aws-lex-web-ui
aws-lex-web-ui copied to clipboard
aws-samples
v2 updating with new APIs getting below error
{"Message":"User: arn:aws:sts::XXXXXXXX:assumed-role/Cognito_XXXXXChatbotPoolUnauth_Role/CognitoIdentityCredentials is not authorized to perform: lex:RecognizeText on resource: arn:aws:lex:us-east-1:XXXXXXXXX:bot-alias/XXXXXXXXX/TSTALIASID"}
Looks like it is a permission error but can't understand why it's arrived.
Have not had a chance to spin this up on v2 yet. It's quite possible the roles created by LexWebUi need to be updated to allow communication to a v2 Lex bot. A test will be to manually edit the Unauth role setup by LexWebUi and add a new policy for the "lex:RecognizeText" action shown in your message above against your resource. I've not seen this action before and its not document yet in the lex Actions at https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonlex.html#amazonlex-actions-as-permissions. Hopefully updates coming soon.
Am I right in thinking that aws-lex-web-ui is not capable (yet) of handling v2 bots? I tested it and it seems that there are some endpoint differences, e.g. v2 bots call runtime-v2-lex.eu-west-1.amazonaws.com, as well as the different mechanism for identifying a bot and a version.
@mackina-tew @imbhavin95 Yes, V2 APIs are substantially different. I've just about finished rewiring the templates and implemented logic to wrap the existing implementation to work over the LexRuntimeV2. The API is different between V1 and V2. This work is not quite ready for a push to the repo but if you are willing I'll setup a temporary link that you can test a deploy from in us-east-1 and eu-west-1. There will be a new section in the template where V2 information can be supplied for BotID, BotAliasId, and the LocaleId to use. Over the next couple of days will have to consider how best to adapt to multiple LocaleIds. The initial implementation might support just one default LocaleId until we can define how best to configure multiple locales and implement some sort of selector in the UI. Do you have any thoughts on how many LocaleIds you might need to support?
@bobpskier I'd be happy to test the code out, and it will be useful as I'd like to move some of our bots to V2. Our deployment approach is fairly basic though: download repo, compile and distribute the JS/supporting files to an EC2 with cloudfront.
Our infra is in eu-west-1 and we currently run/plan on running a single locale (EN-GB)
I recently tried it and i couldn't able to deploy it successfully because of the bot version I think. So, I am waiting for the update. If you give temp url to run it, it would be helpful to move forward.
Thanks
On Wed, Feb 24, 2021 at 12:50 PM mackina-tew [email protected] wrote:
@bobpskier https://github.com/bobpskier I'd be happy to test the code out, and it will be useful as I'd like to move some of our bots to V2. Our deployment approach is fairly basic though: download repo, compile and distribute the JS/supporting files to an EC2 with cloudfront.
Our infra is in eu-west-1 and we currently run/plan on running a single locale (EN-GB)
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/aws-samples/aws-lex-web-ui/issues/263#issuecomment-784853144, or unsubscribe https://github.com/notifications/unsubscribe-auth/AEVJZJKXWV575HKDRKCRWHLTASSEVANCNFSM4WTDRDDA .
-- Vetrivel P The Commerce Shop http://www.thecommerceshop.com/ Project Manager (P) +91 9840862324 *Email: *[email protected] [email protected] *Skype: *vetrivel.innoppl
7000 Central Pkwy, Ste 220 Atlanta, GA 30328
Disclaimer: The information transmitted, including attachments, is intended only for the person(s) or entity to which it is addressed and may contain confidential and/or privileged material. Any review, re-transmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and destroy any copies of this information.
@mackina-tew @vetrivel-innoppl I've setup a pair of temporary locations in S3 where you can launch a CloudFormation Create Stack.
https://s3.amazonaws.com/lex-web-ui-v2-temporary-test-us-east-1/artifacts/templates/master.yaml https://s3.amazonaws.com/lex-web-ui-v2-temporary-test-eu-west-1/artifacts/templates/master.yaml
These should only be used for testing and feedback of the new functionality. Note the pipeline based templates have not yet been updated.
When you create a stack form this location you must change the BootstrapBucket parameter to be the name of the bucket you are installing from. This will be either
lex-web-ui-v2-temporary-test-us-east-1
or
lex-web-ui-v2-temporary-test-eu-west-1
Also the BootstrapPrefix must be set to
artifacts
You'll notice that there is a new section for three Lex V2 parameters. You'll need to fill in the LexV2BotId, LexV2BotAliasId, and specify the correct LexV2BotLocaleId if the default is not correct.
Leave the Lex V1 parameters as they are. You can change the other parameters as needed.
Click through to perform the install.
Please let us know if the install is successful and if the test UI can interact with your Lex V2 Bots. If you run into any difficulties or have issues with how the UI performs, please give us this feedback. When your tests are complete it is best to delete these stacks and clean up any resources as needed.
Thanks for trying this out.
@bobpskier Thanks Bob - due to workload I won't be able to pick this up for a few weeks, but will take a look when I can
@bobpskier I was wondering if this issue with V2 have been fully implemented. We do want to use V2 for a new bot and have been unable to successfully use the web ui due to authentication error. Any updates on this issue and how to proceed will be appreciated @bobpskier. Thanks
@rexosariemen The current lex-web-ui will support both V2 and V1 based on the initial template parameter settings. If the V1 info is supplied, the lex-web-ui will be configured to use V1. If only V2 is supplied, it will be configured for V2.
One item to note is that its not possible to switch the lex-web-ui back and forth between V1 and V2 by by performing a CloudFormation stack update changing the parameters. The original IAM role set for the Unauthenticated and Authenticated roles in the Cognito identity pool will remain in effect. At this point the original role will point to either V1 or V2 but not both. The UI runtime in the browser will switch between the two however the roles used will not reflect the correct permissions. This might be the auth error you are referring to. If not let me know more about the authentication issue.
Thank you for your response @bobpskier. I was able to modify the policy to include the lex:recognizeText to the Unauth cognito id. This solved my problem. The challenge left is the lex:RecognizeUtterance. I see Lex:RecognizeSpeech for the v1 within the write permissions, but not utterance. Any suggestion on how to add lex:RecognizeUtterance permission for the V2. That's the error I'm getting now.
I'll appreciate your direction on this issue if the V2 has a voice integration or direction on how to remove the mic if otherwise.
Thank you
Also, when working with more than one LexV2, using QnAbot, eligibility and a router bot, I am able to test the bot alias successfully without any hitches within the aws console. But I get the Sorry, I was unable to process your message. Try again later. message with the lex-ui. Is there any configuration that needs to make this work in the ui like it does with the Alias test within the aws console.
I am seeing the same. I can use the QnA tester to route from one bot to another, and continue the conversation in the second bot. With lex-ui it does not transfer from bot to bot.
Also getting the same message when trying to switch from one LocaleId to another. Are there extra configurations needed?
