Comments for Test the APIs

I see. You can check in your User Pool to see if the user is created in there. Also maybe post the full command and output here.

here is my command:

npx aws-api-gateway-cli-test --username=’myemail@mydomain.com’ --password='Passw0rd!' --user-pool-id='us-east-1_1XxXXxXXX’ --app-client-id=‘111xxxx1xxxxx1xxxxxxxxx1xx’ --cognito-region=‘us-east-1’ --identity-pool-id='us-east-1:x1xx1111-111x-1xx1-1111-xx111111111x’ --invoke-url='https://x1xxxxxxx1.execute-api.us-east-1.amazonaws.com/prod' --api-gateway-region='us-east-1' --path-template='/notes' --method='POST' --body='{"content":"hello world 2!”,”attachment":"hello.jpg"}'

here is the output:

npx: installed 105 in 2.912s
Authenticating with User Pool
User does not exist.

I’m using a Mac Book Pro

So I noticed after I posted this that some of the quotes were messed up. So I fixed them, but then I get this:

npx: installed 105 in 4.947s
Authenticating with User Pool
Getting temporary credentials
Invalid identity pool configuration. Check assigned IAM roles for this pool.

at least this is getting me closer! but now I’m sad I deleted my pool and recreated, because that might have screwed up the Role, but I think I’m using the same role.

sadly I can’t figure out what is wrong with the IAM Role, I notice that copying it over from the PDF is rather error prone, but I keep getting the same error message every time I find an error. At this point I think it is correct.

Here is what I have:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "cognito-identity:*",
                "mobileanalytics:PutEvents",
                "cognito-sync:*"
            ],
            "Resource": "*"
        },
        {
            "Effect": "Allow",
            "Action": "execute-api:Invoke",
            "Resource": "arn:aws:execute-api:us-east-1:*:x1xxxxxxx1/*/*/*"
        },
        {
            "Effect": "Allow",
            "Action": "s3:*",
            "Resource": [
                "arn:aws:s3:::notes-app-uploads/private/${cognito-identity.amazonaws.com:sub}/*"
            ]
        }
    ]
}

Interestingly, AWS tells me that One or more actions do not have an applicable resource. but I’m not sure how to resolve.

–edit, since I’m a “new user” and can’t post more than three times…

short answer, it was copy paste formatting all along! I shouldn’t have recreated my pool!

So finally got past the error… since I recreated the identity pool, the trust relationship id was wrong, fixed that and now i get a runtime error:

and i fixed it by replacing fancy double quotes in json with normal double quotes… sigh

hope these last few posts of mine help someone else!

2 Likes

I have built this 3 times now and am not able to get past this particular error. Can anyone possibly help with the unexpected token error? I have written the shell command so many ways now and I am frazzled! Thanks in advance.

1 Like

What’s the error you are seeing? Can you post the complete output and the logs?

Hi! @nateous I found out what was wrong in my case: YAML indentation/error.

If you getting this error, check the CognitoAuthRole block for identation error. In my case I’ve forgotten to enter a new line for “StringEquals: cognito-identity.amazonaws.com:aud:”

Copy the code from the chapter, deploy it and see if it works (https://serverless-stack.com/chapters/configure-cognito-identity-pool-in-serverless.html)

Hope this helps.

1 Like

Yes I had indentation issues too but finally found them!

I think using the PDF should be discouraged if you plan to copy paste from it. The warning is good but I didn’t think it would be that bad, but I’m new to yaml.

1 Like

@jayair I apologize for the delayed resoponse. I was not able to run the test in this part with the cmds for Windows. That being said I pressed on and I successfully built the app to the end of the tutorial! Everything works perfectly, auth, uploads, ssl, routes, cognito!!! This is my first full stack build and I am extatic that I was able to get it all working. Thank you very very much for all the detailed information in this walkthru. I am going to continue to the automation piece and extra credit immediately. Take care and again thanks for the great information. :nerd_face:

1 Like

That’s awesome to hear. Thanks for the kind words. If you want to share what you’ve built, let me know. We’d love to add it to this page - https://serverless-stack.com/showcase.html

Yeah copy-paste from the PDF has some serious problems.

The problem seems to be figuring out how to properly escape the double-quotes in PowerShell. The command works properly when you run regular cmd with administrator rights.

In PowerShell, I tried " and " and \", none of which got past the JSON parsing. Then I tried some placing the body content via a PowerShell variable. No dice.

So, maybe someone will figure out how to issue this command in PowerShell, but the workaround is regular cmd.

2 Likes

Hey Guys,
love this site. Could not figure out my current problem though…

When Testing the API I get the following response:

Authenticating with User Pool
Getting temporary credentials
Making API request
{ status: 500,
statusText: ‘Internal Server Error’,
data: { status: false } }

So I enabled cloudwatch and got the following hint:

message: 'One or more parameter values were invalid: Type mismatch for key userId expected: S actual: NULL',
code: 'ValidationException',
time: 2018-11-11T14:46:19.051Z,
requestId: 'CTV93IGTFPGKI0H3U8E3131UQVVV4KQNSO5AEMVJF66Q9ASUAAJG',
statusCode: 400,
retryable: false,
retryDelay: 30.078120721084577 }

Any ideas why

event.requestContext.identity.cognitoIdentityId

seems not to return a valid value?

Thanks in advance,
Patrick

ok, got the error

authorizer: aws_iam

in serverless.yml was edited during development …

1 Like

@danketrotzdem Glad you figure it out.

@AaronOverton Yeah our Windows instructions are lacking. It would help if a Windows user can contribute how to set up their command line.

Is there a working example of using “aws-api-gateway-cli-test” to test the GET note endpoint?

I had to refactor the GET endpoint to use query params as any GET call I did in the CLI using a “body” would return a 403.

1 Like

Hello, I need help in this step I get the following:

E:\Documentos Usuarios\DELGADOCJ\Desktop\Serverless\notes-app-api>npx aws-api-gateway-cli-test --username admin@example.com --password Passw0rd! --user-pool-id us-east-2_xGNazPJrI --app-client-id 1uiieiq7un5ahf2lbpdlbg7c5m --cognito-region us-east-2 --identity-pool-id us-east-2:5fa10a30-1bf7-448e-a8e7-3ebd26984511 --invoke-url https://qp6797jm09.execute-api.us-east-2.amazonaws.com/prod --api-gateway-region us-east-2 --path-template /notes --method POST --body “{“content”:“hello world”,“attachment”:“hello.jpg”}”
npx: installed 105 in 17.341s
Authenticating with User Pool
unable to verify the first certificate

This is very very strange… In the morning I got error… I try again in the afternoon and I get success:

npx: installed 105 in 21.675s
Authenticating with User Pool
Getting temporary credentials
Making API request
{ status: 200,
  statusText: 'OK',
  data:
   { userid: 'us-east-2:1069b87e-7ef7-4ec3-a9d9-ddb143e73927',
     noteid: 'ed970ce0-e9d7-11e8-8ada-9f4cf6c1c3e5',
     content: 'hello world',
     attachment: 'hello.jpg',
     createdAt: 1542397424814 } }

Yeah there isn’t one right now. But you need to pass in the query params as a JSON string params. Can you post what you were trying? I’ll try and reformat it.

1 Like

Good morning… Today November 19, here in Costa Rica it’s 9:46… in this moment I get again the error:

Authenticating with User Pool
unable to verify the first certificate