Module cognito

cognito

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-aws repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-aws repo.
class pulumi_aws.cognito.AwaitableGetUserPoolsResult(arns=None, ids=None, name=None, id=None)
class pulumi_aws.cognito.GetUserPoolsResult(arns=None, ids=None, name=None, id=None)

A collection of values returned by getUserPools.

ids = None

The list of cognito user pool ids.

id = None

id is the provider-assigned unique ID for this managed resource.

class pulumi_aws.cognito.IdentityPool(resource_name, opts=None, allow_unauthenticated_identities=None, cognito_identity_providers=None, developer_provider_name=None, identity_pool_name=None, openid_connect_provider_arns=None, saml_provider_arns=None, supported_login_providers=None, tags=None, __props__=None, __name__=None, __opts__=None)

Provides an AWS Cognito Identity Pool.

Parameters:
  • resource_name (str) – The name of the resource.
  • opts (pulumi.ResourceOptions) – Options for the resource.
  • allow_unauthenticated_identities (pulumi.Input[bool]) – Whether the identity pool supports unauthenticated logins or not.
  • cognito_identity_providers (pulumi.Input[list]) – An array of Amazon Cognito Identity user pools and their client IDs.
  • developer_provider_name (pulumi.Input[str]) – The “domain” by which Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider.
  • identity_pool_name (pulumi.Input[str]) – The Cognito Identity Pool name.
  • openid_connect_provider_arns (pulumi.Input[list]) – A list of OpendID Connect provider ARNs.
  • saml_provider_arns (pulumi.Input[list]) – An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.
  • supported_login_providers (pulumi.Input[dict]) – Key-Value pairs mapping provider names to provider app IDs.
  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the Identity Pool.
allow_unauthenticated_identities = None

Whether the identity pool supports unauthenticated logins or not.

arn = None

The ARN of the identity pool.

cognito_identity_providers = None

An array of Amazon Cognito Identity user pools and their client IDs.

developer_provider_name = None

The “domain” by which Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider.

identity_pool_name = None

The Cognito Identity Pool name.

openid_connect_provider_arns = None

A list of OpendID Connect provider ARNs.

saml_provider_arns = None

An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.

supported_login_providers = None

Key-Value pairs mapping provider names to provider app IDs.

tags = None

A mapping of tags to assign to the Identity Pool.

static get(resource_name, id, opts=None, allow_unauthenticated_identities=None, arn=None, cognito_identity_providers=None, developer_provider_name=None, identity_pool_name=None, openid_connect_provider_arns=None, saml_provider_arns=None, supported_login_providers=None, tags=None)

Get an existing IdentityPool resource’s state with the given name, id, and optional extra properties used to qualify the lookup. :param str resource_name: The unique name of the resulting resource. :param str id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[bool] allow_unauthenticated_identities: Whether the identity pool supports unauthenticated logins or not. :param pulumi.Input[str] arn: The ARN of the identity pool. :param pulumi.Input[list] cognito_identity_providers: An array of Amazon Cognito Identity user pools and their client IDs. :param pulumi.Input[str] developer_provider_name: The “domain” by which Cognito will refer to your users. This name acts as a placeholder that allows your

backend and the Cognito service to communicate about the developer provider.
Parameters:
  • identity_pool_name (pulumi.Input[str]) – The Cognito Identity Pool name.
  • openid_connect_provider_arns (pulumi.Input[list]) – A list of OpendID Connect provider ARNs.
  • saml_provider_arns (pulumi.Input[list]) – An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.
  • supported_login_providers (pulumi.Input[dict]) – Key-Value pairs mapping provider names to provider app IDs.
  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the Identity Pool.
translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
class pulumi_aws.cognito.IdentityPoolRoleAttachment(resource_name, opts=None, identity_pool_id=None, role_mappings=None, roles=None, __props__=None, __name__=None, __opts__=None)

Provides an AWS Cognito Identity Pool Roles Attachment.

