software.amazon.awscdk.services.cognito

Interface CfnIdentityPoolRoleAttachment.RoleMappingProperty

All Known Implementing Classes:

CfnIdentityPoolRoleAttachment.RoleMappingProperty.Jsii$Proxy

Enclosing class:

CfnIdentityPoolRoleAttachment

public static interface CfnIdentityPoolRoleAttachment.RoleMappingProperty

`RoleMapping` is a property of the [AWS::Cognito::IdentityPoolRoleAttachment](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypoolroleattachment.html) resource that defines the role-mapping attributes of an Amazon Cognito identity pool.

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.cognito.*;
 RoleMappingProperty roleMappingProperty = RoleMappingProperty.builder()
         .type("type")
         // the properties below are optional
         .ambiguousRoleResolution("ambiguousRoleResolution")
         .identityProvider("identityProvider")
         .rulesConfiguration(RulesConfigurationTypeProperty.builder()
                 .rules(List.of(MappingRuleProperty.builder()
                         .claim("claim")
                         .matchType("matchType")
                         .roleArn("roleArn")
                         .value("value")
                         .build()))
                 .build())
         .build();
 

Nested Class Summary

Nested Classes

Modifier and Type	Interface and Description
static class	CfnIdentityPoolRoleAttachment.RoleMappingProperty.Builder A builder for CfnIdentityPoolRoleAttachment.RoleMappingProperty
static class	CfnIdentityPoolRoleAttachment.RoleMappingProperty.Jsii$Proxy An implementation for CfnIdentityPoolRoleAttachment.RoleMappingProperty

Method Summary

Modifier and Type	Method and Description
static CfnIdentityPoolRoleAttachment.RoleMappingProperty.Builder	builder()
default java.lang.String	getAmbiguousRoleResolution() Specifies the action to be taken if either no rules match the claim value for the Rules type, or there is no `cognito:preferred_role` claim and there are multiple `cognito:roles` matches for the Token type.
default java.lang.String	getIdentityProvider() Identifier for the identity provider for which the role is mapped.
default java.lang.Object	getRulesConfiguration() The rules to be used for mapping users to roles.
java.lang.String	getType() The role-mapping type.

Method Detail

getType

java.lang.String getType()

The role-mapping type.

Token uses cognito:roles and cognito:preferred_role claims from the Amazon Cognito identity provider token to map groups to roles. Rules attempts to match claims from the token to map to a role.

Valid values are Token or Rules .

getAmbiguousRoleResolution

default java.lang.String getAmbiguousRoleResolution()

Specifies the action to be taken if either no rules match the claim value for the Rules type, or there is no `cognito:preferred_role` claim and there are multiple `cognito:roles` matches for the Token type.

If you specify Token or Rules as the Type, AmbiguousRoleResolution is required.

Valid values are AuthenticatedRole or Deny .

getIdentityProvider

default java.lang.String getIdentityProvider()

Identifier for the identity provider for which the role is mapped.

For example: graph.facebook.com or cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id (http://cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id) . This is the identity provider that is used by the user for authentication.

If the identity provider property isn't provided, the key of the entry in the RoleMappings map is used as the identity provider.

getRulesConfiguration

default java.lang.Object getRulesConfiguration()

The rules to be used for mapping users to roles.

If you specify "Rules" as the role-mapping type, RulesConfiguration is required.

builder

static CfnIdentityPoolRoleAttachment.RoleMappingProperty.Builder builder()

Returns:

a CfnIdentityPoolRoleAttachment.RoleMappingProperty.Builder of CfnIdentityPoolRoleAttachment.RoleMappingProperty