Quick and dirty typescript/javascript example illustrating auth with a cognito user pool, getting an identity pool token, and then exchanging for credentials that can be used to make API calls. In this case an attempt to read the contents of an S3 bucket.
- Cognito identity and user pools have been created in your aws account
- the user pool contains a valid, confirmed user that doesn't need a password reset
- the identity pool has been setup to grant your test user read access to the test bucket either via a. an Authenticated User role b. a rule c. a rolename in the cognito session token
- the IAM role the identity pool assigns have trust relationships to the identity pool
- your test bucket exists, and is not public (or our attempt to read from it will succed regardless)
This example won't run as-is you'll need to define the required objects in your AWS account and change the variable values in index.ts appropriately.