Parameters:
  • resource_name (str) – The name of the resource.
  • opts (pulumi.ResourceOptions) – Options for the resource.
  • identity_pool_id (pulumi.Input[str]) – An identity pool ID in the format REGION:GUID.
  • role_mappings (pulumi.Input[list]) – A List of Role Mapping.
  • roles (pulumi.Input[dict]) – The map of roles associated with this pool. For a given role, the key will be either “authenticated” or “unauthenticated” and the value will be the Role ARN.
identity_pool_id = None

An identity pool ID in the format REGION:GUID.

role_mappings = None

A List of Role Mapping.

roles = None

The map of roles associated with this pool. For a given role, the key will be either “authenticated” or “unauthenticated” and the value will be the Role ARN.

static get(resource_name, id, opts=None, identity_pool_id=None, role_mappings=None, roles=None)

Get an existing IdentityPoolRoleAttachment resource’s state with the given name, id, and optional extra properties used to qualify the lookup. :param str resource_name: The unique name of the resulting resource. :param str id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] identity_pool_id: An identity pool ID in the format REGION:GUID. :param pulumi.Input[list] role_mappings: A List of Role Mapping. :param pulumi.Input[dict] roles: The map of roles associated with this pool. For a given role, the key will be either “authenticated” or “unauthenticated” and the value will be the Role ARN.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
class pulumi_aws.cognito.IdentityProvider(resource_name, opts=None, attribute_mapping=None, idp_identifiers=None, provider_details=None, provider_name=None, provider_type=None, user_pool_id=None, __props__=None, __name__=None, __opts__=None)

Provides a Cognito User Identity Provider resource.

Parameters:
  • resource_name (str) – The name of the resource.
  • opts (pulumi.ResourceOptions) – Options for the resource.
  • attribute_mapping (pulumi.Input[dict]) – The map of attribute mapping of user pool attributes. AttributeMapping in AWS API documentation
  • idp_identifiers (pulumi.Input[list]) – The list of identity providers.
  • provider_details (pulumi.Input[dict]) – The map of identity details, such as access token
  • provider_name (pulumi.Input[str]) – The provider name
  • provider_type (pulumi.Input[str]) – The provider type. See AWS API for valid values
  • user_pool_id (pulumi.Input[str]) – The user pool id
attribute_mapping = None

The map of attribute mapping of user pool attributes. AttributeMapping in AWS API documentation

idp_identifiers = None

The list of identity providers.

provider_details = None

The map of identity details, such as access token

provider_name = None

The provider name

provider_type = None

The provider type. See AWS API for valid values

user_pool_id = None

The user pool id

static get(resource_name, id, opts=None, attribute_mapping=None, idp_identifiers=None, provider_details=None, provider_name=None, provider_type=None, user_pool_id=None)

Get an existing IdentityProvider resource’s state with the given name, id, and optional extra properties used to qualify the lookup. :param str resource_name: The unique name of the resulting resource. :param str id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[dict] attribute_mapping: The map of attribute mapping of user pool attributes. AttributeMapping in AWS API documentation :param pulumi.Input[list] idp_identifiers: The list of identity providers. :param pulumi.Input[dict] provider_details: The map of identity details, such as access token :param pulumi.Input[str] provider_name: The provider name :param pulumi.Input[str] provider_type: The provider type. See AWS API for valid values :param pulumi.Input[str] user_pool_id: The user pool id

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
class pulumi_aws.cognito.ResourceServer(resource_name, opts=None, identifier=None, name=None, scopes=None, user_pool_id=None, __props__=None, __name__=None, __opts__=None)

Provides a Cognito Resource Server.

Parameters:
  • resource_name (str) – The name of the resource.
  • opts (pulumi.ResourceOptions) – Options for the resource.
  • identifier (pulumi.Input[str]) – An identifier for the resource server.
  • name (pulumi.Input[str]) – A name for the resource server.
  • scopes (pulumi.Input[list]) – A list of Authorization Scope.
identifier = None

An identifier for the resource server.

name = None

A name for the resource server.

scopes = None

A list of Authorization Scope.

scope_identifiers = None

A list of all scopes configured for this resource server in the format identifier/scope_name.

static get(resource_name, id, opts=None, identifier=None, name=None, scopes=None, scope_identifiers=None, user_pool_id=None)

Get an existing ResourceServer resource’s state with the given name, id, and optional extra properties used to qualify the lookup. :param str resource_name: The unique name of the resulting resource. :param str id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] identifier: An identifier for the resource server. :param pulumi.Input[str] name: A name for the resource server. :param pulumi.Input[list] scopes: A list of Authorization Scope. :param pulumi.Input[list] scope_identifiers: A list of all scopes configured for this resource server in the format identifier/scope_name.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
class pulumi_aws.cognito.UserGroup(resource_name, opts=None, description=None, name=None, precedence=None, role_arn=None, user_pool_id=None, __props__=None, __name__=None, __opts__=None)

Provides a Cognito User Group resource.

