Docs Home
AWS v6.81.0 published on Tuesday, May 20, 2025 by Pulumi
aws.cognito.IdentityPool
Explore with Pulumi AI
Provides an AWS Cognito Identity Pool.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
import * as std from "@pulumi/std";
const _default = new aws.iam.SamlProvider("default", {
name: "my-saml-provider",
samlMetadataDocument: std.file({
input: "saml-metadata.xml",
}).then(invoke => invoke.result),
});
const main = new aws.cognito.IdentityPool("main", {
identityPoolName: "identity pool",
allowUnauthenticatedIdentities: false,
allowClassicFlow: false,
cognitoIdentityProviders: [
{
clientId: "6lhlkkfbfb4q5kpp90urffae",
providerName: "cognito-idp.us-east-1.amazonaws.com/us-east-1_Tv0493apJ",
serverSideTokenCheck: false,
},
{
clientId: "7kodkvfqfb4qfkp39eurffae",
providerName: "cognito-idp.us-east-1.amazonaws.com/eu-west-1_Zr231apJu",
serverSideTokenCheck: false,
},
],
supportedLoginProviders: {
"graph.facebook.com": "7346241598935552",
"accounts.google.com": "123456789012.apps.googleusercontent.com",
},
samlProviderArns: [_default.arn],
openidConnectProviderArns: ["arn:aws:iam::123456789012:oidc-provider/id.example.com"],
});
import pulumi
import pulumi_aws as aws
import pulumi_std as std
default = aws.iam.SamlProvider("default",
name="my-saml-provider",
saml_metadata_document=std.file(input="saml-metadata.xml").result)
main = aws.cognito.IdentityPool("main",
identity_pool_name="identity pool",
allow_unauthenticated_identities=False,
allow_classic_flow=False,
cognito_identity_providers=[
{
"client_id": "6lhlkkfbfb4q5kpp90urffae",
"provider_name": "cognito-idp.us-east-1.amazonaws.com/us-east-1_Tv0493apJ",
"server_side_token_check": False,
},
{
"client_id": "7kodkvfqfb4qfkp39eurffae",
"provider_name": "cognito-idp.us-east-1.amazonaws.com/eu-west-1_Zr231apJu",
"server_side_token_check": False,
},
],
supported_login_providers={
"graph.facebook.com": "7346241598935552",
"accounts.google.com": "123456789012.apps.googleusercontent.com",
},
saml_provider_arns=[default.arn],
openid_connect_provider_arns=["arn:aws:iam::123456789012:oidc-provider/id.example.com"])
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
"github.com/pulumi/pulumi-std/sdk/go/std"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
invokeFile, err := std.File(ctx, &std.FileArgs{
Input: "saml-metadata.xml",
}, nil)
if err != nil {
return err
}
_default, err := iam.NewSamlProvider(ctx, "default", &iam.SamlProviderArgs{
Name: pulumi.String("my-saml-provider"),
SamlMetadataDocument: pulumi.String(invokeFile.Result),
})
if err != nil {
return err
}
_, err = cognito.NewIdentityPool(ctx, "main", &cognito.IdentityPoolArgs{
IdentityPoolName: pulumi.String("identity pool"),
AllowUnauthenticatedIdentities: pulumi.Bool(false),
AllowClassicFlow: pulumi.Bool(false),
CognitoIdentityProviders: cognito.IdentityPoolCognitoIdentityProviderArray{
&cognito.IdentityPoolCognitoIdentityProviderArgs{
ClientId: pulumi.String("6lhlkkfbfb4q5kpp90urffae"),
ProviderName: pulumi.String("cognito-idp.us-east-1.amazonaws.com/us-east-1_Tv0493apJ"),
ServerSideTokenCheck: pulumi.Bool(false),
},
&cognito.IdentityPoolCognitoIdentityProviderArgs{
ClientId: pulumi.String("7kodkvfqfb4qfkp39eurffae"),
ProviderName: pulumi.String("cognito-idp.us-east-1.amazonaws.com/eu-west-1_Zr231apJu"),
ServerSideTokenCheck: pulumi.Bool(false),
},
},
SupportedLoginProviders: pulumi.StringMap{
"graph.facebook.com": pulumi.String("7346241598935552"),
"accounts.google.com": pulumi.String("123456789012.apps.googleusercontent.com"),
