pulumi-aws-kotlin/com.pulumi.aws.cognito.kotlin/IdentityPoolArgs

IdentityPoolArgs

data class IdentityPoolArgs(val allowClassicFlow: Output<Boolean>? = null, val allowUnauthenticatedIdentities: Output<Boolean>? = null, val cognitoIdentityProviders: Output<List<IdentityPoolCognitoIdentityProviderArgs>>? = null, val developerProviderName: Output<String>? = null, val identityPoolName: Output<String>? = null, val openidConnectProviderArns: Output<List<String>>? = null, val samlProviderArns: Output<List<String>>? = null, val supportedLoginProviders: Output<Map<String, String>>? = null, val tags: Output<Map<String, String>>? = null) : ConvertibleToJava<IdentityPoolArgs>

Provides an AWS Cognito Identity Pool.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
import * as std from "@pulumi/std";
const _default = new aws.iam.SamlProvider("default", {
    name: "my-saml-provider",
    samlMetadataDocument: std.file({
        input: "saml-metadata.xml",
    }).then(invoke => invoke.result),
});
const main = new aws.cognito.IdentityPool("main", {
    identityPoolName: "identity pool",
    allowUnauthenticatedIdentities: false,
    allowClassicFlow: false,
    cognitoIdentityProviders: [
        {
            clientId: "6lhlkkfbfb4q5kpp90urffae",
            providerName: "cognito-idp.us-east-1.amazonaws.com/us-east-1_Tv0493apJ",
            serverSideTokenCheck: false,
        },
        {
            clientId: "7kodkvfqfb4qfkp39eurffae",
            providerName: "cognito-idp.us-east-1.amazonaws.com/eu-west-1_Zr231apJu",
            serverSideTokenCheck: false,
        },
    ],
    supportedLoginProviders: {
        "graph.facebook.com": "7346241598935552",
        "accounts.google.com": "123456789012.apps.googleusercontent.com",
    },
    samlProviderArns: [_default&#46;arn],
    openidConnectProviderArns: ["arn:aws:iam::123456789012:oidc-provider/id&#46;example&#46;com"],
});
Content copied to clipboard
import pulumi
import pulumi_aws as aws
import pulumi_std as std
default = aws.iam.SamlProvider("default",
    name="my-saml-provider",
    saml_metadata_document=std.file(input="saml-metadata.xml").result)
main = aws.cognito.IdentityPool("main",
    identity_pool_name="identity pool",
    allow_unauthenticated_identities=False,
    allow_classic_flow=False,
    cognito_identity_providers=[
        aws.cognito.IdentityPoolCognitoIdentityProviderArgs(
            client_id="6lhlkkfbfb4q5kpp90urffae",
            provider_name="cognito-idp.us-east-1.amazonaws.com/us-east-1_Tv0493apJ",
            server_side_token_check=False,
        ),
        aws.cognito.IdentityPoolCognitoIdentityProviderArgs(
            client_id="7kodkvfqfb4qfkp39eurffae",
            provider_name="cognito-idp.us-east-1.amazonaws.com/eu-west-1_Zr231apJu",
            server_side_token_check=False,
        ),
    ],
    supported_login_providers={
        "graph.facebook.com": "7346241598935552",
        "accounts.google.com": "123456789012.apps.googleusercontent.com",
    },
    saml_provider_arns=[default&#46;arn],
    openid_connect_provider_arns=["arn:aws:iam::123456789012:oidc-provider/id&#46;example&#46;com"])
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
using Std = Pulumi.Std;
return await Deployment.RunAsync(() =>
{
    var @default = new Aws.Iam.SamlProvider("default", new()
    {
        Name = "my-saml-provider",
        SamlMetadataDocument = Std.File.Invoke(new()
        {
            Input = "saml-metadata.xml",
        }).Apply(invoke => invoke.Result),
    });
    var main = new Aws.Cognito.IdentityPool("main", new()
    {
        IdentityPoolName = "identity pool",
        AllowUnauthenticatedIdentities = false,
        AllowClassicFlow = false,
        CognitoIdentityProviders = new[]
        {
            new Aws.Cognito.Inputs.IdentityPoolCognitoIdentityProviderArgs
            {
                ClientId = "6lhlkkfbfb4q5kpp90urffae",
                ProviderName = "cognito-idp.us-east-1.amazonaws.com/us-east-1_Tv0493apJ",
                ServerSideTokenCheck = false,
            },
            new Aws.Cognito.Inputs.IdentityPoolCognitoIdentityProviderArgs
            {
                ClientId = "7kodkvfqfb4qfkp39eurffae",
                ProviderName = "cognito-idp.us-east-1.amazonaws.com/eu-west-1_Zr231apJu",
                ServerSideTokenCheck = false,
            },
        },
        SupportedLoginProviders =
        {
            { "graph.facebook.com", "7346241598935552" },
            { "accounts.google.com", "123456789012.apps.googleusercontent.com" },
        },
        SamlProviderArns = new[]
        {
            @default.Arn,
        },
        OpenidConnectProviderArns = new[]
        {
            "arn:aws:iam::123456789012:oidc-provider/id.example.com",
        },
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito"
