CognitoAuthorizer - AWS Serverless Application Model

CognitoAuthorizer

Define a Amazon Cognito User Pool authorizer.

For more information and examples, see Controlling access to API Gateway APIs.

Syntax

To declare this entity in your AWS Serverless Application Model (AWS SAM) template, use the following syntax.

Properties

AuthorizationScopes

List of authorization scopes for this authorizer.

Type: List

Required: No

AWS CloudFormation compatibility: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent.

Identity

This property can be used to specify an IdentitySource in an incoming request for an authorizer

Type: CognitoAuthorizationIdentity

Required: No

AWS CloudFormation compatibility: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent.

UserPoolArn

Can refer to a user pool/specify a userpool arn to which you want to add this cognito authorizer

Type: String

Required: Yes

AWS CloudFormation compatibility: This property is unique to AWS SAM and doesn't have an AWS CloudFormation equivalent.

Examples

CognitoAuth

Cognito Auth Example

YAML

Auth: Authorizers: MyCognitoAuth: AuthorizationScopes: - scope1 - scope2 UserPoolArn: Fn::GetAtt: - MyCognitoUserPool - Arn Identity: Header: MyAuthorizationHeader ValidationExpression: myauthvalidationexpression