},
SamlProviderArns: pulumi.StringArray{
_default.Arn,
},
OpenidConnectProviderArns: pulumi.StringArray{
pulumi.String("arn:aws:iam::123456789012:oidc-provider/id.example.com"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
using Std = Pulumi.Std;
return await Deployment.RunAsync(() =>
{
var @default = new Aws.Iam.SamlProvider("default", new()
{
Name = "my-saml-provider",
SamlMetadataDocument = Std.File.Invoke(new()
{
Input = "saml-metadata.xml",
}).Apply(invoke => invoke.Result),
});
var main = new Aws.Cognito.IdentityPool("main", new()
{
IdentityPoolName = "identity pool",
AllowUnauthenticatedIdentities = false,
AllowClassicFlow = false,
CognitoIdentityProviders = new[]
{
new Aws.Cognito.Inputs.IdentityPoolCognitoIdentityProviderArgs
{
ClientId = "6lhlkkfbfb4q5kpp90urffae",
ProviderName = "cognito-idp.us-east-1.amazonaws.com/us-east-1_Tv0493apJ",
ServerSideTokenCheck = false,
},
new Aws.Cognito.Inputs.IdentityPoolCognitoIdentityProviderArgs
{
ClientId = "7kodkvfqfb4qfkp39eurffae",
ProviderName = "cognito-idp.us-east-1.amazonaws.com/eu-west-1_Zr231apJu",
ServerSideTokenCheck = false,
},
},
SupportedLoginProviders =
{
{ "graph.facebook.com", "7346241598935552" },
{ "accounts.google.com", "123456789012.apps.googleusercontent.com" },
},
SamlProviderArns = new[]
{
@default.Arn,
},
OpenidConnectProviderArns = new[]
{
"arn:aws:iam::123456789012:oidc-provider/id.example.com",
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.iam.SamlProvider;
import com.pulumi.aws.iam.SamlProviderArgs;
import com.pulumi.std.StdFunctions;
import com.pulumi.std.inputs.FileArgs;
import com.pulumi.aws.cognito.IdentityPool;
import com.pulumi.aws.cognito.IdentityPoolArgs;
import com.pulumi.aws.cognito.inputs.IdentityPoolCognitoIdentityProviderArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var default_ = new SamlProvider("default", SamlProviderArgs.builder()
.name("my-saml-provider")
.samlMetadataDocument(StdFunctions.file(FileArgs.builder()
.input("saml-metadata.xml")
.build()).result())
.build());
var main = new IdentityPool("main", IdentityPoolArgs.builder()
.identityPoolName("identity pool")
.allowUnauthenticatedIdentities(false)
.allowClassicFlow(false)
.cognitoIdentityProviders(
IdentityPoolCognitoIdentityProviderArgs.builder()
.clientId("6lhlkkfbfb4q5kpp90urffae")
.providerName("cognito-idp.us-east-1.amazonaws.com/us-east-1_Tv0493apJ")
.serverSideTokenCheck(false)
.build(),
IdentityPoolCognitoIdentityProviderArgs.builder()
.clientId("7kodkvfqfb4qfkp39eurffae")
.providerName("cognito-idp.us-east-1.amazonaws.com/eu-west-1_Zr231apJu")
.serverSideTokenCheck(false)
.build())
.supportedLoginProviders(Map.ofEntries(
Map.entry("graph.facebook.com", "7346241598935552"),
Map.entry("accounts.google.com", "123456789012.apps.googleusercontent.com")
))
.samlProviderArns(default_.arn())
.openidConnectProviderArns("arn:aws:iam::123456789012:oidc-provider/id.example.com")
.build());
}
}
resources:
default:
type: aws:iam:SamlProvider
properties:
name: my-saml-provider
samlMetadataDocument:
fn::invoke:
function: std:file
arguments:
input: saml-metadata.xml
return: result
main:
type: aws:cognito:IdentityPool
properties:
identityPoolName: identity pool
allowUnauthenticatedIdentities: false
allowClassicFlow: false
cognitoIdentityProviders:
- clientId: 6lhlkkfbfb4q5kpp90urffae
providerName: cognito-idp.us-east-1.amazonaws.com/us-east-1_Tv0493apJ
serverSideTokenCheck: false
- clientId: 7kodkvfqfb4qfkp39eurffae