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
	"github.com/pulumi/pulumi-std/sdk/go/std"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		invokeFile, err := std.File(ctx, &std.FileArgs{
			Input: "saml-metadata.xml",
		}, nil)
		if err != nil {
			return err
		}
		_, err = iam.NewSamlProvider(ctx, "default", &iam.SamlProviderArgs{
			Name:                 pulumi.String("my-saml-provider"),
			SamlMetadataDocument: invokeFile.Result,
		})
		if err != nil {
			return err
		}
		_, err = cognito.NewIdentityPool(ctx, "main", &cognito.IdentityPoolArgs{
			IdentityPoolName:               pulumi.String("identity pool"),
			AllowUnauthenticatedIdentities: pulumi.Bool(false),
			AllowClassicFlow:               pulumi.Bool(false),
			CognitoIdentityProviders: cognito.IdentityPoolCognitoIdentityProviderArray{
				&cognito.IdentityPoolCognitoIdentityProviderArgs{
					ClientId:             pulumi.String("6lhlkkfbfb4q5kpp90urffae"),
					ProviderName:         pulumi.String("cognito-idp.us-east-1.amazonaws.com/us-east-1_Tv0493apJ"),
					ServerSideTokenCheck: pulumi.Bool(false),
				},
				&cognito.IdentityPoolCognitoIdentityProviderArgs{
					ClientId:             pulumi.String("7kodkvfqfb4qfkp39eurffae"),
					ProviderName:         pulumi.String("cognito-idp.us-east-1.amazonaws.com/eu-west-1_Zr231apJu"),
					ServerSideTokenCheck: pulumi.Bool(false),
				},
			},
			SupportedLoginProviders: pulumi.StringMap{
				"graph.facebook.com":  pulumi.String("7346241598935552"),
				"accounts.google.com": pulumi.String("123456789012.apps.googleusercontent.com"),
			},
			SamlProviderArns: pulumi.StringArray{
				_default.Arn,
			},
			OpenidConnectProviderArns: pulumi.StringArray{
				pulumi.String("arn:aws:iam::123456789012:oidc-provider/id.example.com"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.iam.SamlProvider;
import com.pulumi.aws.iam.SamlProviderArgs;
import com.pulumi.aws.cognito.IdentityPool;
import com.pulumi.aws.cognito.IdentityPoolArgs;
import com.pulumi.aws.cognito.inputs.IdentityPoolCognitoIdentityProviderArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var default_ = new SamlProvider("default", SamlProviderArgs.builder()
            .name("my-saml-provider")
            .samlMetadataDocument(StdFunctions.file(FileArgs.builder()
                .input("saml-metadata.xml")
                .build()).result())
            .build());
        var main = new IdentityPool("main", IdentityPoolArgs.builder()
            .identityPoolName("identity pool")
            .allowUnauthenticatedIdentities(false)
            .allowClassicFlow(false)
            .cognitoIdentityProviders(
                IdentityPoolCognitoIdentityProviderArgs.builder()
                    .clientId("6lhlkkfbfb4q5kpp90urffae")
                    .providerName("cognito-idp.us-east-1.amazonaws.com/us-east-1_Tv0493apJ")
                    .serverSideTokenCheck(false)
                    .build(),
                IdentityPoolCognitoIdentityProviderArgs.builder()
                    .clientId("7kodkvfqfb4qfkp39eurffae")
                    .providerName("cognito-idp.us-east-1.amazonaws.com/eu-west-1_Zr231apJu")
                    .serverSideTokenCheck(false)
                    .build())
            .supportedLoginProviders(Map.ofEntries(
                Map.entry("graph.facebook.com", "7346241598935552"),
                Map.entry("accounts.google.com", "123456789012.apps.googleusercontent.com")
            ))
            .samlProviderArns(default_.arn())
            .openidConnectProviderArns("arn:aws:iam::123456789012:oidc-provider/id.example.com")
            .build());
    }
}
Content copied to clipboard
resources:
  default:
    type: aws:iam:SamlProvider
    properties:
      name: my-saml-provider
      samlMetadataDocument:
        fn::invoke:
          Function: std:file
          Arguments:
            input: saml-metadata.xml
          Return: result
  main:
    type: aws:cognito:IdentityPool
    properties:
      identityPoolName: identity pool
      allowUnauthenticatedIdentities: false
      allowClassicFlow: false
      cognitoIdentityProviders:
        - clientId: 6lhlkkfbfb4q5kpp90urffae
          providerName: cognito-idp.us-east-1.amazonaws.com/us-east-1_Tv0493apJ
          serverSideTokenCheck: false
        - clientId: 7kodkvfqfb4qfkp39eurffae
          providerName: cognito-idp.us-east-1.amazonaws.com/eu-west-1_Zr231apJu
          serverSideTokenCheck: false
      supportedLoginProviders:
        graph.facebook.com: '7346241598935552'
        accounts.google.com: 123456789012.apps.googleusercontent.com
      samlProviderArns:
        - ${default.arn}
      openidConnectProviderArns:
        - arn:aws:iam::123456789012:oidc-provider/id.example.com
Content copied to clipboard

