CfnIdentityPoolPropsMixin

class aws_cdk.mixins_preview.aws_cognito.mixins.CfnIdentityPoolPropsMixin(props, *, strategy=None)

Bases: Mixin

The AWS::Cognito::IdentityPool resource creates an Amazon Cognito identity pool.

To avoid deleting the resource accidentally from CloudFormation , use DeletionPolicy Attribute and the UpdateReplacePolicy Attribute to retain the resource on deletion or replacement.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypool.html

CloudformationResource:

AWS::Cognito::IdentityPool

Mixin:

true

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview import mixins
from aws_cdk.mixins_preview.aws_cognito import mixins as cognito_mixins

# cognito_events: Any
# supported_login_providers: Any

cfn_identity_pool_props_mixin = cognito_mixins.CfnIdentityPoolPropsMixin(cognito_mixins.CfnIdentityPoolMixinProps(
    allow_classic_flow=False,
    allow_unauthenticated_identities=False,
    cognito_events=cognito_events,
    cognito_identity_providers=[cognito_mixins.CfnIdentityPoolPropsMixin.CognitoIdentityProviderProperty(
        client_id="clientId",
        provider_name="providerName",
        server_side_token_check=False
    )],
    cognito_streams=cognito_mixins.CfnIdentityPoolPropsMixin.CognitoStreamsProperty(
        role_arn="roleArn",
        streaming_status="streamingStatus",
        stream_name="streamName"
    ),
    developer_provider_name="developerProviderName",
    identity_pool_name="identityPoolName",
    identity_pool_tags=[CfnTag(
        key="key",
        value="value"
    )],
    open_id_connect_provider_arns=["openIdConnectProviderArns"],
    push_sync=cognito_mixins.CfnIdentityPoolPropsMixin.PushSyncProperty(
        application_arns=["applicationArns"],
        role_arn="roleArn"
    ),
    saml_provider_arns=["samlProviderArns"],
    supported_login_providers=supported_login_providers
),
    strategy=mixins.PropertyMergeStrategy.OVERRIDE
)

Create a mixin to apply properties to AWS::Cognito::IdentityPool.

Parameters:

Methods

apply_to(construct)

Apply the mixin properties to the construct.

Parameters:

construct (IConstruct)

Return type:

IConstruct

supports(construct)

Check if this mixin supports the given construct.

Parameters:

construct (IConstruct)

Return type:

bool

Attributes

CFN_PROPERTY_KEYS = ['allowClassicFlow', 'allowUnauthenticatedIdentities', 'cognitoEvents', 'cognitoIdentityProviders', 'cognitoStreams', 'developerProviderName', 'identityPoolName', 'identityPoolTags', 'openIdConnectProviderArns', 'pushSync', 'samlProviderArns', 'supportedLoginProviders']

Static Methods

classmethod is_mixin(x)

(experimental) Checks if x is a Mixin.

Parameters:

x (Any) – Any object.

Return type:

bool

Returns:

true if x is an object created from a class which extends Mixin.

Stability:

experimental

CognitoIdentityProviderProperty

class CfnIdentityPoolPropsMixin.CognitoIdentityProviderProperty(*, client_id=None, provider_name=None, server_side_token_check=None)

Bases: object

CognitoIdentityProvider is a property of the AWS::Cognito::IdentityPool resource that represents an Amazon Cognito user pool and its client ID.

Parameters:

  • client_id (Optional[str]) – The client ID for the Amazon Cognito user pool.

  • provider_name (Optional[str]) – The provider name for an Amazon Cognito user pool. For example: cognito-idp.us-east-2.amazonaws.com/us-east-2_123456789 .

  • server_side_token_check (Union[bool, IResolvable, None]) – TRUE if server-side token validation is enabled for the identity provider’s token. After you set the ServerSideTokenCheck to TRUE for an identity pool, that identity pool checks with the integrated user pools to make sure the user has not been globally signed out or deleted before the identity pool provides an OIDC token or AWS credentials for the user. If the user is signed out or deleted, the identity pool returns a 400 Not Authorized error.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypool-cognitoidentityprovider.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_cognito import mixins as cognito_mixins

cognito_identity_provider_property = cognito_mixins.CfnIdentityPoolPropsMixin.CognitoIdentityProviderProperty(
    client_id="clientId",
    provider_name="providerName",
    server_side_token_check=False
)

Attributes

client_id

The client ID for the Amazon Cognito user pool.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypool-cognitoidentityprovider.html#cfn-cognito-identitypool-cognitoidentityprovider-clientid

provider_name

The provider name for an Amazon Cognito user pool.