providerName: cognito-idp.us-east-1.amazonaws.com/eu-west-1_Zr231apJu
serverSideTokenCheck: false
supportedLoginProviders:
graph.facebook.com: '7346241598935552'
accounts.google.com: 123456789012.apps.googleusercontent.com
samlProviderArns:
- ${default.arn}
openidConnectProviderArns:
- arn:aws:iam::123456789012:oidc-provider/id.example.com
Create IdentityPool Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new IdentityPool(name: string, args: IdentityPoolArgs, opts?: CustomResourceOptions);@overload
def IdentityPool(resource_name: str,
args: IdentityPoolArgs,
opts: Optional[ResourceOptions] = None)
@overload
def IdentityPool(resource_name: str,
opts: Optional[ResourceOptions] = None,
identity_pool_name: Optional[str] = None,
allow_classic_flow: Optional[bool] = None,
allow_unauthenticated_identities: Optional[bool] = None,
cognito_identity_providers: Optional[Sequence[IdentityPoolCognitoIdentityProviderArgs]] = None,
developer_provider_name: Optional[str] = None,
openid_connect_provider_arns: Optional[Sequence[str]] = None,
saml_provider_arns: Optional[Sequence[str]] = None,
supported_login_providers: Optional[Mapping[str, str]] = None,
tags: Optional[Mapping[str, str]] = None)func NewIdentityPool(ctx *Context, name string, args IdentityPoolArgs, opts ...ResourceOption) (*IdentityPool, error)public IdentityPool(string name, IdentityPoolArgs args, CustomResourceOptions? opts = null)
public IdentityPool(String name, IdentityPoolArgs args)
public IdentityPool(String name, IdentityPoolArgs args, CustomResourceOptions options)
type: aws:cognito:IdentityPool
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args IdentityPoolArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args IdentityPoolArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args IdentityPoolArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args IdentityPoolArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args IdentityPoolArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var identityPoolResource = new Aws.Cognito.IdentityPool("identityPoolResource", new()
{
IdentityPoolName = "string",
AllowClassicFlow = false,
AllowUnauthenticatedIdentities = false,
CognitoIdentityProviders = new[]
{
new Aws.Cognito.Inputs.IdentityPoolCognitoIdentityProviderArgs
{
ClientId = "string",
ProviderName = "string",
ServerSideTokenCheck = false,
},
},
DeveloperProviderName = "string",
OpenidConnectProviderArns = new[]
{
"string",
},
SamlProviderArns = new[]
{
"string",
},
SupportedLoginProviders =
{
{ "string", "string" },
},
Tags =
{
{ "string", "string" },
},
});
example, err := cognito.NewIdentityPool(ctx, "identityPoolResource", &cognito.IdentityPoolArgs{
IdentityPoolName: pulumi.String("string"),
AllowClassicFlow: pulumi.Bool(false),
AllowUnauthenticatedIdentities: pulumi.Bool(false),
CognitoIdentityProviders: cognito.IdentityPoolCognitoIdentityProviderArray{
&cognito.IdentityPoolCognitoIdentityProviderArgs{
ClientId: pulumi.String("string"),
ProviderName: pulumi.String("string"),
ServerSideTokenCheck: pulumi.Bool(false),
},
},
DeveloperProviderName: pulumi.String("string"),
OpenidConnectProviderArns: pulumi.StringArray{
pulumi.String("string"),
},
SamlProviderArns: pulumi.StringArray{
pulumi.String("string"),
},
SupportedLoginProviders: pulumi.StringMap{
"string": pulumi.String("string"),
},
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
})
var identityPoolResource = new IdentityPool("identityPoolResource", IdentityPoolArgs.builder()
.identityPoolName("string")
.allowClassicFlow(false)