Parameters:
  • resource_name (str) – The name of the resource.
  • opts (pulumi.ResourceOptions) – Options for the resource.
  • description (pulumi.Input[str]) – The description of the user group.
  • name (pulumi.Input[str]) – The name of the user group.
  • precedence (pulumi.Input[float]) – The precedence of the user group.
  • role_arn (pulumi.Input[str]) – The ARN of the IAM role to be associated with the user group.
  • user_pool_id (pulumi.Input[str]) – The user pool ID.
description = None

The description of the user group.

name = None

The name of the user group.

precedence = None

The precedence of the user group.

role_arn = None

The ARN of the IAM role to be associated with the user group.

user_pool_id = None

The user pool ID.

static get(resource_name, id, opts=None, description=None, name=None, precedence=None, role_arn=None, user_pool_id=None)

Get an existing UserGroup resource’s state with the given name, id, and optional extra properties used to qualify the lookup. :param str resource_name: The unique name of the resulting resource. :param str id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] description: The description of the user group. :param pulumi.Input[str] name: The name of the user group. :param pulumi.Input[float] precedence: The precedence of the user group. :param pulumi.Input[str] role_arn: The ARN of the IAM role to be associated with the user group. :param pulumi.Input[str] user_pool_id: The user pool ID.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
class pulumi_aws.cognito.UserPool(resource_name, opts=None, admin_create_user_config=None, alias_attributes=None, auto_verified_attributes=None, device_configuration=None, email_configuration=None, email_verification_message=None, email_verification_subject=None, lambda_config=None, mfa_configuration=None, name=None, password_policy=None, schemas=None, sms_authentication_message=None, sms_configuration=None, sms_verification_message=None, tags=None, user_pool_add_ons=None, username_attributes=None, verification_message_template=None, __props__=None, __name__=None, __opts__=None)

Provides a Cognito User Pool resource.

Parameters:
  • resource_name (str) – The name of the resource.
  • opts (pulumi.ResourceOptions) – Options for the resource.
  • admin_create_user_config (pulumi.Input[dict]) – The configuration for AdminCreateUser requests.
  • alias_attributes (pulumi.Input[list]) – Attributes supported as an alias for this user pool. Possible values: phone_number, email, or preferred_username. Conflicts with username_attributes.
  • auto_verified_attributes (pulumi.Input[list]) – The attributes to be auto-verified. Possible values: email, phone_number.
  • device_configuration (pulumi.Input[dict]) – The configuration for the user pool’s device tracking.
  • email_configuration (pulumi.Input[dict]) – The Email Configuration.
  • email_verification_message (pulumi.Input[str]) – A string representing the email verification message. Conflicts with verification_message_template configuration block email_message argument.
  • email_verification_subject (pulumi.Input[str]) – A string representing the email verification subject. Conflicts with verification_message_template configuration block email_subject argument.
  • lambda_config (pulumi.Input[dict]) – A container for the AWS Lambda triggers associated with the user pool.
  • mfa_configuration (pulumi.Input[str]) – Set to enable multi-factor authentication. Must be one of the following values (ON, OFF, OPTIONAL)
  • name (pulumi.Input[str]) – The name of the attribute.
  • password_policy (pulumi.Input[dict]) – A container for information about the user pool password policy.
  • schemas (pulumi.Input[list]) – A container with the schema attributes of a user pool. Maximum of 50 attributes.
  • sms_authentication_message (pulumi.Input[str]) – A string representing the SMS authentication message.
  • sms_configuration (pulumi.Input[dict]) – The SMS Configuration.
  • sms_verification_message (pulumi.Input[str]) – A string representing the SMS verification message. Conflicts with verification_message_template configuration block sms_message argument.
  • tags (pulumi.Input[dict]) – A mapping of tags to assign to the User Pool.
  • user_pool_add_ons (pulumi.Input[dict]) – Configuration block for user pool add-ons to enable user pool advanced security mode features.
  • username_attributes (pulumi.Input[list]) – Specifies whether email addresses or phone numbers can be specified as usernames when a user signs up. Conflicts with alias_attributes.
  • verification_message_template (pulumi.Input[dict]) – The verification message templates configuration.
admin_create_user_config = None