Import

Using pulumi import, import Cognito Identity Pool using its ID. For example:

$ pulumi import aws:cognito/identityPool:IdentityPool mypool us-west-2:1a234567-8901-234b-5cde-f6789g01h2i3
Content copied to clipboard

Constructors

Link copied to clipboard
fun IdentityPoolArgs(allowClassicFlow: Output<Boolean>? = null, allowUnauthenticatedIdentities: Output<Boolean>? = null, cognitoIdentityProviders: Output<List<IdentityPoolCognitoIdentityProviderArgs>>? = null, developerProviderName: Output<String>? = null, identityPoolName: Output<String>? = null, openidConnectProviderArns: Output<List<String>>? = null, samlProviderArns: Output<List<String>>? = null, supportedLoginProviders: Output<Map<String, String>>? = null, tags: Output<Map<String, String>>? = null)

Functions

Link copied to clipboard
open override fun toJava(): IdentityPoolArgs

Properties

Link copied to clipboard
val allowClassicFlow: Output<Boolean>? = null

Enables or disables the classic / basic authentication flow. Default is false.

Link copied to clipboard
val allowUnauthenticatedIdentities: Output<Boolean>? = null

Whether the identity pool supports unauthenticated logins or not.

Link copied to clipboard
val cognitoIdentityProviders: Output<List<IdentityPoolCognitoIdentityProviderArgs>>? = null

An array of Amazon Cognito Identity user pools and their client IDs.

Link copied to clipboard
val developerProviderName: Output<String>? = null

The "domain" by which Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider.

Link copied to clipboard
val identityPoolName: Output<String>? = null

The Cognito Identity Pool name.

Link copied to clipboard
val openidConnectProviderArns: Output<List<String>>? = null

Set of OpendID Connect provider ARNs.

Link copied to clipboard
val samlProviderArns: Output<List<String>>? = null

An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.

Link copied to clipboard
val supportedLoginProviders: Output<Map<String, String>>? = null

Key-Value pairs mapping provider names to provider app IDs.

Link copied to clipboard
val tags: Output<Map<String, String>>? = null

A map of tags to assign to the Identity Pool. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.