AWS Amazon Cognito Identity Pool
This page shows how to write Terraform and CloudFormation for Amazon Cognito Identity Pool and write them securely.
aws_cognito_identity_pool (Terraform)
The Identity Pool in Amazon Cognito can be configured in Terraform with the resource name aws_cognito_identity_pool
. The following sections describe 1 example of how to use the resource and its parameters.
Example Usage from GitHub
resource "aws_cognito_identity_pool" "identity_pool" {
identity_pool_name = "identity pool"
allow_unauthenticated_identities = false
cognito_identity_providers {
client_id = aws_cognito_user_pool_client.client.id
Parameters
-
allow_unauthenticated_identities
optional - bool -
arn
optional computed - string -
developer_provider_name
optional - string -
id
optional computed - string -
identity_pool_name
required - string -
openid_connect_provider_arns
optional - set of string -
saml_provider_arns
optional - list of string -
supported_login_providers
optional - map from string to string -
tags
optional - map from string to string -
cognito_identity_providers
set block-
client_id
optional - string -
provider_name
optional - string -
server_side_token_check
optional - bool
-
Explanation in Terraform Registry
Provides an AWS Cognito Identity Pool.
AWS::Cognito::IdentityPool (CloudFormation)
The IdentityPool in Cognito can be configured in CloudFormation with the resource name AWS::Cognito::IdentityPool
. The following sections describe 10 examples of how to use the resource and its parameters.
Example Usage from GitHub
Type: "AWS::Cognito::IdentityPool"
Properties:
IdentityPoolName: ${self:service}-${self:custom.stage}
AllowUnauthenticatedIdentities: false
CognitoIdentityProviders:
- ClientId: !Ref UserPoolClient
Type: AWS::Cognito::IdentityPool
Properties:
AllowUnauthenticatedIdentities: false
IdentityPoolName: ${self:provider.stackTags.name}-v1-identity-pool
Outputs:
IdentityPoolId:
Type: AWS::Cognito::IdentityPool
Properties:
IdentityPoolName: ${self:provider.environment.COGNITO_IDENTITY_POOL_NAME}
AllowUnauthenticatedIdentities: false
CognitoIdentityProviders:
- ClientId:
Type: AWS::Cognito::IdentityPool
Properties:
IdentityPoolName: ${self:provider.stage}-${self:provider.stage}
AllowUnauthenticatedIdentities: true
CognitoIdentityProviders:
- ClientId:
Type: AWS::Cognito::IdentityPool
Properties:
IdentityPoolName: ${self:service}${self:custom.currentStage}IdentityPool
AllowUnauthenticatedIdentities: false
CognitoIdentityProviders:
- ClientId: { Ref: UserPoolClient }
"Type": "AWS::Cognito::IdentityPool",
"Properties": {
"IdentityPoolName": "UserPool",
"AllowUnauthenticatedIdentities": true
}
},
"Type": "AWS::Cognito::IdentityPool",
"Properties": {
"IdentityPoolName": "UserPool",
"AllowUnauthenticatedIdentities": true
}
},
"Type": "AWS::Cognito::IdentityPool",
"Properties": {
"IdentityPoolName": {
"Fn::Join": [
"__",
[
"Type": "AWS::Cognito::IdentityPool",
"Properties": {
"IdentityPoolName": {
"Fn::Join": [
"__",
[
"Type": "AWS::Cognito::IdentityPool",
"Properties": {
"AllowUnauthenticatedIdentities": true,
"CognitoIdentityProviders": [
{
"ClientId": {
Parameters
-
PushSync
optional - PushSync -
CognitoIdentityProviders
optional - List of CognitoIdentityProvider -
CognitoEvents
optional - Json -
DeveloperProviderName
optional - String -
CognitoStreams
optional - CognitoStreams -
IdentityPoolName
optional - String -
AllowUnauthenticatedIdentities
required - Boolean -
SupportedLoginProviders
optional - Json -
SamlProviderARNs
optional - List -
OpenIdConnectProviderARNs
optional - List -
AllowClassicFlow
optional - Boolean
Explanation in CloudFormation Registry
The
AWS::Cognito::IdentityPool
resource creates an Amazon Cognito identity pool.To avoid deleting the resource accidentally from AWS CloudFormation, use DeletionPolicy Attribute and the UpdateReplacePolicy Attribute to retain the resource on deletion or replacement.
Frequently asked questions
What is AWS Amazon Cognito Identity Pool?
AWS Amazon Cognito Identity Pool is a resource for Amazon Cognito of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.
Where can I find the example code for the AWS Amazon Cognito Identity Pool?
For Terraform, the andrzejsydor/aws source code example is useful. See the Terraform Example section for further details.
For CloudFormation, the Ankcorn/serverless-fullstack-example-app, syngenta-digital/docs-examples-security-by-design and NicKAnderson038/CognitoAuth source code examples are useful. See the CloudFormation Example section for further details.