Module cognito
@pulumi/aws > cognito
Index ▹
class IdentityPool
extends CustomResource
Provides an AWS Cognito Identity Pool.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
import * as fs from "fs";
const defaultSamlProvider = new aws.iam.SamlProvider("default", {
samlMetadataDocument: fs.readFileSync("saml-metadata.xml", "utf-8"),
});
const main = new aws.cognito.IdentityPool("main", {
allowUnauthenticatedIdentities: false,
cognitoIdentityProviders: [
{
clientId: "6lhlkkfbfb4q5kpp90urffae",
providerName: "cognito-idp.us-east-1.amazonaws.com/us-east-1_Tv0493apJ",
serverSideTokenCheck: false,
},
{
clientId: "7kodkvfqfb4qfkp39eurffae",
providerName: "cognito-idp.us-east-1.amazonaws.com/eu-west-1_Zr231apJu",
serverSideTokenCheck: false,
},
],
identityPoolName: "identity pool",
openidConnectProviderArns: ["arn:aws:iam::123456789012:oidc-provider/foo.example.com"],
samlProviderArns: [defaultSamlProvider.arn],
supportedLoginProviders: {
"accounts.google.com": "123456789012.apps.googleusercontent.com",
"graph.facebook.com": "7346241598935552",
},
});
constructor
new IdentityPool(name: string, args: IdentityPoolArgs, opts?: pulumi.CustomResourceOptions)
Create a IdentityPool resource with the given unique name, arguments, and options.
name
The unique name of the resource.args
The arguments to use to populate this resource's properties.opts
A bag of options that control this resource's behavior.
method get
public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: IdentityPoolState, opts?: pulumi.CustomResourceOptions): IdentityPool
Get an existing IdentityPool resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
method getProvider
method isInstance
static isInstance(obj: any): boolean
Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.
property allowUnauthenticatedIdentities
public allowUnauthenticatedIdentities: pulumi.Output<boolean | undefined>;
Whether the identity pool supports unauthenticated logins or not.
property arn
public arn: pulumi.Output<string>;
The ARN of the identity pool.
property cognitoIdentityProviders
public cognitoIdentityProviders: pulumi.Output<{ clientId: string; providerName: string; serverSideTokenCheck: boolean; }[] | undefined>;
An array of Amazon Cognito Identity user pools and their client IDs.
property developerProviderName
public developerProviderName: pulumi.Output<string | undefined>;
The “domain” by which Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider.
property id
id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.
property identityPoolName
public identityPoolName: pulumi.Output<string>;
The Cognito Identity Pool name.
property openidConnectProviderArns
public openidConnectProviderArns: pulumi.Output<string[] | undefined>;
A list of OpendID Connect provider ARNs.
property samlProviderArns
public samlProviderArns: pulumi.Output<string[] | undefined>;
An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.
property supportedLoginProviders
public supportedLoginProviders: pulumi.Output<{[key: string]: string} | undefined>;
Key-Value pairs mapping provider names to provider app IDs.
property urn
class IdentityPoolRoleAttachment
extends CustomResource
Provides an AWS Cognito Identity Pool Roles Attachment.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const mainIdentityPool = new aws.cognito.IdentityPool("main", {
allowUnauthenticatedIdentities: false,
identityPoolName: "identity pool",
supportedLoginProviders: {
"graph.facebook.com": "7346241598935555",
},
});
const authenticatedRole = new aws.iam.Role("authenticated", {
assumeRolePolicy: mainIdentityPool.id.apply(id => `{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Federated": "cognito-identity.amazonaws.com"
},
"Action": "sts:AssumeRoleWithWebIdentity",
"Condition": {
"StringEquals": {
"cognito-identity.amazonaws.com:aud": "${id}"
},
"ForAnyValue:StringLike": {
"cognito-identity.amazonaws.com:amr": "authenticated"
}
}
}
]
}
`),
});
const mainIdentityPoolRoleAttachment = new aws.cognito.IdentityPoolRoleAttachment("main", {
identityPoolId: mainIdentityPool.id,
roleMappings: [{
ambiguousRoleResolution: "AuthenticatedRole",
identityProvider: "graph.facebook.com",
mappingRules: [{
claim: "isAdmin",
matchType: "Equals",
roleArn: authenticatedRole.arn,
value: "paid",
}],
type: "Rules",
}],
roles: {
authenticated: authenticatedRole.arn,
},
});
const authenticatedRolePolicy = new aws.iam.RolePolicy("authenticated", {
policy: `{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"mobileanalytics:PutEvents",
"cognito-sync:*",
"cognito-identity:*"
],
"Resource": [
"*"
]
}
]
}
`,
role: authenticatedRole.id,
});
constructor
new IdentityPoolRoleAttachment(name: string, args: IdentityPoolRoleAttachmentArgs, opts?: pulumi.CustomResourceOptions)
Create a IdentityPoolRoleAttachment resource with the given unique name, arguments, and options.
name
The unique name of the resource.args
The arguments to use to populate this resource's properties.opts
A bag of options that control this resource's behavior.
method get
public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: IdentityPoolRoleAttachmentState, opts?: pulumi.CustomResourceOptions): IdentityPoolRoleAttachment
Get an existing IdentityPoolRoleAttachment resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
method getProvider
method isInstance
static isInstance(obj: any): boolean
Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.
property id
id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.
property identityPoolId
public identityPoolId: pulumi.Output<string>;
An identity pool ID in the format REGION:GUID.
