AWS CloudFormation
User Guide (Version )

AWS::Cognito::IdentityPool

The AWS::Cognito::IdentityPool resource creates an Amazon Cognito identity pool.

Note

To avoid deleting the resource accidentally from AWS CloudFormation, use DeletionPolicy Attribute and the UpdateReplacePolicy Attribute to retain the resource on deletion or replacement.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "Type" : "AWS::Cognito::IdentityPool", "Properties" : { "AllowUnauthenticatedIdentities" : Boolean, "CognitoEvents" : Json, "CognitoIdentityProviders" : [ CognitoIdentityProvider, ... ], "CognitoStreams" : CognitoStreams, "DeveloperProviderName" : String, "IdentityPoolName" : String, "OpenIdConnectProviderARNs" : [ String, ... ], "PushSync" : PushSync, "SamlProviderARNs" : [ String, ... ], "SupportedLoginProviders" : Json } }

Properties

AllowUnauthenticatedIdentities

Specifies whether the identity pool supports unauthenticated logins.

Required: Yes

Type: Boolean

Update requires: No interruption

CognitoEvents

The events to configure.

Required: No

Type: Json

Update requires: No interruption

CognitoIdentityProviders

An array of Amazon Cognito user pools and their client IDs.

Required: No

Type: List of CognitoIdentityProvider

Update requires: No interruption

CognitoStreams

Configuration options for configuring Amazon Cognito streams.

Required: No

Type: CognitoStreams

Update requires: No interruption

DeveloperProviderName

The "domain" by which Amazon Cognito refers to your users. This name acts as a placeholder that allows your backend and the Amazon Cognito service to communicate about the developer provider. For the DeveloperProviderName, you can use letters and periods (.), underscores (_), and dashes (-).

Minimum length: 1

Maximum length: 100

Required: No

Type: String

Update requires: No interruption

IdentityPoolName

The name of your Amazon Cognito identity pool.

Minimum length: 1

Maximum length: 128

Pattern: [\w ]+

Required: No

Type: String

Update requires: No interruption

OpenIdConnectProviderARNs

A list of ARNs for the OpendID Connect provider.

Required: No

Type: List of String

Update requires: No interruption

PushSync

Configuration options to be applied to the identity pool.

Required: No

Type: PushSync

Update requires: No interruption

SamlProviderARNs

A list of Amazon Resource Names (ARNs) of Security Assertion Markup Language (SAML) providers.

Required: No

Type: List of String

Update requires: No interruption

SupportedLoginProviders

Key-value pairs that map provider names to provider app IDs.

Required: No

Type: Json

Update requires: No interruption

Return Values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the IdentityPoolId, such as us-east-2:0d01f4d7-1305-4408-b437-12345EXAMPLE.

For more information about using the Ref function, see Ref.

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

Name

The name of the Amazon Cognito identity pool, returned as a string.