.allowUnauthenticatedIdentities(false)
.cognitoIdentityProviders(IdentityPoolCognitoIdentityProviderArgs.builder()
.clientId("string")
.providerName("string")
.serverSideTokenCheck(false)
.build())
.developerProviderName("string")
.openidConnectProviderArns("string")
.samlProviderArns("string")
.supportedLoginProviders(Map.of("string", "string"))
.tags(Map.of("string", "string"))
.build());
identity_pool_resource = aws.cognito.IdentityPool("identityPoolResource",
identity_pool_name="string",
allow_classic_flow=False,
allow_unauthenticated_identities=False,
cognito_identity_providers=[{
"client_id": "string",
"provider_name": "string",
"server_side_token_check": False,
}],
developer_provider_name="string",
openid_connect_provider_arns=["string"],
saml_provider_arns=["string"],
supported_login_providers={
"string": "string",
},
tags={
"string": "string",
})
const identityPoolResource = new aws.cognito.IdentityPool("identityPoolResource", {
identityPoolName: "string",
allowClassicFlow: false,
allowUnauthenticatedIdentities: false,
cognitoIdentityProviders: [{
clientId: "string",
providerName: "string",
serverSideTokenCheck: false,
}],
developerProviderName: "string",
openidConnectProviderArns: ["string"],
samlProviderArns: ["string"],
supportedLoginProviders: {
string: "string",
},
tags: {
string: "string",
},
});
type: aws:cognito:IdentityPool
properties:
allowClassicFlow: false
allowUnauthenticatedIdentities: false
cognitoIdentityProviders:
- clientId: string
providerName: string
serverSideTokenCheck: false
developerProviderName: string
identityPoolName: string
openidConnectProviderArns:
- string
samlProviderArns:
- string
supportedLoginProviders:
string: string
tags:
string: string
IdentityPool Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The IdentityPool resource accepts the following input properties:
- Identity
Pool stringName - The Cognito Identity Pool name.
- Allow
Classic boolFlow - Enables or disables the classic / basic authentication flow. Default is
false. - Allow
Unauthenticated boolIdentities - Whether the identity pool supports unauthenticated logins or not.
- Cognito
Identity List<IdentityProviders Pool Cognito Identity Provider> - An array of Amazon Cognito Identity user pools and their client IDs.
- Developer
Provider stringName - The "domain" by which Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider.
- Openid
Connect List<string>Provider Arns - Set of OpendID Connect provider ARNs.
- Saml
Provider List<string>Arns - An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.
- Supported
Login Dictionary<string, string>Providers - Key-Value pairs mapping provider names to provider app IDs.
- Dictionary<string, string>
- A map of tags to assign to the Identity Pool. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- Identity
Pool stringName - The Cognito Identity Pool name.
- Allow
Classic boolFlow - Enables or disables the classic / basic authentication flow. Default is
false. - Allow
Unauthenticated boolIdentities - Whether the identity pool supports unauthenticated logins or not.
- Cognito
Identity []IdentityProviders Pool Cognito Identity Provider Args - An array of Amazon Cognito Identity user pools and their client IDs.
- Developer
Provider stringName - The "domain" by which Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider.
- Openid
Connect []stringProvider Arns - Set of OpendID Connect provider ARNs.
- Saml
Provider []stringArns - An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.
