CognitoIdentityClient - 404 IAM /安全凭证未发现(Cognito

我想注册一个AWS Cognito身份使用getOpenIdTokenForDeveloperIdentity 。

下面是我的代码写在笨框架：

Awscognitoauth.php

<?php
// <MYPROJECT>/application/controllers/Awscognitoauth.php

defined('BASEPATH') or exit('No direct script access allowed');

class Awscognitoauth extends CI_Controller {

    function getOpenId($userId) {
        $this->load->library('awsauth');
        return $this->awsauth->identity($userId);
    }

}

Awsauth.php

<?php
// <MY PROJECT>/application/libraries/Awsauth.php

defined('BASEPATH') or exit('No direct script access allowed');

require_once APPPATH . "third_party/aws/aws-autoloader.php";

use Aws\CognitoIdentity\CognitoIdentityClient;
use Aws\Sts\StsClient;

class Awsauth {

    public function identity($userId) {
        $region = '<my region>';
        $key = '<my key>';
        $secret = '<my secret>';
        $version = 'latest';

        $client = CognitoIdentityClient::factory(array('region' => $region, 'key' => $key, 'secret' => $secret, 'version' => $version));

        $poolId = '<my pool Id>'; // formatted: "<region>:<UUID>"
        $domain = '<my reversed company domain>'; // com.<company...>...

        return $client->GetOpenIdTokenForDeveloperIdentity(array('IdentityPoolId' => $poolId, 'Logins' => array($domain => $userId))); // https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/API_GetOpenIdTokenForDeveloperIdentity.html
    }

}

在Safari中，我所说的控制器Awscognitoauth并得到以下错误：

我双重检查我的用户的角色在这里：

这是AdministratorAccess
访问键不匹配在我的代码的关键

这是什么原因404 Not Found响应？我以为我的用户有AdministratorAccess ，我可以访问任何资源。难道我错过了什么？

拍哦！

我刚刚发现的$key和$secret必须被包裹在credentials 。

所以，最终的代码Awsauth.php是：

<?php
// <MY PROJECT>/iot.kooltechs.com/application/libraries

defined('BASEPATH') or exit('No direct script access allowed');

require_once APPPATH . "third_party/aws/aws-autoloader.php";

use Aws\CognitoIdentity\CognitoIdentityClient;
use Aws\Sts\StsClient;

class Awsauth {

    public function identity($userId) {
        $region = '<my region>';
        $key = '<my key>';
        $secret = '<my secret>';
        $version = 'latest';

        $config = [
            'version' => $version,
            'region' => $region,
            'credentials' => [
                'key' => $key,
                'secret' => $secret
            ]
        ];

        $client = CognitoIdentityClient::factory($config);

        $poolId = '<my pool Id>'; // formatted: "<region>:<UUID>"
        $domain = '<my reversed company domain>'; // com.<company...>...

        return $client->GetOpenIdTokenForDeveloperIdentity(array('IdentityPoolId' => $poolId, 'Logins' => array($domain => $userId)));
    }

}

问候，