AWS Amazon Cognito Identity Provider

This page shows how to write Terraform and CloudFormation for Amazon Cognito Identity Provider and write them securely.

aws_cognito_identity_provider (Terraform)

The Identity Provider in Amazon Cognito can be configured in Terraform with the resource name aws_cognito_identity_provider. The following sections describe 5 examples of how to use the resource and its parameters.

Example Usage from GitHub

cognito.tf#L26
resource "aws_cognito_identity_provider" "identity-provider-google" {
  user_pool_id  = aws_cognito_user_pool.user-pool.id
  provider_name = "Google"
  provider_type = "Google"

  provider_details = {
main.tf#L2
resource "aws_cognito_identity_provider" "idp" {
  user_pool_id = var.user_pool_id
  provider_name = var.provider_name
  provider_type = var.provider_type

  provider_details = {
identity_provider.tf#L4
resource "aws_cognito_identity_provider" "google" {
  user_pool_id  = aws_cognito_user_pool.users.id
  provider_name = "Google"
  provider_type = "Google"

  provider_details = {
main.tf#L14
resource "aws_cognito_identity_provider" "google" {
  user_pool_id  = aws_cognito_user_pool.user_pool.id
  provider_name = "Google"
  provider_type = "Google"

  provider_details = {
main.tf#L1
resource "aws_cognito_identity_provider" "provider" {
  user_pool_id  = var.user_pool_id
  provider_name = var.provider_name
  provider_type = var.provider_type

  provider_details = {

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

Explanation in Terraform Registry

Provides a Cognito User Identity Provider resource.

AWS::Cognito::UserPoolIdentityProvider (CloudFormation)

The UserPoolIdentityProvider in Cognito can be configured in CloudFormation with the resource name AWS::Cognito::UserPoolIdentityProvider. The following sections describe 10 examples of how to use the resource and its parameters.

Example Usage from GitHub

DEV01-CognitoUserPool.yml#L59
    Type: AWS::Cognito::UserPoolIdentityProvider
    Properties:
      AttributeMapping:
        email: email
        Username: id
        preferred_username: name
cognito-template.yml#L58
    Type: AWS::Cognito::UserPoolIdentityProvider
    Properties:
      UserPoolId: !Ref HoSCognitoUserPool
      ProviderName: Google
      ProviderDetails:
        client_id: 712951823298-63bvjn7kmibubnc1pae68egovm3rijo8.apps.googleusercontent.com
cognito-identity-providers.yml#L3
    Type: AWS::Cognito::UserPoolIdentityProvider
    Properties:
      ProviderName: Google
      AttributeMapping:
        name: name
        email: email
cognito-identity-pool.yml#L28
    Type: AWS::Cognito::UserPoolIdentityProvider
    Properties:
      UserPoolId: !Ref CognitoUserPoolAppUserPool
      ProviderName: "Facebook"
      ProviderDetails:
        client_id: FACEBOOK_CLIENT_ID #TODO
serverless.yml#L16
      Type: AWS::Cognito::UserPoolIdentityProvider
      Properties:
        ProviderName: Google
        AttributeMapping:
          name: name
          email: email
integ.user-pool-idp.apple.expected.json#L73
      "Type": "AWS::Cognito::UserPoolIdentityProvider",
      "Properties": {
        "ProviderName": "SignInWithApple",
        "ProviderType": "SignInWithApple",
        "UserPoolId": {
          "Ref": "pool056F3F7E"
integ.user-pool-idp.amazon.expected.json#L73
      "Type": "AWS::Cognito::UserPoolIdentityProvider",
      "Properties": {
        "ProviderName": "LoginWithAmazon",
        "ProviderType": "LoginWithAmazon",
        "UserPoolId": {
          "Ref": "pool056F3F7E"
integ.user-pool-idp.google.expected.json#L73
      "Type": "AWS::Cognito::UserPoolIdentityProvider",
      "Properties": {
        "ProviderName": "Google",
        "ProviderType": "Google",
        "UserPoolId": {
          "Ref": "pool056F3F7E"
CognitoUserPoolIdentityProviderSpecification.json#L3
    "AWS::Cognito::UserPoolIdentityProvider": {
      "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolidentityprovider.html",
      "Properties": {
        "ProviderName": {
          "Required": true,
          "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolidentityprovider.html#cfn-cognito-userpoolidentityprovider-providername",
cognito.json#L101
            "Type": "AWS::Cognito::UserPoolIdentityProvider",
            "Properties": {
                "UserPoolId": {
                    "Ref": "TFCRUserPool"
                },
                "ProviderName": "Google",

Parameters

Explanation in CloudFormation Registry

The AWS::Cognito::UserPoolIdentityProvider resource creates an identity provider for a user pool.

Frequently asked questions

What is AWS Amazon Cognito Identity Provider?

AWS Amazon Cognito Identity Provider is a resource for Amazon Cognito of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS Amazon Cognito Identity Provider?

For Terraform, the MHekert/nestjs-auth, mjedrasz/ttd-terraform and Dromadon/hallebarde source code examples are useful. See the Terraform Example section for further details.

For CloudFormation, the avi-leeker/examples, Helfer-Portal/helponspot-api-gateway and wednesday-solutions/serverless source code examples are useful. See the CloudFormation Example section for further details.