- Supported
Login map[string]stringProviders - Key-Value pairs mapping provider names to provider app IDs.
- map[string]string
- A map of tags to assign to the Identity Pool. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- identity
Pool StringName - The Cognito Identity Pool name.
- allow
Classic BooleanFlow - Enables or disables the classic / basic authentication flow. Default is
false. - allow
Unauthenticated BooleanIdentities - Whether the identity pool supports unauthenticated logins or not.
- cognito
Identity List<IdentityProviders Pool Cognito Identity Provider> - An array of Amazon Cognito Identity user pools and their client IDs.
- developer
Provider StringName - The "domain" by which Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider.
- openid
Connect List<String>Provider Arns - Set of OpendID Connect provider ARNs.
- saml
Provider List<String>Arns - An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.
- supported
Login Map<String,String>Providers - Key-Value pairs mapping provider names to provider app IDs.
- Map<String,String>
- A map of tags to assign to the Identity Pool. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- identity
Pool stringName - The Cognito Identity Pool name.
- allow
Classic booleanFlow - Enables or disables the classic / basic authentication flow. Default is
false. - allow
Unauthenticated booleanIdentities - Whether the identity pool supports unauthenticated logins or not.
- cognito
Identity IdentityProviders Pool Cognito Identity Provider[] - An array of Amazon Cognito Identity user pools and their client IDs.
- developer
Provider stringName - The "domain" by which Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider.
- openid
Connect string[]Provider Arns - Set of OpendID Connect provider ARNs.
- saml
Provider string[]Arns - An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.
- supported
Login {[key: string]: string}Providers - Key-Value pairs mapping provider names to provider app IDs.
- {[key: string]: string}
- A map of tags to assign to the Identity Pool. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- identity_
pool_ strname - The Cognito Identity Pool name.
- allow_
classic_ boolflow - Enables or disables the classic / basic authentication flow. Default is
false. - allow_
unauthenticated_ boolidentities - Whether the identity pool supports unauthenticated logins or not.
- cognito_
identity_ Sequence[Identityproviders Pool Cognito Identity Provider Args] - An array of Amazon Cognito Identity user pools and their client IDs.
- developer_
provider_ strname - The "domain" by which Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider.
- openid_
connect_ Sequence[str]provider_ arns - Set of OpendID Connect provider ARNs.
- saml_
provider_ Sequence[str]arns - An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.
- supported_
login_ Mapping[str, str]providers - Key-Value pairs mapping provider names to provider app IDs.
- Mapping[str, str]
- A map of tags to assign to the Identity Pool. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
- identity
Pool StringName - The Cognito Identity Pool name.
- allow
Classic BooleanFlow - Enables or disables the classic / basic authentication flow. Default is
false. - allow
Unauthenticated BooleanIdentities - Whether the identity pool supports unauthenticated logins or not.
- cognito
Identity List<Property Map>Providers - An array of Amazon Cognito Identity user pools and their client IDs.
- developer
Provider StringName - The "domain" by which Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider.
- openid
Connect List<String>Provider Arns - Set of OpendID Connect provider ARNs.
- saml
Provider List<String>Arns - An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.
- supported
Login Map<String>Providers - Key-Value pairs mapping provider names to provider app IDs.
- Map<String>
- A map of tags to assign to the Identity Pool. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.
