public static interface CfnIdentityPoolRoleAttachment.RoleMappingProperty
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import software.amazon.awscdk.services.cognito.*; RoleMappingProperty roleMappingProperty = RoleMappingProperty.builder() .type("type") // the properties below are optional .ambiguousRoleResolution("ambiguousRoleResolution") .identityProvider("identityProvider") .rulesConfiguration(RulesConfigurationTypeProperty.builder() .rules(List.of(MappingRuleProperty.builder() .claim("claim") .matchType("matchType") .roleArn("roleArn") .value("value") .build())) .build()) .build();
Modifier and Type | Interface and Description |
---|---|
static class |
CfnIdentityPoolRoleAttachment.RoleMappingProperty.Builder
A builder for
CfnIdentityPoolRoleAttachment.RoleMappingProperty |
static class |
CfnIdentityPoolRoleAttachment.RoleMappingProperty.Jsii$Proxy
An implementation for
CfnIdentityPoolRoleAttachment.RoleMappingProperty |
Modifier and Type | Method and Description |
---|---|
static CfnIdentityPoolRoleAttachment.RoleMappingProperty.Builder |
builder() |
default java.lang.String |
getAmbiguousRoleResolution()
Specifies the action to be taken if either no rules match the claim value for the Rules type, or there is no `cognito:preferred_role` claim and there are multiple `cognito:roles` matches for the Token type.
|
default java.lang.String |
getIdentityProvider()
Identifier for the identity provider for which the role is mapped.
|
default java.lang.Object |
getRulesConfiguration()
The rules to be used for mapping users to roles.
|
java.lang.String |
getType()
The role-mapping type.
|
java.lang.String getType()
Token
uses cognito:roles
and cognito:preferred_role
claims from the Amazon Cognito identity provider token to map groups to roles. Rules
attempts to match claims from the token to map to a role.
Valid values are Token
or Rules
.
default java.lang.String getAmbiguousRoleResolution()
If you specify Token or Rules as the Type, AmbiguousRoleResolution is required.
Valid values are AuthenticatedRole
or Deny
.
default java.lang.String getIdentityProvider()
For example: graph.facebook.com
or cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id (http://cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id)
. This is the identity provider that is used by the user for authentication.
If the identity provider property isn't provided, the key of the entry in the RoleMappings
map is used as the identity provider.
default java.lang.Object getRulesConfiguration()
If you specify "Rules" as the role-mapping type, RulesConfiguration is required.
static CfnIdentityPoolRoleAttachment.RoleMappingProperty.Builder builder()