property roleMappings
public roleMappings: pulumi.Output<{ ambiguousRoleResolution: string; identityProvider: string; mappingRules: { claim: string; matchType: string; roleArn: string; value: string; }[]; type: string; }[] | undefined>;
A List of Role Mapping.
property roles
public roles: pulumi.Output<{ authenticated: string; unauthenticated: string; }>;
The map of roles associated with this pool. For a given role, the key will be either “authenticated” or “unauthenticated” and the value will be the Role ARN.
property urn
class IdentityProvider
extends CustomResource
Provides a Cognito User Identity Provider resource.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.cognito.UserPool("example", {
autoVerifiedAttributes: ["email"],
});
const exampleProvider = new aws.cognito.IdentityProvider("example_provider", {
attributeMapping: {
email: "email",
username: "sub",
},
providerDetails: {
authorize_scopes: "email",
client_id: "your client_id",
client_secret: "your client_secret",
},
providerName: "Google",
providerType: "Google",
userPoolId: example.id,
});
constructor
new IdentityProvider(name: string, args: IdentityProviderArgs, opts?: pulumi.CustomResourceOptions)
Create a IdentityProvider resource with the given unique name, arguments, and options.
name
The unique name of the resource.args
The arguments to use to populate this resource's properties.opts
A bag of options that control this resource's behavior.
method get
public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: IdentityProviderState, opts?: pulumi.CustomResourceOptions): IdentityProvider
Get an existing IdentityProvider resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
method getProvider
method isInstance
static isInstance(obj: any): boolean
Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.
property attributeMapping
public attributeMapping: pulumi.Output<{[key: string]: any} | undefined>;
The map of attribute mapping of user pool attributes. AttributeMapping in AWS API documentation
property id
id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.
property idpIdentifiers
public idpIdentifiers: pulumi.Output<string[] | undefined>;
The list of identity providers.
property providerDetails
public providerDetails: pulumi.Output<{[key: string]: any}>;
The map of identity details, such as access token
property providerName
public providerName: pulumi.Output<string>;
The provider name
property providerType
public providerType: pulumi.Output<string>;
The provider type. See AWS API for valid values
property urn
urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.
property userPoolId
public userPoolId: pulumi.Output<string>;
The user pool id
class ResourceServer
extends CustomResource
Provides a Cognito Resource Server.
Example Usage
Create a basic resource server
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const pool = new aws.cognito.UserPool("pool", {});
const resource = new aws.cognito.ResourceServer("resource", {
identifier: "https://example.com",
userPoolId: pool.id,
});
Create a resource server with sample-scope
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const pool = new aws.cognito.UserPool("pool", {});
const resource = new aws.cognito.ResourceServer("resource", {
identifier: "https://example.com",
scopes: [{
scopeDescription: "a Sample Scope Description",
scopeName: "sample-scope",
}],
userPoolId: pool.id,
});
constructor
new ResourceServer(name: string, args: ResourceServerArgs, opts?: pulumi.CustomResourceOptions)
Create a ResourceServer resource with the given unique name, arguments, and options.
name
The unique name of the resource.args
The arguments to use to populate this resource's properties.opts
A bag of options that control this resource's behavior.
method get
public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ResourceServerState, opts?: pulumi.CustomResourceOptions): ResourceServer
Get an existing ResourceServer resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
method getProvider
method isInstance
static isInstance(obj: any): boolean
Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.
property id
id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.
property identifier
public identifier: pulumi.Output<string>;
An identifier for the resource server.
property name
public name: pulumi.Output<string>;
A name for the resource server.
property scopeIdentifiers
public scopeIdentifiers: pulumi.Output<string[]>;
A list of all scopes configured for this resource server in the format identifier/scope_name.
property scopes
public scopes: pulumi.Output<{ scopeDescription: string; scopeName: string; }[] | undefined>;
A list of Authorization Scope.
property urn
urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.
property userPoolId
public userPoolId: pulumi.Output<string>;
class UserGroup
extends CustomResource
Provides a Cognito User Group resource.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const mainUserPool = new aws.cognito.UserPool("main", {});
const groupRole = new aws.iam.Role("group_role", {
assumeRolePolicy: `{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": {
"Federated": "cognito-identity.amazonaws.com"
},
"Action": "sts:AssumeRoleWithWebIdentity",
"Condition": {
"StringEquals": {
"cognito-identity.amazonaws.com:aud": "us-east-1:12345678-dead-beef-cafe-123456790ab"
},
"ForAnyValue:StringLike": {
"cognito-identity.amazonaws.com:amr": "authenticated"
}
}
}
]
}
`,
});
const mainUserGroup = new aws.cognito.UserGroup("main", {
description: "Managed by Terraform",
precedence: 42,
roleArn: groupRole.arn,
userPoolId: mainUserPool.id,
});
constructor
new UserGroup(name: string, args: UserGroupArgs, opts?: pulumi.CustomResourceOptions)
Create a UserGroup resource with the given unique name, arguments, and options.
name
The unique name of the resource.args
The arguments to use to populate this resource's properties.opts
A bag of options that control this resource's behavior.
method get
public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: UserGroupState, opts?: pulumi.CustomResourceOptions): UserGroup
Get an existing UserGroup resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
method getProvider
method isInstance
static isInstance(obj: any): boolean
Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.
property description
public description: pulumi.Output<string | undefined>;
The description of the user group.
property id
id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.
property name
public name: pulumi.Output<string>;
The name of the user group.
property precedence
public precedence: pulumi.Output<number | undefined>;
The precedence of the user group.
property roleArn
public roleArn: pulumi.Output<string | undefined>;
The ARN of the IAM role to be associated with the user group.
property urn
urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.
property userPoolId
public userPoolId: pulumi.Output<string>;
The user pool ID.
class UserPool
extends CustomResource
Provides a Cognito User Pool resource.
