Class CfnIdentityPoolRoleAttachment.RoleMappingProperty
One of a set of RoleMappings , a property of the AWS::Cognito::IdentityPoolRoleAttachment resource that defines the role-mapping attributes of an Amazon Cognito identity pool.
Inherited Members
Namespace: Amazon.CDK.AWS.Cognito
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class CfnIdentityPoolRoleAttachment.RoleMappingProperty : CfnIdentityPoolRoleAttachment.IRoleMappingPropertySyntax (vb)
Public Class CfnIdentityPoolRoleAttachment.RoleMappingProperty Implements CfnIdentityPoolRoleAttachment.IRoleMappingPropertyRemarks
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.Cognito;
var roleMappingProperty = new RoleMappingProperty {
Type = "type",
// the properties below are optional
AmbiguousRoleResolution = "ambiguousRoleResolution",
IdentityProvider = "identityProvider",
RulesConfiguration = new RulesConfigurationTypeProperty {
Rules = new [] { new MappingRuleProperty {
Claim = "claim",
MatchType = "matchType",
RoleArn = "roleArn",
Value = "value"
} }
}
};Synopsis
Constructors
| RoleMappingProperty() | One of a set of |
Properties
| AmbiguousRoleResolution | If you specify Token or Rules as the |
| IdentityProvider | Identifier for the identity provider for which the role is mapped. |
| RulesConfiguration | The rules to be used for mapping users to roles. |
| Type | The role mapping type. |
Constructors
RoleMappingProperty()
One of a set of RoleMappings , a property of the AWS::Cognito::IdentityPoolRoleAttachment resource that defines the role-mapping attributes of an Amazon Cognito identity pool.
public RoleMappingProperty()Remarks
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.Cognito;
var roleMappingProperty = new RoleMappingProperty {
Type = "type",
// the properties below are optional
AmbiguousRoleResolution = "ambiguousRoleResolution",
IdentityProvider = "identityProvider",
RulesConfiguration = new RulesConfigurationTypeProperty {
Rules = new [] { new MappingRuleProperty {
Claim = "claim",
MatchType = "matchType",
RoleArn = "roleArn",
Value = "value"
} }
}
};Properties
AmbiguousRoleResolution
If you specify Token or Rules as the Type , AmbiguousRoleResolution is required.
public string? AmbiguousRoleResolution { get; set; }Property Value
Remarks
Specifies the action to be taken if either no rules match the claim value for the Rules type, or there is no cognito:preferred_role claim and there are multiple cognito:roles matches for the Token type.
IdentityProvider
Identifier for the identity provider for which the role is mapped.
public string? IdentityProvider { get; set; }Property Value
Remarks
For example: graph.facebook.com or cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id (http://cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id) . This is the identity provider that is used by the user for authentication.
If the identity provider property isn't provided, the key of the entry in the RoleMappings map is used as the identity provider.
RulesConfiguration
The rules to be used for mapping users to roles.
public object? RulesConfiguration { get; set; }Property Value
Remarks
If you specify "Rules" as the role-mapping type, RulesConfiguration is required.
Type
The role mapping type.
public string Type { get; set; }Property Value
Remarks
Token will use cognito:roles and cognito:preferred_role claims from the Cognito identity provider token to map groups to roles. Rules will attempt to match claims from the token to map to a role.