Outputs
All input properties are implicitly available as output properties. Additionally, the IdentityPool resource produces the following output properties:
Look up Existing IdentityPool Resource
Get an existing IdentityPool resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: IdentityPoolState, opts?: CustomResourceOptions): IdentityPool@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
allow_classic_flow: Optional[bool] = None,
allow_unauthenticated_identities: Optional[bool] = None,
arn: Optional[str] = None,
cognito_identity_providers: Optional[Sequence[IdentityPoolCognitoIdentityProviderArgs]] = None,
developer_provider_name: Optional[str] = None,
identity_pool_name: Optional[str] = None,
openid_connect_provider_arns: Optional[Sequence[str]] = None,
saml_provider_arns: Optional[Sequence[str]] = None,
supported_login_providers: Optional[Mapping[str, str]] = None,
tags: Optional[Mapping[str, str]] = None,
tags_all: Optional[Mapping[str, str]] = None) -> IdentityPoolfunc GetIdentityPool(ctx *Context, name string, id IDInput, state *IdentityPoolState, opts ...ResourceOption) (*IdentityPool, error)public static IdentityPool Get(string name, Input<string> id, IdentityPoolState? state, CustomResourceOptions? opts = null)public static IdentityPool get(String name, Output<String> id, IdentityPoolState state, CustomResourceOptions options)resources: _: type: aws:cognito:IdentityPool get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Allow
Classic boolFlow - Enables or disables the classic / basic authentication flow. Default is
false. - Allow
Unauthenticated boolIdentities - Whether the identity pool supports unauthenticated logins or not.
- Arn string
- The ARN of the identity pool.
- Cognito
Identity List<IdentityProviders Pool Cognito Identity Provider> - An array of Amazon Cognito Identity user pools and their client IDs.
- Developer
Provider stringName - The "domain" by which Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider.
- Identity
Pool stringName - The Cognito Identity Pool name.
- Openid
Connect List<string>Provider Arns - Set of OpendID Connect provider ARNs.
- Saml
Provider List<string>Arns - An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.
- Supported
Login Dictionary<string, string>Providers - Key-Value pairs mapping provider names to provider app IDs.
- Dictionary<string, string>
- A map of tags to assign to the Identity Pool. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Dictionary<string, string>
- A map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.
- Allow
Classic boolFlow - Enables or disables the classic / basic authentication flow. Default is
false. - Allow
Unauthenticated boolIdentities - Whether the identity pool supports unauthenticated logins or not.
- Arn string
- The ARN of the identity pool.
- Cognito
Identity []IdentityProviders Pool Cognito Identity Provider Args - An array of Amazon Cognito Identity user pools and their client IDs.
- Developer
Provider stringName - The "domain" by which Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider.
- Identity
Pool stringName - The Cognito Identity Pool name.
- Openid
Connect []stringProvider Arns - Set of OpendID Connect provider ARNs.
- Saml
Provider []stringArns - An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.
- Supported
Login map[string]stringProviders - Key-Value pairs mapping provider names to provider app IDs.
- map[string]string
- A map of tags to assign to the Identity Pool. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - map[string]string
- A map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.
- allow
Classic BooleanFlow - Enables or disables the classic / basic authentication flow. Default is
false. - allow
Unauthenticated BooleanIdentities - Whether the identity pool supports unauthenticated logins or not.
- arn String
- The ARN of the identity pool.
- cognito
Identity List<IdentityProviders Pool Cognito Identity Provider> - An array of Amazon Cognito Identity user pools and their client IDs.
- developer
Provider StringName - The "domain" by which Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider.
- identity
Pool StringName - The Cognito Identity Pool name.
- openid
Connect List<String>Provider Arns - Set of OpendID Connect provider ARNs.
- saml
Provider List<String>Arns - An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.
- supported
Login Map<String,String>Providers - Key-Value pairs mapping provider names to provider app IDs.
- Map<String,String>
- A map of tags to assign to the Identity Pool. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Map<String,String>
- A map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.
- allow
Classic booleanFlow - Enables or disables the classic / basic authentication flow. Default is
false. - allow
Unauthenticated booleanIdentities - Whether the identity pool supports unauthenticated logins or not.
- arn string
- The ARN of the identity pool.
- cognito
Identity IdentityProviders Pool Cognito Identity Provider[] - An array of Amazon Cognito Identity user pools and their client IDs.
- developer
Provider stringName - The "domain" by which Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider.
- identity
Pool stringName - The Cognito Identity Pool name.
- openid
Connect string[]Provider Arns - Set of OpendID Connect provider ARNs.