Example Usage
Basic configuration
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const pool = new aws.cognito.UserPool("pool", {});
constructor
new UserPool(name: string, args?: UserPoolArgs, opts?: pulumi.CustomResourceOptions)
Create a UserPool resource with the given unique name, arguments, and options.
name
The unique name of the resource.args
The arguments to use to populate this resource's properties.opts
A bag of options that control this resource's behavior.
method get
public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: UserPoolState, opts?: pulumi.CustomResourceOptions): UserPool
Get an existing UserPool resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
method getProvider
method isInstance
static isInstance(obj: any): boolean
Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.
property adminCreateUserConfig
public adminCreateUserConfig: pulumi.Output<{ allowAdminCreateUserOnly: boolean; inviteMessageTemplate: { emailMessage: string; emailSubject: string; smsMessage: string; }; unusedAccountValidityDays: number; }>;
The configuration for AdminCreateUser requests.
property aliasAttributes
public aliasAttributes: pulumi.Output<string[] | undefined>;
Attributes supported as an alias for this user pool. Possible values: phone_number, email, or preferred_username. Conflicts with username_attributes
.
property arn
public arn: pulumi.Output<string>;
The ARN of the user pool.
property autoVerifiedAttributes
public autoVerifiedAttributes: pulumi.Output<string[] | undefined>;
The attributes to be auto-verified. Possible values: email, phone_number.
property creationDate
public creationDate: pulumi.Output<string>;
The date the user pool was created.
property deviceConfiguration
public deviceConfiguration: pulumi.Output<{ challengeRequiredOnNewDevice: boolean; deviceOnlyRememberedOnUserPrompt: boolean; } | undefined>;
The configuration for the user pool’s device tracking.
property emailConfiguration
public emailConfiguration: pulumi.Output<{ replyToEmailAddress: string; sourceArn: string; } | undefined>;
The Email Configuration.
property emailVerificationMessage
public emailVerificationMessage: pulumi.Output<string>;
A string representing the email verification message. Must contain the {####}
placeholder. NOTE: - If email_verification_message
and verification_message_template.email_message
are specified and the values are different, either one is prioritized and updated.
property emailVerificationSubject
public emailVerificationSubject: pulumi.Output<string>;
A string representing the email verification subject. NOTE: - If email_verification_subject
and verification_message_template.email_subject
are specified and the values are different, either one is prioritized and updated.
property endpoint
public endpoint: pulumi.Output<string>;
The endpoint name of the user pool. Example format: cognito-idp.REGION.amazonaws.com/xxxx_yyyyy
property id
id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.
property lambdaConfig
public lambdaConfig: pulumi.Output<{ createAuthChallenge: string; customMessage: string; defineAuthChallenge: string; postAuthentication: string; postConfirmation: string; preAuthentication: string; preSignUp: string; preTokenGeneration: string; userMigration: string; verifyAuthChallengeResponse: string; }>;
A container for the AWS Lambda triggers associated with the user pool.
property lastModifiedDate
public lastModifiedDate: pulumi.Output<string>;
The date the user pool was last modified.
property mfaConfiguration
public mfaConfiguration: pulumi.Output<string | undefined>;
Set to enable multi-factor authentication. Must be one of the following values (ON, OFF, OPTIONAL)
property name
public name: pulumi.Output<string>;
The name of the attribute.
property passwordPolicy
public passwordPolicy: pulumi.Output<{ minimumLength: number; requireLowercase: boolean; requireNumbers: boolean; requireSymbols: boolean; requireUppercase: boolean; }>;
A container for information about the user pool password policy.
property schemas
public schemas: pulumi.Output<{ attributeDataType: string; developerOnlyAttribute: boolean; mutable: boolean; name: string; numberAttributeConstraints: { maxValue: string; minValue: string; }; required: boolean; stringAttributeConstraints: { maxLength: string; minLength: string; }; }[] | undefined>;
A container with the schema attributes of a user pool. Maximum of 50 attributes.
property smsAuthenticationMessage
public smsAuthenticationMessage: pulumi.Output<string | undefined>;
A string representing the SMS authentication message.
property smsConfiguration
public smsConfiguration: pulumi.Output<{ externalId: string; snsCallerArn: string; } | undefined>;
The SMS Configuration.
property smsVerificationMessage
public smsVerificationMessage: pulumi.Output<string | undefined>;
A string representing the SMS verification message.
property tags
public tags: pulumi.Output<{[key: string]: any} | undefined>;
A mapping of tags to assign to the User Pool.
property urn
urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.
property usernameAttributes
public usernameAttributes: pulumi.Output<string[] | undefined>;
Specifies whether email addresses or phone numbers can be specified as usernames when a user signs up. Conflicts with alias_attributes
.
property verificationMessageTemplate
class UserPoolClient
extends CustomResource
Provides a Cognito User Pool Client resource.