For example: cognito-idp.us-east-2.amazonaws.com/us-east-2_123456789 .

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypool-cognitoidentityprovider.html#cfn-cognito-identitypool-cognitoidentityprovider-providername

server_side_token_check

TRUE if server-side token validation is enabled for the identity provider’s token.

After you set the ServerSideTokenCheck to TRUE for an identity pool, that identity pool checks with the integrated user pools to make sure the user has not been globally signed out or deleted before the identity pool provides an OIDC token or AWS credentials for the user.

If the user is signed out or deleted, the identity pool returns a 400 Not Authorized error.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypool-cognitoidentityprovider.html#cfn-cognito-identitypool-cognitoidentityprovider-serversidetokencheck

CognitoStreamsProperty

class CfnIdentityPoolPropsMixin.CognitoStreamsProperty(*, role_arn=None, streaming_status=None, stream_name=None)

Bases: object

CognitoStreams is a property of the AWS::Cognito::IdentityPool resource that defines configuration options for Amazon Cognito streams.

Parameters:

  • role_arn (Optional[str]) – The Amazon Resource Name (ARN) of the role Amazon Cognito can assume to publish to the stream. This role must grant access to Amazon Cognito (cognito-sync) to invoke PutRecord on your Amazon Cognito stream.

  • streaming_status (Optional[str]) – Status of the Amazon Cognito streams. Valid values are: ENABLED or DISABLED .

  • stream_name (Optional[str]) – The name of the Amazon Cognito stream to receive updates. This stream must be in the developer’s account and in the same Region as the identity pool.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypool-cognitostreams.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_cognito import mixins as cognito_mixins

cognito_streams_property = cognito_mixins.CfnIdentityPoolPropsMixin.CognitoStreamsProperty(
    role_arn="roleArn",
    streaming_status="streamingStatus",
    stream_name="streamName"
)

Attributes

role_arn

The Amazon Resource Name (ARN) of the role Amazon Cognito can assume to publish to the stream.

This role must grant access to Amazon Cognito (cognito-sync) to invoke PutRecord on your Amazon Cognito stream.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypool-cognitostreams.html#cfn-cognito-identitypool-cognitostreams-rolearn

stream_name

The name of the Amazon Cognito stream to receive updates.

This stream must be in the developer’s account and in the same Region as the identity pool.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypool-cognitostreams.html#cfn-cognito-identitypool-cognitostreams-streamname

streaming_status

Status of the Amazon Cognito streams.

Valid values are: ENABLED or DISABLED .

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypool-cognitostreams.html#cfn-cognito-identitypool-cognitostreams-streamingstatus

PushSyncProperty

class CfnIdentityPoolPropsMixin.PushSyncProperty(*, application_arns=None, role_arn=None)

Bases: object

PushSync is a property of the AWS::Cognito::IdentityPool resource that defines the configuration options to be applied to an Amazon Cognito identity pool.

Parameters:

  • application_arns (Optional[Sequence[str]]) – The ARNs of the Amazon SNS platform applications that could be used by clients.

  • role_arn (Optional[str]) – An IAM role configured to allow Amazon Cognito to call Amazon SNS on behalf of the developer.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypool-pushsync.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_cognito import mixins as cognito_mixins

push_sync_property = cognito_mixins.CfnIdentityPoolPropsMixin.PushSyncProperty(
    application_arns=["applicationArns"],
    role_arn="roleArn"
)

Attributes

application_arns

The ARNs of the Amazon SNS platform applications that could be used by clients.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypool-pushsync.html#cfn-cognito-identitypool-pushsync-applicationarns

role_arn

An IAM role configured to allow Amazon Cognito to call Amazon SNS on behalf of the developer.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypool-pushsync.html#cfn-cognito-identitypool-pushsync-rolearn