@aws-cdk_aws-cognito-identitypool-alpha.IdentityPoolRoleMapping

interface IdentityPoolRoleMapping ๐Ÿ”น

LanguageType name
.NETAmazon.CDK.AWS.Cognito.IdentityPool.Alpha.IdentityPoolRoleMapping
Gogithub.com/aws/aws-cdk-go/awscdkcognitoidentitypoolalpha/v2#IdentityPoolRoleMapping
Javasoftware.amazon.awscdk.services.cognito.identitypool.alpha.IdentityPoolRoleMapping
Pythonaws_cdk.aws_cognito_identitypool_alpha.IdentityPoolRoleMapping
TypeScript (source)@aws-cdk/aws-cognito-identitypool-alpha ยป IdentityPoolRoleMapping

Map roles to users in the identity pool based on claims from the Identity Provider.

See also: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypoolroleattachment.html

Example

import { IdentityPoolRoleMapping } from '@aws-cdk/aws-cognito-identitypool-alpha';

declare const identityPool: IdentityPool;
declare const myAddedRoleMapping1: IdentityPoolRoleMapping;
declare const myAddedRoleMapping2: IdentityPoolRoleMapping;
declare const myAddedRoleMapping3: IdentityPoolRoleMapping;

identityPool.addRoleMappings(myAddedRoleMapping1, myAddedRoleMapping2, myAddedRoleMapping3);

Properties

NameTypeDescription
providerUrl๐Ÿ”นIdentityPoolProviderUrlThe url of the provider of for which the role is mapped.
mappingKey?๐Ÿ”นstringThe key used for the role mapping in the role mapping hash.
resolveAmbiguousRoles?๐Ÿ”นbooleanAllow for role assumption when results of role mapping are ambiguous.
rules?๐Ÿ”นRoleMappingRule[]The claim and value that must be matched in order to assume the role.
useToken?๐Ÿ”นbooleanIf true then mapped roles must be passed through the cognito:roles or cognito:preferred_role claims from identity provider.

providerUrl๐Ÿ”น

Type: IdentityPoolProviderUrl

The url of the provider of for which the role is mapped.


mappingKey?๐Ÿ”น

Type: string (optional, default: the provided providerUrl)

The key used for the role mapping in the role mapping hash.

Required if the providerUrl is a token.


resolveAmbiguousRoles?๐Ÿ”น

Type: boolean (optional, default: false - Ambiguous role resolutions will lead to requester being denied)

Allow for role assumption when results of role mapping are ambiguous.


rules?๐Ÿ”น

Type: RoleMappingRule[] (optional, default: No Rule Mapping Rule)

The claim and value that must be matched in order to assume the role.

Required if useToken is false


useToken?๐Ÿ”น

Type: boolean (optional, default: false)

If true then mapped roles must be passed through the cognito:roles or cognito:preferred_role claims from identity provider.

See also: https://docs.aws.amazon.com/cognito/latest/developerguide/role-based-access-control.html#using-tokens-to-assign-roles-to-users