AWS::Cognito::IdentityPoolRoleAttachment

The AWS::Cognito::IdentityPoolRoleAttachment resource manages the role configuration for an Amazon Cognito identity pool.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON


{
  "Type" : "AWS::Cognito::IdentityPoolRoleAttachment",
  "Properties" : {
    "IdentityPoolId" : String,
    "RoleMappings" : String to RoleMapping object map,
    "Roles" : { String:String, ... }
  }
}

YAML


Type: AWS::Cognito::IdentityPoolRoleAttachment
Properties:
  IdentityPoolId: String
  RoleMappings: 
    String to RoleMapping object map
  Roles: 
    String:String

Properties

IdentityPoolId

An identity pool ID in the format REGION:GUID.

Required: Yes

Type: String

Update requires: Replacement

RoleMappings

How users for a specific identity provider are to mapped to roles. This is a string to RoleMapping object map. The string identifies the identity provider, for example, "graph.facebook.com" or "cognito-idp-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id"

Required: No

Type: String to Amazon Cognito IdentityPoolRoleAttachment RoleMapping object map.

Update requires: No interruption

Roles

The map of roles associated with this pool. For a given role, the key will be either "authenticated" or "unauthenticated" and the value will be the Role ARN.

Required: No

Type: String to string map

Update requires: No interruption

Return Value

Ref

When the logical ID of this resource is provided to the Ref intrinsic function, Ref returns a generated ID, such as IdentityPoolRoleAttachment-EXAMPLEwnOR3n.

For more information about using the Ref function, see Ref.

Warning Javascript is disabled or is unavailable in your browser.

To use the AWS Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

« Previous Next »