The configuration for AdminCreateUser requests.

alias_attributes = None

Attributes supported as an alias for this user pool. Possible values: phone_number, email, or preferred_username. Conflicts with username_attributes.

arn = None

The ARN of the user pool.

auto_verified_attributes = None

The attributes to be auto-verified. Possible values: email, phone_number.

creation_date = None

The date the user pool was created.

device_configuration = None

The configuration for the user pool’s device tracking.

email_configuration = None

The Email Configuration.

email_verification_message = None

A string representing the email verification message. Conflicts with verification_message_template configuration block email_message argument.

email_verification_subject = None

A string representing the email verification subject. Conflicts with verification_message_template configuration block email_subject argument.

endpoint = None

The endpoint name of the user pool. Example format: cognito-idp.REGION.amazonaws.com/xxxx_yyyyy

lambda_config = None

A container for the AWS Lambda triggers associated with the user pool.

last_modified_date = None

The date the user pool was last modified.

mfa_configuration = None

Set to enable multi-factor authentication. Must be one of the following values (ON, OFF, OPTIONAL)

name = None

The name of the attribute.

password_policy = None

A container for information about the user pool password policy.

schemas = None

A container with the schema attributes of a user pool. Maximum of 50 attributes.

sms_authentication_message = None

A string representing the SMS authentication message.

sms_configuration = None

The SMS Configuration.

sms_verification_message = None

A string representing the SMS verification message. Conflicts with verification_message_template configuration block sms_message argument.

tags = None

A mapping of tags to assign to the User Pool.

user_pool_add_ons = None

Configuration block for user pool add-ons to enable user pool advanced security mode features.

username_attributes = None

Specifies whether email addresses or phone numbers can be specified as usernames when a user signs up. Conflicts with alias_attributes.

verification_message_template = None

The verification message templates configuration.

static get(resource_name, id, opts=None, admin_create_user_config=None, alias_attributes=None, arn=None, auto_verified_attributes=None, creation_date=None, device_configuration=None, email_configuration=None, email_verification_message=None, email_verification_subject=None, endpoint=None, lambda_config=None, last_modified_date=None, mfa_configuration=None, name=None, password_policy=None, schemas=None, sms_authentication_message=None, sms_configuration=None, sms_verification_message=None, tags=None, user_pool_add_ons=None, username_attributes=None, verification_message_template=None)

