Top / Amazon Web Service / AWS Amazon Cognito / Identity Pool

AWS Amazon Cognito Identity Pool

This page shows how to write Terraform and CloudFormation for Amazon Cognito Identity Pool and write them securely.

terraform-logo

Review your .tf file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

aws_cognito_identity_pool (Terraform)

The Identity Pool in Amazon Cognito can be configured in Terraform with the resource name aws_cognito_identity_pool. The following sections describe 1 example of how to use the resource and its parameters.

Example Usage from GitHub

main.tf#L13
resource "aws_cognito_identity_pool" "identity_pool" {
  identity_pool_name               = "identity pool"
  allow_unauthenticated_identities = false

  cognito_identity_providers {
    client_id               = aws_cognito_user_pool_client.client.id

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

>> from Terraform Registry

Explanation in Terraform Registry

Provides an AWS Cognito Identity Pool.

>> from Terraform Registry

AWS::Cognito::IdentityPool (CloudFormation)

The IdentityPool in Cognito can be configured in CloudFormation with the resource name AWS::Cognito::IdentityPool. The following sections describe 10 examples of how to use the resource and its parameters.

Example Usage from GitHub

IdentityPool.yml#L4
    Type: "AWS::Cognito::IdentityPool"
    Properties:
      IdentityPoolName: ${self:service}-${self:custom.stage}
      AllowUnauthenticatedIdentities: false
      CognitoIdentityProviders:
        - ClientId: !Ref UserPoolClient
cognito-identity-pool.yml#L3
        Type: AWS::Cognito::IdentityPool
        Properties:
            AllowUnauthenticatedIdentities: false
            IdentityPoolName: ${self:provider.stackTags.name}-v1-identity-pool
Outputs:
    IdentityPoolId:
IdenityPool.yml#L3
  Type: AWS::Cognito::IdentityPool
  Properties:
    IdentityPoolName: ${self:provider.environment.COGNITO_IDENTITY_POOL_NAME}
    AllowUnauthenticatedIdentities: false
    CognitoIdentityProviders:
      - ClientId:
CognitoIdentityPool.yml#L1
Type: AWS::Cognito::IdentityPool
Properties:
  IdentityPoolName: ${self:provider.stage}-${self:provider.stage}
  AllowUnauthenticatedIdentities: true
  CognitoIdentityProviders:
    - ClientId:
identity-pool.yml#L1
Type: AWS::Cognito::IdentityPool
Properties:
  IdentityPoolName: ${self:service}${self:custom.currentStage}IdentityPool
  AllowUnauthenticatedIdentities: false
  CognitoIdentityProviders:
    - ClientId: { Ref: UserPoolClient }
cognito-tmp.json#L4
      "Type": "AWS::Cognito::IdentityPool",
      "Properties": {
        "IdentityPoolName": "UserPool",
        "AllowUnauthenticatedIdentities": true
      }
    },
cognito-tmp.json#L4
      "Type": "AWS::Cognito::IdentityPool",
      "Properties": {
        "IdentityPoolName": "UserPool",
        "AllowUnauthenticatedIdentities": true
      }
    },
template.json#L23
      "Type": "AWS::Cognito::IdentityPool",
      "Properties": {
        "IdentityPoolName": {
          "Fn::Join": [
            "__",
            [
template.json#L23
      "Type": "AWS::Cognito::IdentityPool",
      "Properties": {
        "IdentityPoolName": {
          "Fn::Join": [
            "__",
            [
identityPool.json#L2
    "Type": "AWS::Cognito::IdentityPool",
    "Properties": {
        "AllowUnauthenticatedIdentities": true,
        "CognitoIdentityProviders": [
            {
                "ClientId": {

Parameters

>> from AWS CloudFormation Documentation

Explanation in CloudFormation Registry

The AWS::Cognito::IdentityPool resource creates an Amazon Cognito identity pool.

To avoid deleting the resource accidentally from AWS CloudFormation, use DeletionPolicy Attribute and the UpdateReplacePolicy Attribute to retain the resource on deletion or replacement.

>> from AWS CloudFormation Documentation

The Other Related AWS Amazon Cognito Resources

Frequently asked questions

What is AWS Amazon Cognito Identity Pool?

AWS Amazon Cognito Identity Pool is a resource for Amazon Cognito of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS Amazon Cognito Identity Pool?

For Terraform, the andrzejsydor/aws source code example is useful. See the Terraform Example section for further details.

For CloudFormation, the Ankcorn/serverless-fullstack-example-app, syngenta-digital/docs-examples-security-by-design and NicKAnderson038/CognitoAuth source code examples are useful. See the CloudFormation Example section for further details.

security-icon

Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.

Table of Contents