// public void UpdateIdentityPool(string poolId, string poolName, Dictionary<string, string> providers)
// {
// var updateRequest = new UpdateIdentityPoolRequest
// {
// IdentityPoolName = poolName,
// IdentityPoolId = poolId,
// AllowUnauthenticatedIdentities = true,
// };
// if (providers != null && providers.Count > 0)
// updateRequest.SupportedLoginProviders = providers;
// Client.UpdateIdentityPool(updateRequest);
// }
public string PrepareRole()
{
// Assume role policy which accepts OAuth tokens from Google, Facebook or Cognito, and allows AssumeRoleWithWebIdentity action.
string assumeRolePolicy = @"{
""Version"":""2012-10-17"",
""Statement"":[
{
""Effect"":""Allow"",
""Principal"":{
""Federated"":[""accounts.google.com"",""graph.facebook.com"", ""cognito-identity.amazonaws.com""]
},
""Action"":[""sts:AssumeRoleWithWebIdentity""]
}
]
}";
// Role policy that allows all operations for a number of services
var allowPolicy = @"{
""Version"" : ""2012-10-17"",
""Statement"" : [
{
""Effect"" : ""Allow"",
""Action"" : [
""ec2:*"",
""iam:*"",
""cloudwatch:*"",
""cognito-identity:*"",
""cognito-sync:*"",
""s3:*""
],
""Resource"" : ""*""
}
]
}";
string roleArn = null;
using (var identityClient = new Amazon.IdentityManagement.AmazonIdentityManagementServiceClient(TestRunner.Credentials))
{
AutoResetEvent ars = new AutoResetEvent(false);
Exception responseException = new Exception();
string roleName = "UnityWebIdentityRole" + DateTime.Now.Ticks;
identityClient.CreateRoleAsync(new Amazon.IdentityManagement.Model.CreateRoleRequest
{
AssumeRolePolicyDocument = assumeRolePolicy,
RoleName = roleName
}, (response) =>
{
responseException = response.Exception;
if (responseException == null)
{
roleArn = response.Response.Role.Arn;
}
ars.Set();
}, new AsyncOptions {
ExecuteCallbackOnMainThread = false
});
ars.WaitOne();
Utils.AssertExceptionIsNull(responseException);
Thread.Sleep(2000);
identityClient.PutRolePolicyAsync(new Amazon.IdentityManagement.Model.PutRolePolicyRequest
{
PolicyDocument = allowPolicy,
PolicyName = policyName,
RoleName = roleName
}, (response) =>
{
responseException = response.Exception;
ars.Set();
}, new AsyncOptions {
ExecuteCallbackOnMainThread = false
});
ars.WaitOne();
Utils.AssertExceptionIsNull(responseException);
Thread.Sleep(2000);
roleNames.Add(roleName);
}
return(roleArn);
}
public string PrepareRole()
{
// Assume role policy which accepts OAuth tokens from Google, Facebook or Cognito, and allows AssumeRoleWithWebIdentity action.
string assumeRolePolicy = @"{
""Version"":""2012-10-17"",
""Statement"":[
{
""Effect"":""Allow"",
""Principal"":{
""Federated"":[""accounts.google.com"",""graph.facebook.com"", ""cognito-identity.amazonaws.com""]
},
""Action"":[""sts:AssumeRoleWithWebIdentity""]
}
]
}";
// Role policy that allows all operations for a number of services
var allowPolicy = @"{
""Version"" : ""2012-10-17"",
""Statement"" : [
{
""Effect"" : ""Allow"",
""Action"" : [
""ec2:*"",
""iam:*"",
""cloudwatch:*"",
""cognito-identity:*"",
""cognito-sync:*"",
""s3:*""
],
""Resource"" : ""*""
}
]
}";
string roleArn;
using (var identityClient = new Amazon.IdentityManagement.AmazonIdentityManagementServiceClient(TestRunner.Credentials))
{
string roleName = "NetWebIdentityRole" + new Random().Next();
var response = identityClient.CreateRoleAsync(new Amazon.IdentityManagement.Model.CreateRoleRequest
{
AssumeRolePolicyDocument = assumeRolePolicy,
RoleName = roleName
}).Result;
UtilityMethods.Sleep(TimeSpan.FromMilliseconds(2000));
identityClient.PutRolePolicyAsync(new Amazon.IdentityManagement.Model.PutRolePolicyRequest
{
PolicyDocument = allowPolicy,
PolicyName = policyName,
RoleName = response.Role.RoleName
}).Wait();
UtilityMethods.Sleep(TimeSpan.FromMilliseconds(2000));
roleArn = response.Role.Arn;
roleNames.Add(roleName);
}
return(roleArn);
}