NotAuthorizedException occurred when calling the SetIdentityPoolRoles

[luandro]

Everything else seems to have worked correctly but I'm getting this error which I can't figure out. Seems to be a duplicate of #4, but he doesn't really explain how he solved it.

A client error (NotAuthorizedException) occurred when calling the SetIdentityPoolRoles operation: Access to Role 'arn:aws:iam::****-****-****:role/Cognito_LambdAuthUnauth_Role' is forbidden. 

And I believe because of it I get many errors when creating the Lambda calls

A client error (ValidationException) occurred when calling the CreateFunction operation: 1 validation error detected: Value 'arn:aws:iam::****-****-****:role/LambdAuthChangePassword' at 'role' failed to satisfy constraint: Member must satisfy regular expression pattern: arn:aws:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+

A client error (ValidationException) occurred when calling the CreateFunction operation: 1 validation error detected: Value 'arn:aws:iam::****-****-****:role/LambdAuthCreateUser' at 'role' failed to satisfy constraint: Member must satisfy regular expression pattern: arn:aws:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+

Is there something I need to setup in IAM roles?

[russellday]

I think you might be supplying the wrong value in your config file for AWS Account ID? Is ***** all numeric?

[luandro]

I'm sure that value is right. All numeric.

[luandro]

This is what the guy from #4 said he did to fix it. But I can't really make sense of it.

I noticed that the IAM roles associated with my Cognito identiy pool didn't look right so I updated the role associations to what I believe it's supposed to be be and it started working! :)

[svnm]

For me I was passing in my user access key instead of the AWS_ACCOUNT_ID which is all numeric as mentioned above. Passing in the numeric account id fixed it.