Example Usage
Create a basic user pool client
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const pool = new aws.cognito.UserPool("pool", {});
const client = new aws.cognito.UserPoolClient("client", {
userPoolId: pool.id,
});
Create a user pool client with no SRP authentication
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const pool = new aws.cognito.UserPool("pool", {});
const client = new aws.cognito.UserPoolClient("client", {
explicitAuthFlows: ["ADMIN_NO_SRP_AUTH"],
generateSecret: true,
userPoolId: pool.id,
});
constructor
new UserPoolClient(name: string, args: UserPoolClientArgs, opts?: pulumi.CustomResourceOptions)
Create a UserPoolClient resource with the given unique name, arguments, and options.
name
The unique name of the resource.args
The arguments to use to populate this resource's properties.opts
A bag of options that control this resource's behavior.
method get
public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: UserPoolClientState, opts?: pulumi.CustomResourceOptions): UserPoolClient
Get an existing UserPoolClient resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
method getProvider
method isInstance
static isInstance(obj: any): boolean
Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.
property allowedOauthFlows
public allowedOauthFlows: pulumi.Output<string[] | undefined>;
List of allowed OAuth flows (code, implicit, client_credentials).
property allowedOauthFlowsUserPoolClient
public allowedOauthFlowsUserPoolClient: pulumi.Output<boolean | undefined>;
Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.
property allowedOauthScopes
public allowedOauthScopes: pulumi.Output<string[] | undefined>;
List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).
property callbackUrls
public callbackUrls: pulumi.Output<string[] | undefined>;
List of allowed callback URLs for the identity providers.
property clientSecret
public clientSecret: pulumi.Output<string>;
The client secret of the user pool client.
property defaultRedirectUri
public defaultRedirectUri: pulumi.Output<string | undefined>;
The default redirect URI. Must be in the list of callback URLs.
property explicitAuthFlows
public explicitAuthFlows: pulumi.Output<string[] | undefined>;
List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH).
property generateSecret
public generateSecret: pulumi.Output<boolean | undefined>;
Should an application secret be generated. AWS JavaScript SDK requires this to be false.
property id
id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.
property logoutUrls
public logoutUrls: pulumi.Output<string[] | undefined>;
List of allowed logout URLs for the identity providers.
property name
public name: pulumi.Output<string>;
The name of the application client.
property readAttributes
public readAttributes: pulumi.Output<string[] | undefined>;
List of user pool attributes the application client can read from.
property refreshTokenValidity
public refreshTokenValidity: pulumi.Output<number | undefined>;
The time limit in days refresh tokens are valid for.
property supportedIdentityProviders
public supportedIdentityProviders: pulumi.Output<string[] | undefined>;
List of provider names for the identity providers that are supported on this client.
property urn
urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.
property userPoolId
public userPoolId: pulumi.Output<string>;
The user pool the client belongs to.
property writeAttributes
public writeAttributes: pulumi.Output<string[] | undefined>;
List of user pool attributes the application client can write to.
class UserPoolDomain
extends CustomResource
Provides a Cognito User Pool Domain resource.
Example Usage
Amazon Cognito domain
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.cognito.UserPool("example", {});
const main = new aws.cognito.UserPoolDomain("main", {
domain: "example-domain",
userPoolId: example.id,
});
Custom Cognito domain
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.cognito.UserPool("example", {});
const main = new aws.cognito.UserPoolDomain("main", {
certificateArn: aws_acm_certificate_cert.arn,
domain: "example-domain.example.com",
userPoolId: example.id,
});
constructor
new UserPoolDomain(name: string, args: UserPoolDomainArgs, opts?: pulumi.CustomResourceOptions)
Create a UserPoolDomain resource with the given unique name, arguments, and options.
name
The unique name of the resource.args
The arguments to use to populate this resource's properties.opts
A bag of options that control this resource's behavior.
method get
public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: UserPoolDomainState, opts?: pulumi.CustomResourceOptions): UserPoolDomain
Get an existing UserPoolDomain resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
method getProvider
method isInstance
static isInstance(obj: any): boolean
Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.
property awsAccountId
public awsAccountId: pulumi.Output<string>;
The AWS account ID for the user pool owner.
property certificateArn
public certificateArn: pulumi.Output<string | undefined>;
The ARN of an ISSUED ACM certificate in us-east-1 for a custom domain.
property cloudfrontDistributionArn
public cloudfrontDistributionArn: pulumi.Output<string>;
The ARN of the CloudFront distribution.
property domain
public domain: pulumi.Output<string>;
The domain string.
property id
id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.
property s3Bucket
public s3Bucket: pulumi.Output<string>;
The S3 bucket where the static files for this domain are stored.
property urn
urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.
property userPoolId
public userPoolId: pulumi.Output<string>;
The user pool ID.
property version
public version: pulumi.Output<string>;
The app version.
function getUserPools
getUserPools(args: GetUserPoolsArgs, opts?: pulumi.InvokeOptions): Promise<GetUserPoolsResult>
Use this data source to get a list of cognito user pools.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const selectedRestApi = pulumi.output(aws.apigateway.getRestApi({
name: var_api_gateway_name,
}));
const selectedUserPools = pulumi.output(aws.cognito.getUserPools({
name: var_cognito_user_pool_name,
}));
const cognito = new aws.apigateway.Authorizer("cognito", {
providerArns: selectedUserPools.apply(selectedUserPools => selectedUserPools.arns),
restApi: selectedRestApi.apply(selectedRestApi => selectedRestApi.id),
type: "COGNITO_USER_POOLS",
});
interface GetUserPoolsArgs
A collection of arguments for invoking getUserPools.
property name
name: string;
Name of the cognito user pools. Name is not a unique attribute for cognito user pool, so multiple pools might be returned with given name.
