Here sub refers to the IdentityID from credentialsProvider, so ${cognito-identity.amazonaws.com:sub} doesn't refer to the sub in the JWT token.
Here I created a folder in the S3 bucket with the name same as task.result! and used that in my code below,
(AWSServiceManager.default().defaultServiceConfiguration.credentialsProvider
as! AWSCognitoCredentialsProvider).getIdentityId()
.continue({task -> Any? in
print("Credentials ID is \(task.result!)")
return nil
})
Are you interested to learn AWS, then checkout: AWS Certification