AWS::Cognito::IdentityPool

The AWS::Cognito::IdentityPool resource creates an Amazon Cognito identity pool.

To avoid deleting the resource accidentally from AWS CloudFormation, use DeletionPolicy Attribute and the UpdateReplacePolicy Attribute to retain the resource on deletion or replacement.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{
  "Type" : "AWS::Cognito::IdentityPool",
  "Properties" : {
      "AllowClassicFlow" : Boolean,
      "AllowUnauthenticatedIdentities" : Boolean,
      "CognitoEvents" : Json,
      "CognitoIdentityProviders" : [ CognitoIdentityProvider, ... ],
      "CognitoStreams" : CognitoStreams,
      "DeveloperProviderName" : String,
      "IdentityPoolName" : String,
      "OpenIdConnectProviderARNs" : [ String, ... ],
      "PushSync" : PushSync,
      "SamlProviderARNs" : [ String, ... ],
      "SupportedLoginProviders" : Json
    }
}

YAML

Type: AWS::Cognito::IdentityPool
Properties: 
  AllowClassicFlow: Boolean
  AllowUnauthenticatedIdentities: Boolean
  CognitoEvents: Json
  CognitoIdentityProviders: 
    - CognitoIdentityProvider
  CognitoStreams: 
    CognitoStreams
  DeveloperProviderName: String
  IdentityPoolName: String
  OpenIdConnectProviderARNs: 
    - String
  PushSync: 
    PushSync
  SamlProviderARNs: 
    - String
  SupportedLoginProviders: Json

Properties

AllowClassicFlow

Enables the Basic (Classic) authentication flow.

Required: No

Type: Boolean

Update requires: No interruption

AllowUnauthenticatedIdentities

Specifies whether the identity pool supports unauthenticated logins.

Required: Yes

Type: Boolean

Update requires: No interruption

CognitoEvents

The events to configure.

Required: No

Type: Json

Update requires: No interruption

CognitoIdentityProviders

The Amazon Cognito user pools and their client IDs.

Required: No

Type: List of CognitoIdentityProvider

Update requires: No interruption

CognitoStreams

Configuration options for configuring Amazon Cognito streams.

Required: No

Type: CognitoStreams

Update requires: No interruption

DeveloperProviderName

The "domain" Amazon Cognito uses when referencing your users. This name acts as a placeholder that allows your backend and the Amazon Cognito service to communicate about the developer provider. For the DeveloperProviderName, you can use letters and periods (.), underscores (_), and dashes (-).

Minimum length: 1

Maximum length: 100

Required: No

Type: String

Update requires: No interruption

IdentityPoolName

The name of your Amazon Cognito identity pool.

Minimum length: 1

Maximum length: 128

Pattern: [\w\s+=,.@-]+

Required: No

Type: String

Update requires: No interruption

OpenIdConnectProviderARNs

The Amazon Resource Names (ARNs) of the OpenID connect providers.

Required: No

Type: List of String

Update requires: No interruption

PushSync

The configuration options to be applied to the identity pool.

Required: No

Type: PushSync

Update requires: No interruption

SamlProviderARNs

The Amazon Resource Names (ARNs) of the Security Assertion Markup Language (SAML) providers.

Required: No

Type: List of String

Update requires: No interruption

SupportedLoginProviders

Key-value pairs that map provider names to provider app IDs.

Required: No

Type: Json

Update requires: No interruption

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns the IdentityPoolId, such as us-east-2:0d01f4d7-1305-4408-b437-12345EXAMPLE.

For more information about using the Ref function, see Ref.

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

Name

The name of the Amazon Cognito identity pool, returned as a string.