AWS CloudFormation
User Guide (API Version 2010-05-15)

AWS::Cognito::IdentityPool

The AWS::Cognito::IdentityPool resource creates an Amazon Cognito identity pool.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "Type" : "AWS::Cognito::IdentityPool", "Properties" : { "IdentityPoolName" : String, "AllowUnauthenticatedIdentities" : Boolean, "DeveloperProviderName" : String, "SupportedLoginProviders" : { String:String, ... }, "CognitoIdentityProviders" : [ CognitoIdentityProvider, ... ], "SamlProviderARNs" : [ String, ... ], "OpenIdConnectProviderARNs" : [ String, ... ], "CognitoStreams" : CognitoStreams, "PushSync" : PushSync, "CognitoEvents" : { String:String, ... } } }

YAML

Type: AWS::Cognito::IdentityPool Properties: IdentityPoolName: String AllowUnauthenticatedIdentities: Boolean DeveloperProviderName: String SupportedLoginProviders: String: String CognitoIdentityProviders: - CognitoIdentityProvider SamlProviderARNs: - String OpenIdConnectProviderARNs: - String CognitoStreams: - CognitoStreams PushSync: - PushSync CognitoEvents: String: String

Properties

For more information about each property, including constraints and valid values, see CreateIdentityPool in the Amazon Cognito Federated Identities API Reference.

IdentityPoolName

The name of your Amazon Cognito identity pool.

Required: No

Type: String

Update requires: No interruption

MinLength: 1

MaxLength: 128

AllowUnauthenticatedIdentities

Specifies whether the identity pool supports unauthenticated logins.

Required: Yes

Type: Boolean

Update requires: No interruption

DeveloperProviderName

The "domain" by which Amazon Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Amazon Cognito service to communicate about the developer provider. For the DeveloperProviderName, you can use letters and periods (.), underscores (_), and dashes (-).

Required: No

Type: String

Update requires: No interruption

MinLength: 1

MaxLength: 100

SupportedLoginProviders

Key-value pairs that map provider names to provider app IDs.

Required: No

Type: String to String map

Update requires: No interruption

CognitoIdentityProviders

An array of Amazon Cognito user pools and their client IDs.

Required: No

Type: An array of Amazon Cognito IdentityPool CognitoIdentityProvider.

Update requires: No interruption

SamlProviderARNs

A list of Amazon Resource Names (ARNs) of Security Assertion Markup Language (SAML) providers.

Required: No

Type: List of String values

Update requires: No interruption

OpenIdConnectProviderARNs

A list of ARNs for the OpendID Connect provider.

Required: No

Type: List of String values

Update requires: No interruption

CognitoStreams

Configuration options for configuring Amazon Cognito streams.

Required: No

Type: Amazon Cognito IdentityPool CognitoStreams

Update requires: No interruption

PushSync

Configuration options to be applied to the identity pool.

Required: No

Type: Amazon Cognito IdentityPool PushSync

Update requires: No interruption

CognitoEvents

The events to configure.

Required: No

Type: String to String map

Update requires: No interruption

Return Value

Ref

When the logical ID of this resource is provided to the Ref intrinsic function, Ref returns the IdentityPoolId, such as us-east-2:0d01f4d7-1305-4408-b437-12345EXAMPLE.

For more information about using the Ref function, see Ref.

Fn::GetAtt

Fn::GetAtt returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

Name

The name of the Amazon Cognito identity pool, returned as a string.

For more information about using Fn::GetAtt, see Fn::GetAtt.