Manages an AWS Cognito user pool connector in Dex using the generic OIDC connector (type: oidc). This connector allows users to authenticate using their AWS Cognito credentials.
Create CognitoOidcConnector Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new CognitoOidcConnector(name: string, args: CognitoOidcConnectorArgs, opts?: CustomResourceOptions);@overload
def CognitoOidcConnector(resource_name: str,
args: CognitoOidcConnectorArgs,
opts: Optional[ResourceOptions] = None)
@overload
def CognitoOidcConnector(resource_name: str,
opts: Optional[ResourceOptions] = None,
client_id: Optional[str] = None,
client_secret: Optional[str] = None,
connector_id: Optional[str] = None,
name: Optional[str] = None,
redirect_uri: Optional[str] = None,
region: Optional[str] = None,
user_pool_id: Optional[str] = None,
extra_oidc: Optional[Mapping[str, Any]] = None,
scopes: Optional[Sequence[str]] = None,
user_name_source: Optional[str] = None)func NewCognitoOidcConnector(ctx *Context, name string, args CognitoOidcConnectorArgs, opts ...ResourceOption) (*CognitoOidcConnector, error)public CognitoOidcConnector(string name, CognitoOidcConnectorArgs args, CustomResourceOptions? opts = null)
public CognitoOidcConnector(String name, CognitoOidcConnectorArgs args)
public CognitoOidcConnector(String name, CognitoOidcConnectorArgs args, CustomResourceOptions options)
type: dex:resources:CognitoOidcConnector
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args CognitoOidcConnectorArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CognitoOidcConnectorArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CognitoOidcConnectorArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CognitoOidcConnectorArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CognitoOidcConnectorArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var cognitoOidcConnectorResource = new Dex.Resources.CognitoOidcConnector("cognitoOidcConnectorResource", new()
{
ClientId = "string",
ClientSecret = "string",
ConnectorId = "string",
Name = "string",
RedirectUri = "string",
Region = "string",
UserPoolId = "string",
ExtraOidc =
{
{ "string", "any" },
},
Scopes = new[]
{
"string",
},
UserNameSource = "string",
});
example, err := resources.NewCognitoOidcConnector(ctx, "cognitoOidcConnectorResource", &resources.CognitoOidcConnectorArgs{
ClientId: pulumi.String("string"),
ClientSecret: pulumi.String("string"),
ConnectorId: pulumi.String("string"),
Name: pulumi.String("string"),
RedirectUri: pulumi.String("string"),
Region: pulumi.String("string"),
UserPoolId: pulumi.String("string"),
ExtraOidc: pulumi.Map{
"string": pulumi.Any("any"),
},
Scopes: pulumi.StringArray{
pulumi.String("string"),
},
UserNameSource: pulumi.String("string"),
})
var cognitoOidcConnectorResource = new CognitoOidcConnector("cognitoOidcConnectorResource", CognitoOidcConnectorArgs.builder()
.clientId("string")
.clientSecret("string")
.connectorId("string")
.name("string")
.redirectUri("string")
.region("string")
.userPoolId("string")
.extraOidc(Map.of("string", "any"))
.scopes("string")
.userNameSource("string")
.build());
cognito_oidc_connector_resource = dex.resources.CognitoOidcConnector("cognitoOidcConnectorResource",
client_id="string",
client_secret="string",
connector_id="string",
name="string",
redirect_uri="string",
region="string",
user_pool_id="string",
extra_oidc={
"string": "any",
},
scopes=["string"],
user_name_source="string")
const cognitoOidcConnectorResource = new dex.resources.CognitoOidcConnector("cognitoOidcConnectorResource", {
clientId: "string",
clientSecret: "string",
connectorId: "string",
name: "string",
redirectUri: "string",
region: "string",
userPoolId: "string",
extraOidc: {
string: "any",
},
scopes: ["string"],
userNameSource: "string",
});
type: dex:resources:CognitoOidcConnector
properties:
clientId: string
clientSecret: string
connectorId: string
extraOidc:
string: any
name: string
redirectUri: string
region: string
scopes:
- string
userNameSource: string
userPoolId: string
CognitoOidcConnector Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The CognitoOidcConnector resource accepts the following input properties:
- Client
Id string - Cognito app client ID.
- Client
Secret string - Cognito app client secret.
- Connector
Id string - Unique identifier for the Cognito connector.
- Name string
- Human-readable name for the connector, displayed to users during login.
- Redirect
Uri string - Redirect URI registered in Cognito. Must match Dex's callback URL.
- Region string
- AWS region where the Cognito user pool is located (e.g., 'us-east-1', 'eu-west-1').
- User
Pool stringId - AWS Cognito user pool ID.
- Extra
Oidc Dictionary<string, object> - Additional OIDC configuration fields as key-value pairs for advanced scenarios.
- Scopes List<string>
- OIDC scopes to request from Cognito. Defaults to ['openid', 'email', 'profile'] if not specified.
- User
Name stringSource - Source for the username claim. Valid values: 'email' or 'sub' (subject).
- Client
Id string - Cognito app client ID.
- Client
Secret string - Cognito app client secret.
- Connector
Id string - Unique identifier for the Cognito connector.
- Name string
- Human-readable name for the connector, displayed to users during login.
- Redirect
Uri string - Redirect URI registered in Cognito. Must match Dex's callback URL.
- Region string
- AWS region where the Cognito user pool is located (e.g., 'us-east-1', 'eu-west-1').
- User
Pool stringId - AWS Cognito user pool ID.
- Extra
Oidc map[string]interface{} - Additional OIDC configuration fields as key-value pairs for advanced scenarios.
- Scopes []string
- OIDC scopes to request from Cognito. Defaults to ['openid', 'email', 'profile'] if not specified.
- User
Name stringSource - Source for the username claim. Valid values: 'email' or 'sub' (subject).
- client
Id String - Cognito app client ID.
- client
Secret String - Cognito app client secret.
- connector
Id String - Unique identifier for the Cognito connector.
- name String
- Human-readable name for the connector, displayed to users during login.
- redirect
Uri String - Redirect URI registered in Cognito. Must match Dex's callback URL.
- region String
- AWS region where the Cognito user pool is located (e.g., 'us-east-1', 'eu-west-1').
- user
Pool StringId - AWS Cognito user pool ID.
- extra
Oidc Map<String,Object> - Additional OIDC configuration fields as key-value pairs for advanced scenarios.
- scopes List<String>
- OIDC scopes to request from Cognito. Defaults to ['openid', 'email', 'profile'] if not specified.
- user
Name StringSource - Source for the username claim. Valid values: 'email' or 'sub' (subject).
- client
Id string - Cognito app client ID.
- client
Secret string - Cognito app client secret.
- connector
Id string - Unique identifier for the Cognito connector.
- name string
- Human-readable name for the connector, displayed to users during login.
- redirect
Uri string - Redirect URI registered in Cognito. Must match Dex's callback URL.
- region string
- AWS region where the Cognito user pool is located (e.g., 'us-east-1', 'eu-west-1').
- user
Pool stringId - AWS Cognito user pool ID.
- extra
Oidc {[key: string]: any} - Additional OIDC configuration fields as key-value pairs for advanced scenarios.
- scopes string[]
- OIDC scopes to request from Cognito. Defaults to ['openid', 'email', 'profile'] if not specified.
- user
Name stringSource - Source for the username claim. Valid values: 'email' or 'sub' (subject).
- client_
id str - Cognito app client ID.
- client_
secret str - Cognito app client secret.
- connector_
id str - Unique identifier for the Cognito connector.
- name str
- Human-readable name for the connector, displayed to users during login.
- redirect_
uri str - Redirect URI registered in Cognito. Must match Dex's callback URL.
- region str
- AWS region where the Cognito user pool is located (e.g., 'us-east-1', 'eu-west-1').
- user_
pool_ strid - AWS Cognito user pool ID.
- extra_
oidc Mapping[str, Any] - Additional OIDC configuration fields as key-value pairs for advanced scenarios.
- scopes Sequence[str]
- OIDC scopes to request from Cognito. Defaults to ['openid', 'email', 'profile'] if not specified.
- user_
name_ strsource - Source for the username claim. Valid values: 'email' or 'sub' (subject).
- client
Id String - Cognito app client ID.
- client
Secret String - Cognito app client secret.
- connector
Id String - Unique identifier for the Cognito connector.
- name String
- Human-readable name for the connector, displayed to users during login.
- redirect
Uri String - Redirect URI registered in Cognito. Must match Dex's callback URL.
- region String
- AWS region where the Cognito user pool is located (e.g., 'us-east-1', 'eu-west-1').
- user
Pool StringId - AWS Cognito user pool ID.
- extra
Oidc Map<Any> - Additional OIDC configuration fields as key-value pairs for advanced scenarios.
- scopes List<String>
- OIDC scopes to request from Cognito. Defaults to ['openid', 'email', 'profile'] if not specified.
- user
Name StringSource - Source for the username claim. Valid values: 'email' or 'sub' (subject).
Outputs
All input properties are implicitly available as output properties. Additionally, the CognitoOidcConnector resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Package Details
- Repository
- dex kotaicode/pulumi-dex
- License