Get an existing UserPool resource’s state with the given name, id, and optional extra properties used to qualify the lookup. :param str resource_name: The unique name of the resulting resource. :param str id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[dict] admin_create_user_config: The configuration for AdminCreateUser requests. :param pulumi.Input[list] alias_attributes: Attributes supported as an alias for this user pool. Possible values: phone_number, email, or preferred_username. Conflicts with username_attributes. :param pulumi.Input[str] arn: The ARN of the user pool. :param pulumi.Input[list] auto_verified_attributes: The attributes to be auto-verified. Possible values: email, phone_number. :param pulumi.Input[str] creation_date: The date the user pool was created. :param pulumi.Input[dict] device_configuration: The configuration for the user pool’s device tracking. :param pulumi.Input[dict] email_configuration: The Email Configuration. :param pulumi.Input[str] email_verification_message: A string representing the email verification message. Conflicts with verification_message_template configuration block email_message argument. :param pulumi.Input[str] email_verification_subject: A string representing the email verification subject. Conflicts with verification_message_template configuration block email_subject argument. :param pulumi.Input[str] endpoint: The endpoint name of the user pool. Example format: cognito-idp.REGION.amazonaws.com/xxxx_yyyyy :param pulumi.Input[dict] lambda_config: A container for the AWS Lambda triggers associated with the user pool. :param pulumi.Input[str] last_modified_date: The date the user pool was last modified. :param pulumi.Input[str] mfa_configuration: Set to enable multi-factor authentication. Must be one of the following values (ON, OFF, OPTIONAL) :param pulumi.Input[str] name: The name of the attribute. :param pulumi.Input[dict] password_policy: A container for information about the user pool password policy. :param pulumi.Input[list] schemas: A container with the schema attributes of a user pool. Maximum of 50 attributes. :param pulumi.Input[str] sms_authentication_message: A string representing the SMS authentication message. :param pulumi.Input[dict] sms_configuration: The SMS Configuration. :param pulumi.Input[str] sms_verification_message: A string representing the SMS verification message. Conflicts with verification_message_template configuration block sms_message argument. :param pulumi.Input[dict] tags: A mapping of tags to assign to the User Pool. :param pulumi.Input[dict] user_pool_add_ons: Configuration block for user pool add-ons to enable user pool advanced security mode features. :param pulumi.Input[list] username_attributes: Specifies whether email addresses or phone numbers can be specified as usernames when a user signs up. Conflicts with alias_attributes. :param pulumi.Input[dict] verification_message_template: The verification message templates configuration.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
class pulumi_aws.cognito.UserPoolClient(resource_name, opts=None, allowed_oauth_flows=None, allowed_oauth_flows_user_pool_client=None, allowed_oauth_scopes=None, callback_urls=None, default_redirect_uri=None, explicit_auth_flows=None, generate_secret=None, logout_urls=None, name=None, read_attributes=None, refresh_token_validity=None, supported_identity_providers=None, user_pool_id=None, write_attributes=None, __props__=None, __name__=None, __opts__=None)

Provides a Cognito User Pool Client resource.

Parameters:
  • resource_name (str) – The name of the resource.
  • opts (pulumi.ResourceOptions) – Options for the resource.
  • allowed_oauth_flows (pulumi.Input[list]) – List of allowed OAuth flows (code, implicit, client_credentials).
  • allowed_oauth_flows_user_pool_client (pulumi.Input[bool]) – Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.
  • allowed_oauth_scopes (pulumi.Input[list]) – List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).
  • callback_urls (pulumi.Input[list]) – List of allowed callback URLs for the identity providers.
  • default_redirect_uri (pulumi.Input[str]) – The default redirect URI. Must be in the list of callback URLs.
  • explicit_auth_flows (pulumi.Input[list]) – List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH).
  • generate_secret (pulumi.Input[bool]) – Should an application secret be generated.
  • logout_urls (pulumi.Input[list]) – List of allowed logout URLs for the identity providers.
  • name (pulumi.Input[str]) – The name of the application client.
  • read_attributes (pulumi.Input[list]) – List of user pool attributes the application client can read from.
  • refresh_token_validity (pulumi.Input[float]) – The time limit in days refresh tokens are valid for.
  • supported_identity_providers (pulumi.Input[list]) – List of provider names for the identity providers that are supported on this client.
  • user_pool_id (pulumi.Input[str]) – The user pool the client belongs to.
  • write_attributes (pulumi.Input[list]) – List of user pool attributes the application client can write to.
allowed_oauth_flows = None

List of allowed OAuth flows (code, implicit, client_credentials).

allowed_oauth_flows_user_pool_client = None

Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.

allowed_oauth_scopes = None

List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).

callback_urls = None

List of allowed callback URLs for the identity providers.

client_secret = None

The client secret of the user pool client.

default_redirect_uri = None

The default redirect URI. Must be in the list of callback URLs.

explicit_auth_flows = None

List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH).

generate_secret = None

Should an application secret be generated.

logout_urls = None

List of allowed logout URLs for the identity providers.

name = None

The name of the application client.

read_attributes = None

List of user pool attributes the application client can read from.

refresh_token_validity = None

The time limit in days refresh tokens are valid for.

supported_identity_providers = None

List of provider names for the identity providers that are supported on this client.

