Create an identity pool to enable unauthenticated access to your application - Amazon Location Service

Amazon Location Service is in preview release and is subject to change.

Create an identity pool to enable unauthenticated access to your application

Before you can display a map in your application, use Amazon Cognito to create an unauthenticated identity pool with a scoped-down AWS Identity and Access Management (IAM) role that allows read-only access to the Amazon Location Maps APIs.

Important

Ensure that the pool you create is in the same AWS Region as the place index resources that you're using.

The pool's ID will take the form <region>:<GUID>. For example:

us-east-1:54f2ba88-9390-498d-aaa5-0d97fb7ca3bd

The following is an example of a scoped-down IAM policy allowing access to a map resource named ExampleMap:

{ "Version": "2012-10-17", "Statement": [ { "Sid": "MapsReadOnly", "Effect": "Allow", "Action": [ "geo:GetMapStyleDescriptor", "geo:GetMapGlyphs", "geo:GetMapSprites", "geo:GetMapTile" ], "Resource": "arn:aws:geo:<region>:<account ID>:map/ExampleMap" } ] }

The following is another example of a scoped-down IAM policy allowing access to a map resource named TangramExampleMap:

Note

If you're using Tangram, note that Tangram does not use the style descriptors, glyphs, or sprites returned by the Maps API. Instead, it is configured by pointing to a ZIP file that contains style rules and necessary assets.

{ "Version": "2012-10-17", "Statement": [ { "Sid": "MapsReadOnly", "Effect": "Allow", "Action": [ "geo:GetMapTile" ], "Resource": "arn:aws:geo:region:accountID:map/TangramExampleMap" } ] }