-southeast-1_xxxx",
"userPoolWebClientId": "xxxxxxx"
},
API:{
"aws_appsync_graphqlEndpoint": 'https://xxxx.ap-southeast-1.amazonaws.com/graphql',
"aws_appsync_region": 'ap-southwest-1',
"aws_appsync_authenticationType": 'AMAZON_COGNITO_USER_POOLS',
"aws_appsync_apiKey": 'null',
}
});
I enabled access to unauthenticated identities to do some quick testing before integrating authentication. My configuration code is the following,
Amplify.configure({
Auth: {
identityPoolId: 'us-east-1:example',
region: 'us-east-1',
userPoolId: 'us-east-1_example',
userPoolWebClientId: 'us-east-1_example'
},
API: {
endpoints: [
{
name: "example-name",
endpoint: "https://example.execute-api.us-east-1.amazonaws.com/prod/example-path"
},
]
}
});
and my GET request code is the following,
example() {
const apiName = 'example-name';
const path = '/example-path';
API.get(apiName, path).then(response => {
console.log(response)
}).catch(error => {
console.log(error)
})
}
I followed everything on GitHub and my API gateway and Lambda functions are working correctly when I run a "test" and through postman. But on react-native it's giving me a 403 status code without any detailed explanation. Does this have to do with accessing using unauthenticated identity? Also, I used "example" in my code to hide my personal information, I typed in everything correctly since I'm not getting any syntax error (identity pool recognizes access every time I run it, but cloudWatch doesn't show any log of gateway access)
The Endpoint in Amplify.configure is the InvokeURL from API Gateway, you just need to include the stage (/prod in this case) and not the other routes. The other routes are just the path parameters for API.() calls.