You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
While running in production we ran into the following problem during initialization:
{APP} 2023-07-17 14:39:39,187 ERROR [main] c.z.n.a.c.CognitoNaiveAccessPolicyProvider Error adding principal 'grp:e8f9d592-31f9-19fb-d58d-82fe85ebbb22' to group 'identifier[e44031ed-5758-4582-9e0f-1c115da24b0a], resource[/controller], users[[ef5a965d-7bd2-ef33-21de-c444c40e462a]], groups[[e8f9d592-31f9-19fb-d58d-82fe85ebbb22, 1ce4d21a-5c20-4c1b-bc7d-f52ff5dbd792]], action[read]'
software.amazon.awssdk.services.cognitoidentityprovider.model.LimitExceededException: The limit for addUserToGroup is: 100. (Service: CognitoIdentityProvider, Status Code: 400, Request ID: 80f36c77-ac51-439d-b8ef-00204e7ad315)
The issue is that a Cognito User/Principal can belong to at-most 100 groups. This is a hard quota that can't be modified according to AWS documentation. See Quotas on resource number and sizehere.
This limit seems large enough, but because a NiFi AccessPolicy is encoded as a Cognito Group we can reach that limit quickly once the number of clusters goes above ~10.
The text was updated successfully, but these errors were encountered:
While running in production we ran into the following problem during initialization:
The issue is that a Cognito User/Principal can belong to at-most 100 groups. This is a hard quota that can't be modified according to AWS documentation. See Quotas on resource number and size here.
This limit seems large enough, but because a NiFi AccessPolicy is encoded as a Cognito Group we can reach that limit quickly once the number of clusters goes above ~10.
The text was updated successfully, but these errors were encountered: