AWS CloudFormation
User Guide (Version )

AWS::Cognito::UserPoolResourceServer

The AWS::Cognito::UserPoolResourceServer resource creates a new OAuth2.0 resource server and defines custom scopes in it.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "Type" : "AWS::Cognito::UserPoolResourceServer", "Properties" : { "Identifier" : String, "Name" : String, "Scopes" : [ ResourceServerScopeType, ... ], "UserPoolId" : String } }

YAML

Type: AWS::Cognito::UserPoolResourceServer Properties: Identifier: String Name: String Scopes: - ResourceServerScopeType UserPoolId: String

Properties

Identifier

A unique resource server identifier for the resource server. This could be an HTTPS endpoint where the resource server is located. For example: https://my-weather-api.example.com.

Required: Yes

Type: String

Minimum: 1

Maximum: 256

Pattern: [\x21\x23-\x5B\x5D-\x7E]+

Update requires: Replacement

Name

A friendly name for the resource server.

Required: Yes

Type: String

Minimum: 1

Maximum: 256

Pattern: [\w\s+=,.@-]+

Update requires: No interruption

Scopes

A list of scopes. Each scope is a map, where the keys are name and the values are description for the scope.

Required: No

Type: List of ResourceServerScopeType

Maximum: 100

Update requires: No interruption

UserPoolId

The user pool ID for the user pool.

Required: Yes

Type: String

Minimum: 1

Maximum: 55

Pattern: [\w-]+_[0-9a-zA-Z]+

Update requires: Replacement

Return Values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns physicalResourceId, which is the resource server identifier “Identifier". For example:

{ "Ref": "yourResourceServerIdentifier" }

For the Amazon Cognito resource server yourResourceServerIdentifier, Ref returns the name of the resource server.

For more information about using the Ref function, see Ref.

Examples

Creating a new resource server for a user pool

The following example creates a resource server "Name" with the identifier "Identifier" in the referenced user pool.

JSON

{ "UserPoolResourceServer": { "Type": "AWS::Cognito::UserPoolResourceServer", "Properties": { "UserPoolId": {"Ref": "UserPool"}, "Identifier": "Identifier", "Name": "Name", "Scopes": [ { "ScopeName": "ScopeName1", "ScopeDescription": "description" }, { "ScopeName": "ScopeName2", "ScopeDescription": "description" } ] } } }

YAML

UserPoolResourceServer: Type: AWS::Cognito::UserPoolResourceServer Properties: UserPoolId: !Ref UserPool Identifier: "Identifier" Name: "Name" Scopes: - ScopeName: "ScopeName1" ScopeDescription: "description" - ScopeName: "ScopeName2" ScopeDescription: "description"