user_pool_id = None

The user pool the client belongs to.

write_attributes = None

List of user pool attributes the application client can write to.

static get(resource_name, id, opts=None, allowed_oauth_flows=None, allowed_oauth_flows_user_pool_client=None, allowed_oauth_scopes=None, callback_urls=None, client_secret=None, default_redirect_uri=None, explicit_auth_flows=None, generate_secret=None, logout_urls=None, name=None, read_attributes=None, refresh_token_validity=None, supported_identity_providers=None, user_pool_id=None, write_attributes=None)

Get an existing UserPoolClient resource’s state with the given name, id, and optional extra properties used to qualify the lookup. :param str resource_name: The unique name of the resulting resource. :param str id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[list] allowed_oauth_flows: List of allowed OAuth flows (code, implicit, client_credentials). :param pulumi.Input[bool] allowed_oauth_flows_user_pool_client: Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools. :param pulumi.Input[list] allowed_oauth_scopes: List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin). :param pulumi.Input[list] callback_urls: List of allowed callback URLs for the identity providers. :param pulumi.Input[str] client_secret: The client secret of the user pool client. :param pulumi.Input[str] default_redirect_uri: The default redirect URI. Must be in the list of callback URLs. :param pulumi.Input[list] explicit_auth_flows: List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH). :param pulumi.Input[bool] generate_secret: Should an application secret be generated. :param pulumi.Input[list] logout_urls: List of allowed logout URLs for the identity providers. :param pulumi.Input[str] name: The name of the application client. :param pulumi.Input[list] read_attributes: List of user pool attributes the application client can read from. :param pulumi.Input[float] refresh_token_validity: The time limit in days refresh tokens are valid for. :param pulumi.Input[list] supported_identity_providers: List of provider names for the identity providers that are supported on this client. :param pulumi.Input[str] user_pool_id: The user pool the client belongs to. :param pulumi.Input[list] write_attributes: List of user pool attributes the application client can write to.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
class pulumi_aws.cognito.UserPoolDomain(resource_name, opts=None, certificate_arn=None, domain=None, user_pool_id=None, __props__=None, __name__=None, __opts__=None)

Provides a Cognito User Pool Domain resource.

Parameters:
  • resource_name (str) – The name of the resource.
  • opts (pulumi.ResourceOptions) – Options for the resource.
  • certificate_arn (pulumi.Input[str]) – The ARN of an ISSUED ACM certificate in us-east-1 for a custom domain.
  • domain (pulumi.Input[str]) – The domain string.
  • user_pool_id (pulumi.Input[str]) – The user pool ID.
aws_account_id = None

The AWS account ID for the user pool owner.

certificate_arn = None

The ARN of an ISSUED ACM certificate in us-east-1 for a custom domain.

cloudfront_distribution_arn = None

The ARN of the CloudFront distribution.

domain = None

The domain string.

s3_bucket = None

The S3 bucket where the static files for this domain are stored.

user_pool_id = None

The user pool ID.

version = None

The app version.

static get(resource_name, id, opts=None, aws_account_id=None, certificate_arn=None, cloudfront_distribution_arn=None, domain=None, s3_bucket=None, user_pool_id=None, version=None)

Get an existing UserPoolDomain resource’s state with the given name, id, and optional extra properties used to qualify the lookup. :param str resource_name: The unique name of the resulting resource. :param str id: The unique provider ID of the resource to lookup. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] aws_account_id: The AWS account ID for the user pool owner. :param pulumi.Input[str] certificate_arn: The ARN of an ISSUED ACM certificate in us-east-1 for a custom domain. :param pulumi.Input[str] cloudfront_distribution_arn: The ARN of the CloudFront distribution. :param pulumi.Input[str] domain: The domain string. :param pulumi.Input[str] s3_bucket: The S3 bucket where the static files for this domain are stored. :param pulumi.Input[str] user_pool_id: The user pool ID. :param pulumi.Input[str] version: The app version.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters:prop (str) – A property name.
Returns:A potentially transformed property name.
Return type:str
pulumi_aws.cognito.get_user_pools(name=None, opts=None)

Use this data source to get a list of cognito user pools.