MappingRule

A rule that maps a claim name, a claim value, and a match type to a role ARN.

Contents

Claim

The claim name that must be present in the token, for example, "isAdmin" or "paid".

Type: String

Length Constraints: Minimum length of 1. Maximum length of 64.

Pattern: [\p{L}\p{M}\p{S}\p{N}\p{P}]+

Required: Yes

MatchType

The match condition that specifies how closely the claim value in the IdP token must match Value.

Type: String

Valid Values: Equals | Contains | StartsWith | NotEqual

Required: Yes

RoleARN

The role ARN.

Type: String

Length Constraints: Minimum length of 20. Maximum length of 2048.

Required: Yes

Value

A brief string that the claim must match, for example, "paid" or "yes".

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Required: Yes

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

• AWS SDK for C++

• AWS SDK for Java V2

• AWS SDK for Ruby V3