interface GetUserPoolsResult
A collection of values returned by getUserPools.
property arns
arns: string[];
property id
id: string;
id is the provider-assigned unique ID for this managed resource.
property ids
ids: string[];
The list of cognito user pool ids.
interface IdentityPoolArgs
The set of arguments for constructing a IdentityPool resource.
property allowUnauthenticatedIdentities
allowUnauthenticatedIdentities?: pulumi.Input<boolean>;
Whether the identity pool supports unauthenticated logins or not.
property cognitoIdentityProviders
cognitoIdentityProviders?: pulumi.Input<pulumi.Input<{ clientId: pulumi.Input<string>; providerName: pulumi.Input<string>; serverSideTokenCheck: pulumi.Input<boolean>; }>[]>;
An array of Amazon Cognito Identity user pools and their client IDs.
property developerProviderName
developerProviderName?: pulumi.Input<string>;
The “domain” by which Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider.
property identityPoolName
identityPoolName: pulumi.Input<string>;
The Cognito Identity Pool name.
property openidConnectProviderArns
openidConnectProviderArns?: pulumi.Input<pulumi.Input<string>[]>;
A list of OpendID Connect provider ARNs.
property samlProviderArns
samlProviderArns?: pulumi.Input<pulumi.Input<string>[]>;
An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.
property supportedLoginProviders
supportedLoginProviders?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;
Key-Value pairs mapping provider names to provider app IDs.
interface IdentityPoolRoleAttachmentArgs
The set of arguments for constructing a IdentityPoolRoleAttachment resource.
property identityPoolId
identityPoolId: pulumi.Input<string>;
An identity pool ID in the format REGION:GUID.
property roleMappings
roleMappings?: pulumi.Input<pulumi.Input<{ ambiguousRoleResolution: pulumi.Input<string>; identityProvider: pulumi.Input<string>; mappingRules: pulumi.Input<pulumi.Input<{ claim: pulumi.Input<string>; matchType: pulumi.Input<string>; roleArn: pulumi.Input<string>; value: pulumi.Input<string>; }>[]>; type: pulumi.Input<string>; }>[]>;
A List of Role Mapping.
property roles
roles: pulumi.Input<{ authenticated: pulumi.Input<string>; unauthenticated: pulumi.Input<string>; }>;
The map of roles associated with this pool. For a given role, the key will be either “authenticated” or “unauthenticated” and the value will be the Role ARN.
interface IdentityPoolRoleAttachmentState
Input properties used for looking up and filtering IdentityPoolRoleAttachment resources.
property identityPoolId
identityPoolId?: pulumi.Input<string>;
An identity pool ID in the format REGION:GUID.
property roleMappings
roleMappings?: pulumi.Input<pulumi.Input<{ ambiguousRoleResolution: pulumi.Input<string>; identityProvider: pulumi.Input<string>; mappingRules: pulumi.Input<pulumi.Input<{ claim: pulumi.Input<string>; matchType: pulumi.Input<string>; roleArn: pulumi.Input<string>; value: pulumi.Input<string>; }>[]>; type: pulumi.Input<string>; }>[]>;
A List of Role Mapping.
property roles
roles?: pulumi.Input<{ authenticated: pulumi.Input<string>; unauthenticated: pulumi.Input<string>; }>;
The map of roles associated with this pool. For a given role, the key will be either “authenticated” or “unauthenticated” and the value will be the Role ARN.
interface IdentityPoolState
Input properties used for looking up and filtering IdentityPool resources.
property allowUnauthenticatedIdentities
allowUnauthenticatedIdentities?: pulumi.Input<boolean>;
Whether the identity pool supports unauthenticated logins or not.
property arn
arn?: pulumi.Input<string>;
The ARN of the identity pool.
property cognitoIdentityProviders
cognitoIdentityProviders?: pulumi.Input<pulumi.Input<{ clientId: pulumi.Input<string>; providerName: pulumi.Input<string>; serverSideTokenCheck: pulumi.Input<boolean>; }>[]>;
An array of Amazon Cognito Identity user pools and their client IDs.
property developerProviderName
developerProviderName?: pulumi.Input<string>;
The “domain” by which Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider.
property identityPoolName
identityPoolName?: pulumi.Input<string>;
The Cognito Identity Pool name.
property openidConnectProviderArns
openidConnectProviderArns?: pulumi.Input<pulumi.Input<string>[]>;
A list of OpendID Connect provider ARNs.
property samlProviderArns
samlProviderArns?: pulumi.Input<pulumi.Input<string>[]>;
An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.
property supportedLoginProviders
supportedLoginProviders?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;
Key-Value pairs mapping provider names to provider app IDs.
interface IdentityProviderArgs
The set of arguments for constructing a IdentityProvider resource.
property attributeMapping
attributeMapping?: pulumi.Input<{[key: string]: any}>;
The map of attribute mapping of user pool attributes. AttributeMapping in AWS API documentation
property idpIdentifiers
idpIdentifiers?: pulumi.Input<pulumi.Input<string>[]>;
The list of identity providers.
property providerDetails
providerDetails: pulumi.Input<{[key: string]: any}>;
The map of identity details, such as access token
property providerName
providerName: pulumi.Input<string>;
The provider name
property providerType
providerType: pulumi.Input<string>;
The provider type. See AWS API for valid values
property userPoolId
userPoolId: pulumi.Input<string>;
The user pool id
interface IdentityProviderState
Input properties used for looking up and filtering IdentityProvider resources.
