Package software.amazon.awscdk.services.cognito

Interface CfnIdentityPoolRoleAttachment.RoleMappingProperty

All Superinterfaces:

software.amazon.jsii.JsiiSerializable

All Known Implementing Classes:

CfnIdentityPoolRoleAttachment.RoleMappingProperty.Jsii$Proxy

Enclosing class:

CfnIdentityPoolRoleAttachment

@Stability(Stable)
public static interface CfnIdentityPoolRoleAttachment.RoleMappingProperty
extends software.amazon.jsii.JsiiSerializable

One of a set of RoleMappings , a property of the AWS::Cognito::IdentityPoolRoleAttachment resource that defines the role-mapping attributes of an Amazon Cognito identity pool.

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.cognito.*;
 RoleMappingProperty roleMappingProperty = RoleMappingProperty.builder()
         .type("type")
         // the properties below are optional
         .ambiguousRoleResolution("ambiguousRoleResolution")
         .identityProvider("identityProvider")
         .rulesConfiguration(RulesConfigurationTypeProperty.builder()
                 .rules(List.of(MappingRuleProperty.builder()
                         .claim("claim")
                         .matchType("matchType")
                         .roleArn("roleArn")
                         .value("value")
                         .build()))
                 .build())
         .build();
 

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static final class	CfnIdentityPoolRoleAttachment.RoleMappingProperty.Builder	A builder for CfnIdentityPoolRoleAttachment.RoleMappingProperty
static final class	CfnIdentityPoolRoleAttachment.RoleMappingProperty.Jsii$Proxy	An implementation for CfnIdentityPoolRoleAttachment.RoleMappingProperty

Method Summary

Modifier and Type	Method	Description
static CfnIdentityPoolRoleAttachment.RoleMappingProperty.Builder	builder()
default String	getAmbiguousRoleResolution()	If you specify Token or Rules as the Type , AmbiguousRoleResolution is required.
default String	getIdentityProvider()	Identifier for the identity provider for which the role is mapped.
default Object	getRulesConfiguration()	The rules to be used for mapping users to roles.
String	getType()	The role mapping type.

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Method Details

getType

@Stability(Stable)
@NotNull
String getType()

The role mapping type.

Token will use cognito:roles and cognito:preferred_role claims from the Cognito identity provider token to map groups to roles. Rules will attempt to match claims from the token to map to a role.

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html#cfn-cognito-identitypoolroleattachment-rolemapping-type

getAmbiguousRoleResolution

@Stability(Stable)
@Nullable
default String getAmbiguousRoleResolution()

If you specify Token or Rules as the Type , AmbiguousRoleResolution is required.

Specifies the action to be taken if either no rules match the claim value for the Rules type, or there is no cognito:preferred_role claim and there are multiple cognito:roles matches for the Token type.

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html#cfn-cognito-identitypoolroleattachment-rolemapping-ambiguousroleresolution

getIdentityProvider

@Stability(Stable)
@Nullable
default String getIdentityProvider()

Identifier for the identity provider for which the role is mapped.

For example: graph.facebook.com or cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id (http://cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id) . This is the identity provider that is used by the user for authentication.

If the identity provider property isn't provided, the key of the entry in the RoleMappings map is used as the identity provider.

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html#cfn-cognito-identitypoolroleattachment-rolemapping-identityprovider

getRulesConfiguration

@Stability(Stable)
@Nullable
default Object getRulesConfiguration()

The rules to be used for mapping users to roles.

If you specify "Rules" as the role-mapping type, RulesConfiguration is required.

Returns union: either IResolvable or CfnIdentityPoolRoleAttachment.RulesConfigurationTypeProperty

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html#cfn-cognito-identitypoolroleattachment-rolemapping-rulesconfiguration

builder

@Stability(Stable)
static CfnIdentityPoolRoleAttachment.RoleMappingProperty.Builder builder()

Returns:

a CfnIdentityPoolRoleAttachment.RoleMappingProperty.Builder of CfnIdentityPoolRoleAttachment.RoleMappingProperty