AWS CloudFormation
User Guide (Version )

AWS::Cognito::IdentityPoolRoleAttachment

The AWS::Cognito::IdentityPoolRoleAttachment resource manages the role configuration for an Amazon Cognito identity pool.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "Type" : "AWS::Cognito::IdentityPoolRoleAttachment", "Properties" : { "IdentityPoolId" : String, "RoleMappings" : Json, "Roles" : Json } }

YAML

Type: AWS::Cognito::IdentityPoolRoleAttachment Properties: IdentityPoolId: String RoleMappings: Json Roles: Json

Properties

IdentityPoolId

An identity pool ID in the format REGION:GUID.

Required: Yes

Type: String

Update requires: Replacement

RoleMappings

How users for a specific identity provider are mapped to roles. This is a string to RoleMapping object map. The string identifies the identity provider, for example, "graph.facebook.com" or "cognito-idp-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id"

Required: No

Type: Json

Update requires: No interruption

Roles

The map of roles associated with this pool. For a given role, the key will be either "authenticated" or "unauthenticated" and the value will be the Role ARN.

Required: No

Type: Json

Update requires: No interruption

Return Values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns a generated ID, such as IdentityPoolRoleAttachment-EXAMPLEwnOR3n.

For more information about using the Ref function, see Ref.