Top / Amazon Web Service / AWS Amazon Cognito / Identity Provider

AWS Amazon Cognito Identity Provider

This page shows how to write Terraform and CloudFormation for Amazon Cognito Identity Provider and write them securely.

terraform-logo

Review your .tf file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

aws_cognito_identity_provider (Terraform)

The Identity Provider in Amazon Cognito can be configured in Terraform with the resource name aws_cognito_identity_provider. The following sections describe 5 examples of how to use the resource and its parameters.

Example Usage from GitHub

cognito.tf#L26
resource "aws_cognito_identity_provider" "identity-provider-google" {
  user_pool_id  = aws_cognito_user_pool.user-pool.id
  provider_name = "Google"
  provider_type = "Google"

  provider_details = {
main.tf#L2
resource "aws_cognito_identity_provider" "idp" {
  user_pool_id = var.user_pool_id
  provider_name = var.provider_name
  provider_type = var.provider_type

  provider_details = {
identity_provider.tf#L4
resource "aws_cognito_identity_provider" "google" {
  user_pool_id  = aws_cognito_user_pool.users.id
  provider_name = "Google"
  provider_type = "Google"

  provider_details = {
main.tf#L14
resource "aws_cognito_identity_provider" "google" {
  user_pool_id  = aws_cognito_user_pool.user_pool.id
  provider_name = "Google"
  provider_type = "Google"

  provider_details = {
main.tf#L1
resource "aws_cognito_identity_provider" "provider" {
  user_pool_id  = var.user_pool_id
  provider_name = var.provider_name
  provider_type = var.provider_type

  provider_details = {

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

>> from Terraform Registry

Explanation in Terraform Registry

Provides a Cognito User Identity Provider resource.

>> from Terraform Registry

AWS::Cognito::UserPoolIdentityProvider (CloudFormation)

The UserPoolIdentityProvider in Cognito can be configured in CloudFormation with the resource name AWS::Cognito::UserPoolIdentityProvider. The following sections describe 10 examples of how to use the resource and its parameters.

Example Usage from GitHub

DEV01-CognitoUserPool.yml#L59
    Type: AWS::Cognito::UserPoolIdentityProvider
    Properties:
      AttributeMapping:
        email: email
        Username: id
        preferred_username: name
cognito-template.yml#L58
    Type: AWS::Cognito::UserPoolIdentityProvider
    Properties:
      UserPoolId: !Ref HoSCognitoUserPool
      ProviderName: Google
      ProviderDetails:
        client_id: 712951823298-63bvjn7kmibubnc1pae68egovm3rijo8.apps.googleusercontent.com
cognito-identity-providers.yml#L3
    Type: AWS::Cognito::UserPoolIdentityProvider
    Properties:
      ProviderName: Google
      AttributeMapping:
        name: name
        email: email
cognito-identity-pool.yml#L28
    Type: AWS::Cognito::UserPoolIdentityProvider
    Properties:
      UserPoolId: !Ref CognitoUserPoolAppUserPool
      ProviderName: "Facebook"
      ProviderDetails:
        client_id: FACEBOOK_CLIENT_ID #TODO
serverless.yml#L16
      Type: AWS::Cognito::UserPoolIdentityProvider
      Properties:
        ProviderName: Google
        AttributeMapping:
          name: name
          email: email
integ.user-pool-idp.amazon.expected.json#L73
      "Type": "AWS::Cognito::UserPoolIdentityProvider",
      "Properties": {
        "ProviderName": "LoginWithAmazon",
        "ProviderType": "LoginWithAmazon",
        "UserPoolId": {
          "Ref": "pool056F3F7E"
integ.user-pool-idp.google.expected.json#L73
      "Type": "AWS::Cognito::UserPoolIdentityProvider",
      "Properties": {
        "ProviderName": "Google",
        "ProviderType": "Google",
        "UserPoolId": {
          "Ref": "pool056F3F7E"
integ.user-pool-idp.apple.expected.json#L73
      "Type": "AWS::Cognito::UserPoolIdentityProvider",
      "Properties": {
        "ProviderName": "SignInWithApple",
        "ProviderType": "SignInWithApple",
        "UserPoolId": {
          "Ref": "pool056F3F7E"
CognitoUserPoolIdentityProviderSpecification.json#L3
    "AWS::Cognito::UserPoolIdentityProvider": {
      "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolidentityprovider.html",
      "Properties": {
        "ProviderName": {
          "Required": true,
          "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolidentityprovider.html#cfn-cognito-userpoolidentityprovider-providername",
cognito.json#L101
            "Type": "AWS::Cognito::UserPoolIdentityProvider",
            "Properties": {
                "UserPoolId": {
                    "Ref": "TFCRUserPool"
                },
                "ProviderName": "Google",

Parameters

>> from AWS CloudFormation Documentation

Explanation in CloudFormation Registry

The AWS::Cognito::UserPoolIdentityProvider resource creates an identity provider for a user pool.

>> from AWS CloudFormation Documentation

The Other Related AWS Amazon Cognito Resources

Frequently asked questions

What is AWS Amazon Cognito Identity Provider?

AWS Amazon Cognito Identity Provider is a resource for Amazon Cognito of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS Amazon Cognito Identity Provider?

For Terraform, the MHekert/nestjs-auth, mjedrasz/ttd-terraform and Dromadon/hallebarde source code examples are useful. See the Terraform Example section for further details.

For CloudFormation, the avi-leeker/examples, Helfer-Portal/helponspot-api-gateway and wednesday-solutions/serverless source code examples are useful. See the CloudFormation Example section for further details.

security-icon

Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.

Table of Contents