Search code examples
iosamazon-web-servicesamazon-cognitoamazon-mobile-analytics

Configuring Amazon Mobile Analytics and AWS Cognito in my iOS app raise some exception linked with IAM

Here is the error I get:

AWSiOSSDKv2 [Error] AWSMobileAnalyticsDefaultDeliveryClient.m line:282 
| -[AWSMobileAnalyticsDefaultDeliveryClient submitEvents:andUpdatePolicies:] 
| Unable to successfully deliver events to server. Response code: 0. 
Error Message:
Error Domain=com.amazonaws.AWSCognitoIdentityErrorDomain Code=6 
The operation couldn’t be completed.

I have AuthRole in IAM with the following policy:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "mobileanalytics:PutEvents",
        "cognito-sync:*"
      ],
      "Resource": [
        "*"
      ]
    }
  ]
}

And one Unauth role:

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "mobileanalytics:PutEvents",
        "cognito-sync:*"
      ],
      "Resource": [
        "*"
      ]
    }
  ]
}

The string mention in IAM under cognito-identity.amazonaws.com:aud the conditions matches what is declared in my app.

I don't get where the problem is.

EDIT

The setup code (Swift).

private func _configureAWSServiceManager() {
    let credentialsProvider = AWSCognitoCredentialsProvider(
        regionType: Config().amazonRegionType,
        identityPoolId: Config().amazonCognitoIdentityPool)
    let configuration =
    AWSServiceConfiguration(region: Config().amazonRegionType,
        credentialsProvider: credentialsProvider)
    AWSServiceManager.defaultServiceManager().defaultServiceConfiguration =
    configuration
}

private func _configureMobileAnalytics() {
    let mobileAnalyticsConfiguration = AWSMobileAnalyticsConfiguration()
    mobileAnalyticsConfiguration.transmitOnWAN = true;

    let analytics = AWSMobileAnalytics(
        forAppId: Config().amazonMobileAnalyticsAppId,
        configuration: mobileAnalyticsConfiguration,
        completionBlock: nil)
    _analytics = analytics
}

Both are called successively in the AppDelegate in the application(application: UIApplication, didFinishLaunchingWithOptions launchOptions: [NSObject: AnyObject]?) function.

EDIT / Solution: after another check it happens that a step of the creation of Cognito Identity Pool did create a role but this role was not assigned in unauthenticated role... Stupid thing, as always with the right management on AWS.

Solution

  • The problem is related to CognitoIdentity, not MobileAnalytics. According to the doc, AWSCognitoIdentityErrorDomain Code=6 means InvalidIdentityPoolConfiguration.

    "identity pool has no role associated for the given auth type (auth/unauth) or if the AssumeRole fails."

    My Suggestion would be login to AWS Web Console -> Cognito, double check the settings of your Identity Pool. and Make sure the RegionType matched the one you created in the web console (upper right of the screen): CognitoIdentity current support us-east-1 and eu-west-1.

    For MobileAnalytics, make sure you set configuration.serviceConfiguration.regionType to us-east-1 only.

    http://docs.aws.amazon.com/AWSiOSSDK/latest/Constants/AWSCognitoIdentityErrorType.html