Menu
AWS CloudFormation
User Guide (API Version 2010-05-15)

AWS::Cognito::IdentityPoolRoleAttachment

The AWS::Cognito::IdentityPoolRoleAttachment resource manages the role configuration for an Amazon Cognito identity pool.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

Copy
{ "Type" : "AWS::Cognito::IdentityPoolRoleAttachment", "Properties" : { "IdentityPoolId" : String, "RoleMappings" : String to RoleMapping object map, "Roles" : { String:String, ... } } }

YAML

Copy
Type: "AWS::Cognito::IdentityPoolRoleAttachment" Properties: IdentityPoolId: String RoleMappings: String to RoleMapping object map Roles: - String:String

Properties

IdentityPoolId

An identity pool ID in the format REGION:GUID.

Required: Yes

Type: String

Update requires: Replacement

RoleMappings

How users for a specific identity provider are to mapped to roles. This is a string to RoleMapping object map. The string identifies the identity provider, for example, "graph.facebook.com" or "cognito-idp-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id"

Required: No

Type: String to Amazon Cognito IdentityPoolRoleAttachment RoleMapping object map.

Update requires: No interruption

Roles

The map of roles associated with this pool. For a given role, the key will be either "authenticated" or "unauthenticated" and the value will be the Role ARN.

Required: No

Type: String to string map

Update requires: No interruption

Return Value

Ref

When the logical ID of this resource is provided to the Ref intrinsic function, Ref returns a generated ID, such as IdentityPoolRoleAttachment-EXAMPLEwnOR3n.

For more information about using the Ref function, see Ref.