property attributeMapping
attributeMapping?: pulumi.Input<{[key: string]: any}>;
The map of attribute mapping of user pool attributes. AttributeMapping in AWS API documentation
property idpIdentifiers
idpIdentifiers?: pulumi.Input<pulumi.Input<string>[]>;
The list of identity providers.
property providerDetails
providerDetails?: pulumi.Input<{[key: string]: any}>;
The map of identity details, such as access token
property providerName
providerName?: pulumi.Input<string>;
The provider name
property providerType
providerType?: pulumi.Input<string>;
The provider type. See AWS API for valid values
property userPoolId
userPoolId?: pulumi.Input<string>;
The user pool id
interface ResourceServerArgs
The set of arguments for constructing a ResourceServer resource.
property identifier
identifier: pulumi.Input<string>;
An identifier for the resource server.
property name
name?: pulumi.Input<string>;
A name for the resource server.
property scopes
scopes?: pulumi.Input<pulumi.Input<{ scopeDescription: pulumi.Input<string>; scopeName: pulumi.Input<string>; }>[]>;
A list of Authorization Scope.
property userPoolId
userPoolId: pulumi.Input<string>;
interface ResourceServerState
Input properties used for looking up and filtering ResourceServer resources.
property identifier
identifier?: pulumi.Input<string>;
An identifier for the resource server.
property name
name?: pulumi.Input<string>;
A name for the resource server.
property scopeIdentifiers
scopeIdentifiers?: pulumi.Input<pulumi.Input<string>[]>;
A list of all scopes configured for this resource server in the format identifier/scope_name.
property scopes
scopes?: pulumi.Input<pulumi.Input<{ scopeDescription: pulumi.Input<string>; scopeName: pulumi.Input<string>; }>[]>;
A list of Authorization Scope.
property userPoolId
userPoolId?: pulumi.Input<string>;
interface UserGroupArgs
The set of arguments for constructing a UserGroup resource.
property description
description?: pulumi.Input<string>;
The description of the user group.
property name
name?: pulumi.Input<string>;
The name of the user group.
property precedence
precedence?: pulumi.Input<number>;
The precedence of the user group.
property roleArn
roleArn?: pulumi.Input<string>;
The ARN of the IAM role to be associated with the user group.
property userPoolId
userPoolId: pulumi.Input<string>;
The user pool ID.
interface UserGroupState
Input properties used for looking up and filtering UserGroup resources.
property description
description?: pulumi.Input<string>;
The description of the user group.
property name
name?: pulumi.Input<string>;
The name of the user group.
property precedence
precedence?: pulumi.Input<number>;
The precedence of the user group.
property roleArn
roleArn?: pulumi.Input<string>;
The ARN of the IAM role to be associated with the user group.
property userPoolId
userPoolId?: pulumi.Input<string>;
The user pool ID.
interface UserPoolArgs
The set of arguments for constructing a UserPool resource.
property adminCreateUserConfig
adminCreateUserConfig?: pulumi.Input<{ allowAdminCreateUserOnly: pulumi.Input<boolean>; inviteMessageTemplate: pulumi.Input<{ emailMessage: pulumi.Input<string>; emailSubject: pulumi.Input<string>; smsMessage: pulumi.Input<string>; }>; unusedAccountValidityDays: pulumi.Input<number>; }>;
The configuration for AdminCreateUser requests.
property aliasAttributes
aliasAttributes?: pulumi.Input<pulumi.Input<string>[]>;
Attributes supported as an alias for this user pool. Possible values: phone_number, email, or preferred_username. Conflicts with username_attributes
.
property autoVerifiedAttributes
autoVerifiedAttributes?: pulumi.Input<pulumi.Input<string>[]>;
The attributes to be auto-verified. Possible values: email, phone_number.
property deviceConfiguration
deviceConfiguration?: pulumi.Input<{ challengeRequiredOnNewDevice: pulumi.Input<boolean>; deviceOnlyRememberedOnUserPrompt: pulumi.Input<boolean>; }>;
The configuration for the user pool’s device tracking.
property emailConfiguration
emailConfiguration?: pulumi.Input<{ replyToEmailAddress: pulumi.Input<string>; sourceArn: pulumi.Input<string>; }>;
The Email Configuration.
property emailVerificationMessage
emailVerificationMessage?: pulumi.Input<string>;
A string representing the email verification message. Must contain the {####}
placeholder. NOTE: - If email_verification_message
and verification_message_template.email_message
are specified and the values are different, either one is prioritized and updated.
property emailVerificationSubject
emailVerificationSubject?: pulumi.Input<string>;
A string representing the email verification subject. NOTE: - If email_verification_subject
and verification_message_template.email_subject
are specified and the values are different, either one is prioritized and updated.
property lambdaConfig
lambdaConfig?: pulumi.Input<{ createAuthChallenge: pulumi.Input<string>; customMessage: pulumi.Input<string>; defineAuthChallenge: pulumi.Input<string>; postAuthentication: pulumi.Input<string>; postConfirmation: pulumi.Input<string>; preAuthentication: pulumi.Input<string>; preSignUp: pulumi.Input<string>; preTokenGeneration: pulumi.Input<string>; userMigration: pulumi.Input<string>; verifyAuthChallengeResponse: pulumi.Input<string>; }>;
A container for the AWS Lambda triggers associated with the user pool.
