Syntax Properties Return values Examples

AWS::Cognito::UserPoolResourceServer

The AWS::Cognito::UserPoolResourceServer resource creates a new OAuth2.0 resource server and defines custom scopes in it.

Note

If you don't specify a value for a parameter, Amazon Cognito sets it to a default value.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON


{
  "Type" : "AWS::Cognito::UserPoolResourceServer",
  "Properties" : {
      "Identifier" : String,
      "Name" : String,
      "Scopes" : [ ResourceServerScopeType, ... ],
      "UserPoolId" : String
    }
}

YAML


Type: AWS::Cognito::UserPoolResourceServer
Properties:
  Identifier: String
  Name: String
  Scopes: 
    - ResourceServerScopeType
  UserPoolId: String

Properties

Identifier

A unique resource server identifier for the resource server. This could be an HTTPS endpoint where the resource server is located. For example: https://my-weather-api.example.com.

Required: Yes

Type: String

Pattern: [\x21\x23-\x5B\x5D-\x7E]+

Minimum: 1

Maximum: 256

Update requires: Replacement

Name

A friendly name for the resource server.

Required: Yes

Type: String

Pattern: [\w\s+=,.@-]+

Minimum: 1

Maximum: 256

Update requires: No interruption

Scopes

A list of scopes. Each scope is a map with keys ScopeName and ScopeDescription.

Required: No

Type: Array of ResourceServerScopeType

Maximum: 100

Update requires: No interruption

UserPoolId

The user pool ID for the user pool.

Required: Yes

Type: String

Pattern: [\w-]+_[0-9a-zA-Z]+

Minimum: 1

Maximum: 55

Update requires: Replacement

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns physicalResourceId, which is the resource server identifier “Identifier". For example:

{ "Ref": "yourResourceServerIdentifier" }

For the Amazon Cognito resource server yourResourceServerIdentifier, Ref returns the name of the resource server.

For more information about using the Ref function, see Ref.

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

Id: The resource ID.

Examples

Creating a new resource server for a user pool

The following example creates a resource server "Name" with the identifier "Identifier" in the referenced user pool.

JSON


{
	"UserPoolResourceServer": {
		"Type": "AWS::Cognito::UserPoolResourceServer",
		"Properties": {
			"UserPoolId": {
				"Ref": "UserPool"
			},
			"Identifier": "Identifier",
			"Name": "Name",
			"Scopes": [{
				"ScopeName": "ScopeName1",
				"ScopeDescription": "description"
			}, {
				"ScopeName": "ScopeName2",
				"ScopeDescription": "description"
			}]
		}
	}
}

YAML


UserPoolResourceServer: 
  Type: AWS::Cognito::UserPoolResourceServer
  Properties: 
    UserPoolId: !Ref UserPool 
    Identifier: "Identifier" 
    Name: "Name" 
    Scopes: 
     - ScopeName: "ScopeName1" 
       ScopeDescription: "description" 
     - ScopeName: "ScopeName2"
       ScopeDescription: "description"

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

AWS::Cognito::UserPoolIdentityProvider

ResourceServerScopeType