- saml
Provider string[]Arns - An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.
- supported
Login {[key: string]: string}Providers - Key-Value pairs mapping provider names to provider app IDs.
- {[key: string]: string}
- A map of tags to assign to the Identity Pool. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - {[key: string]: string}
- A map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.
- allow_
classic_ boolflow - Enables or disables the classic / basic authentication flow. Default is
false. - allow_
unauthenticated_ boolidentities - Whether the identity pool supports unauthenticated logins or not.
- arn str
- The ARN of the identity pool.
- cognito_
identity_ Sequence[Identityproviders Pool Cognito Identity Provider Args] - An array of Amazon Cognito Identity user pools and their client IDs.
- developer_
provider_ strname - The "domain" by which Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider.
- identity_
pool_ strname - The Cognito Identity Pool name.
- openid_
connect_ Sequence[str]provider_ arns - Set of OpendID Connect provider ARNs.
- saml_
provider_ Sequence[str]arns - An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.
- supported_
login_ Mapping[str, str]providers - Key-Value pairs mapping provider names to provider app IDs.
- Mapping[str, str]
- A map of tags to assign to the Identity Pool. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Mapping[str, str]
- A map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.
- allow
Classic BooleanFlow - Enables or disables the classic / basic authentication flow. Default is
false. - allow
Unauthenticated BooleanIdentities - Whether the identity pool supports unauthenticated logins or not.
- arn String
- The ARN of the identity pool.
- cognito
Identity List<Property Map>Providers - An array of Amazon Cognito Identity user pools and their client IDs.
- developer
Provider StringName - The "domain" by which Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider.
- identity
Pool StringName - The Cognito Identity Pool name.
- openid
Connect List<String>Provider Arns - Set of OpendID Connect provider ARNs.
- saml
Provider List<String>Arns - An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.
- supported
Login Map<String>Providers - Key-Value pairs mapping provider names to provider app IDs.
- Map<String>
- A map of tags to assign to the Identity Pool. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Map<String>
- A map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.
Supporting Types
IdentityPoolCognitoIdentityProvider, IdentityPoolCognitoIdentityProviderArgs
- Client
Id string - The client ID for the Amazon Cognito Identity User Pool.
- Provider
Name string - The provider name for an Amazon Cognito Identity User Pool.
- Server
Side boolToken Check - Whether server-side token validation is enabled for the identity provider’s token or not.
- Client
Id string - The client ID for the Amazon Cognito Identity User Pool.
- Provider
Name string - The provider name for an Amazon Cognito Identity User Pool.
- Server
Side boolToken Check - Whether server-side token validation is enabled for the identity provider’s token or not.
- client
Id String - The client ID for the Amazon Cognito Identity User Pool.
- provider
Name String - The provider name for an Amazon Cognito Identity User Pool.
- server
Side BooleanToken Check - Whether server-side token validation is enabled for the identity provider’s token or not.
- client
Id string - The client ID for the Amazon Cognito Identity User Pool.
- provider
Name string - The provider name for an Amazon Cognito Identity User Pool.
- server
Side booleanToken Check - Whether server-side token validation is enabled for the identity provider’s token or not.
- client_
id str - The client ID for the Amazon Cognito Identity User Pool.
- provider_
name str - The provider name for an Amazon Cognito Identity User Pool.
- server_
side_ booltoken_ check - Whether server-side token validation is enabled for the identity provider’s token or not.
- client
Id String - The client ID for the Amazon Cognito Identity User Pool.
- provider
Name String - The provider name for an Amazon Cognito Identity User Pool.
- server
Side BooleanToken Check - Whether server-side token validation is enabled for the identity provider’s token or not.
Import
Using pulumi import, import Cognito Identity Pool using its ID. For example:
$ pulumi import aws:cognito/identityPool:IdentityPool mypool us-west-2:1a234567-8901-234b-5cde-f6789g01h2i3
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.