property mfaConfiguration
mfaConfiguration?: pulumi.Input<string>;
Set to enable multi-factor authentication. Must be one of the following values (ON, OFF, OPTIONAL)
property name
name?: pulumi.Input<string>;
The name of the attribute.
property passwordPolicy
passwordPolicy?: pulumi.Input<{ minimumLength: pulumi.Input<number>; requireLowercase: pulumi.Input<boolean>; requireNumbers: pulumi.Input<boolean>; requireSymbols: pulumi.Input<boolean>; requireUppercase: pulumi.Input<boolean>; }>;
A container for information about the user pool password policy.
property schemas
schemas?: pulumi.Input<pulumi.Input<{ attributeDataType: pulumi.Input<string>; developerOnlyAttribute: pulumi.Input<boolean>; mutable: pulumi.Input<boolean>; name: pulumi.Input<string>; numberAttributeConstraints: pulumi.Input<{ maxValue: pulumi.Input<string>; minValue: pulumi.Input<string>; }>; required: pulumi.Input<boolean>; stringAttributeConstraints: pulumi.Input<{ maxLength: pulumi.Input<string>; minLength: pulumi.Input<string>; }>; }>[]>;
A container with the schema attributes of a user pool. Maximum of 50 attributes.
property smsAuthenticationMessage
smsAuthenticationMessage?: pulumi.Input<string>;
A string representing the SMS authentication message.
property smsConfiguration
smsConfiguration?: pulumi.Input<{ externalId: pulumi.Input<string>; snsCallerArn: pulumi.Input<string>; }>;
The SMS Configuration.
property smsVerificationMessage
smsVerificationMessage?: pulumi.Input<string>;
A string representing the SMS verification message.
property tags
tags?: pulumi.Input<{[key: string]: any}>;
A mapping of tags to assign to the User Pool.
property usernameAttributes
usernameAttributes?: pulumi.Input<pulumi.Input<string>[]>;
Specifies whether email addresses or phone numbers can be specified as usernames when a user signs up. Conflicts with alias_attributes
.
property verificationMessageTemplate
verificationMessageTemplate?: pulumi.Input<{ defaultEmailOption: pulumi.Input<string>; emailMessage: pulumi.Input<string>; emailMessageByLink: pulumi.Input<string>; emailSubject: pulumi.Input<string>; emailSubjectByLink: pulumi.Input<string>; smsMessage: pulumi.Input<string>; }>;
The verification message templates configuration.
interface UserPoolClientArgs
The set of arguments for constructing a UserPoolClient resource.
property allowedOauthFlows
allowedOauthFlows?: pulumi.Input<pulumi.Input<string>[]>;
List of allowed OAuth flows (code, implicit, client_credentials).
property allowedOauthFlowsUserPoolClient
allowedOauthFlowsUserPoolClient?: pulumi.Input<boolean>;
Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.
property allowedOauthScopes
allowedOauthScopes?: pulumi.Input<pulumi.Input<string>[]>;
List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).
property callbackUrls
callbackUrls?: pulumi.Input<pulumi.Input<string>[]>;
List of allowed callback URLs for the identity providers.
property defaultRedirectUri
defaultRedirectUri?: pulumi.Input<string>;
The default redirect URI. Must be in the list of callback URLs.
property explicitAuthFlows
explicitAuthFlows?: pulumi.Input<pulumi.Input<string>[]>;
List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH).
property generateSecret
generateSecret?: pulumi.Input<boolean>;
Should an application secret be generated. AWS JavaScript SDK requires this to be false.
property logoutUrls
logoutUrls?: pulumi.Input<pulumi.Input<string>[]>;
List of allowed logout URLs for the identity providers.
property name
name?: pulumi.Input<string>;
The name of the application client.
property readAttributes
readAttributes?: pulumi.Input<pulumi.Input<string>[]>;
List of user pool attributes the application client can read from.
property refreshTokenValidity
refreshTokenValidity?: pulumi.Input<number>;
The time limit in days refresh tokens are valid for.
property supportedIdentityProviders
supportedIdentityProviders?: pulumi.Input<pulumi.Input<string>[]>;
List of provider names for the identity providers that are supported on this client.
property userPoolId
userPoolId: pulumi.Input<string>;
The user pool the client belongs to.
property writeAttributes
writeAttributes?: pulumi.Input<pulumi.Input<string>[]>;
List of user pool attributes the application client can write to.
interface UserPoolClientState
Input properties used for looking up and filtering UserPoolClient resources.
property allowedOauthFlows
allowedOauthFlows?: pulumi.Input<pulumi.Input<string>[]>;
List of allowed OAuth flows (code, implicit, client_credentials).
property allowedOauthFlowsUserPoolClient
allowedOauthFlowsUserPoolClient?: pulumi.Input<boolean>;
Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.
property allowedOauthScopes
allowedOauthScopes?: pulumi.Input<pulumi.Input<string>[]>;
List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).
property callbackUrls
callbackUrls?: pulumi.Input<pulumi.Input<string>[]>;
List of allowed callback URLs for the identity providers.
property clientSecret
clientSecret?: pulumi.Input<string>;
The client secret of the user pool client.
property defaultRedirectUri
defaultRedirectUri?: pulumi.Input<string>;
The default redirect URI. Must be in the list of callback URLs.
property explicitAuthFlows
explicitAuthFlows?: pulumi.Input<pulumi.Input<string>[]>;
List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH).
property generateSecret
generateSecret?: pulumi.Input<boolean>;
Should an application secret be generated. AWS JavaScript SDK requires this to be false.
property logoutUrls
logoutUrls?: pulumi.Input<pulumi.Input<string>[]>;
List of allowed logout URLs for the identity providers.
property name
name?: pulumi.Input<string>;
The name of the application client.
property readAttributes
readAttributes?: pulumi.Input<pulumi.Input<string>[]>;
List of user pool attributes the application client can read from.
property refreshTokenValidity
refreshTokenValidity?: pulumi.Input<number>;
The time limit in days refresh tokens are valid for.
property supportedIdentityProviders
supportedIdentityProviders?: pulumi.Input<pulumi.Input<string>[]>;
List of provider names for the identity providers that are supported on this client.
property userPoolId
userPoolId?: pulumi.Input<string>;
The user pool the client belongs to.
property writeAttributes
writeAttributes?: pulumi.Input<pulumi.Input<string>[]>;
List of user pool attributes the application client can write to.
interface UserPoolDomainArgs
The set of arguments for constructing a UserPoolDomain resource.
property certificateArn
certificateArn?: pulumi.Input<string>;
The ARN of an ISSUED ACM certificate in us-east-1 for a custom domain.
property domain
domain: pulumi.Input<string>;
The domain string.
property userPoolId
userPoolId: pulumi.Input<string>;
The user pool ID.
interface UserPoolDomainState
Input properties used for looking up and filtering UserPoolDomain resources.
property awsAccountId
awsAccountId?: pulumi.Input<string>;
The AWS account ID for the user pool owner.
property certificateArn
certificateArn?: pulumi.Input<string>;
The ARN of an ISSUED ACM certificate in us-east-1 for a custom domain.
property cloudfrontDistributionArn
cloudfrontDistributionArn?: pulumi.Input<string>;
The ARN of the CloudFront distribution.
property domain
domain?: pulumi.Input<string>;
The domain string.
property s3Bucket
s3Bucket?: pulumi.Input<string>;
The S3 bucket where the static files for this domain are stored.
property userPoolId
userPoolId?: pulumi.Input<string>;
The user pool ID.
property version
version?: pulumi.Input<string>;
The app version.
interface UserPoolState
Input properties used for looking up and filtering UserPool resources.
property adminCreateUserConfig
adminCreateUserConfig?: pulumi.Input<{ allowAdminCreateUserOnly: pulumi.Input<boolean>; inviteMessageTemplate: pulumi.Input<{ emailMessage: pulumi.Input<string>; emailSubject: pulumi.Input<string>; smsMessage: pulumi.Input<string>; }>; unusedAccountValidityDays: pulumi.Input<number>; }>;
The configuration for AdminCreateUser requests.
property aliasAttributes
aliasAttributes?: pulumi.Input<pulumi.Input<string>[]>;
Attributes supported as an alias for this user pool. Possible values: phone_number, email, or preferred_username. Conflicts with username_attributes
.
property arn
arn?: pulumi.Input<string>;
The ARN of the user pool.
property autoVerifiedAttributes
autoVerifiedAttributes?: pulumi.Input<pulumi.Input<string>[]>;
The attributes to be auto-verified. Possible values: email, phone_number.
property creationDate
creationDate?: pulumi.Input<string>;
The date the user pool was created.
property deviceConfiguration
deviceConfiguration?: pulumi.Input<{ challengeRequiredOnNewDevice: pulumi.Input<boolean>; deviceOnlyRememberedOnUserPrompt: pulumi.Input<boolean>; }>;
The configuration for the user pool’s device tracking.
property emailConfiguration
emailConfiguration?: pulumi.Input<{ replyToEmailAddress: pulumi.Input<string>; sourceArn: pulumi.Input<string>; }>;
The Email Configuration.
property emailVerificationMessage
emailVerificationMessage?: pulumi.Input<string>;
A string representing the email verification message. Must contain the {####}
placeholder. NOTE: - If email_verification_message
and verification_message_template.email_message
are specified and the values are different, either one is prioritized and updated.
property emailVerificationSubject
emailVerificationSubject?: pulumi.Input<string>;
A string representing the email verification subject. NOTE: - If email_verification_subject
and verification_message_template.email_subject
are specified and the values are different, either one is prioritized and updated.
property endpoint
endpoint?: pulumi.Input<string>;
The endpoint name of the user pool. Example format: cognito-idp.REGION.amazonaws.com/xxxx_yyyyy
property lambdaConfig
lambdaConfig?: pulumi.Input<{ createAuthChallenge: pulumi.Input<string>; customMessage: pulumi.Input<string>; defineAuthChallenge: pulumi.Input<string>; postAuthentication: pulumi.Input<string>; postConfirmation: pulumi.Input<string>; preAuthentication: pulumi.Input<string>; preSignUp: pulumi.Input<string>; preTokenGeneration: pulumi.Input<string>; userMigration: pulumi.Input<string>; verifyAuthChallengeResponse: pulumi.Input<string>; }>;
A container for the AWS Lambda triggers associated with the user pool.
property lastModifiedDate
lastModifiedDate?: pulumi.Input<string>;
The date the user pool was last modified.
property mfaConfiguration
mfaConfiguration?: pulumi.Input<string>;
Set to enable multi-factor authentication. Must be one of the following values (ON, OFF, OPTIONAL)
property name
name?: pulumi.Input<string>;
The name of the attribute.
property passwordPolicy
passwordPolicy?: pulumi.Input<{ minimumLength: pulumi.Input<number>; requireLowercase: pulumi.Input<boolean>; requireNumbers: pulumi.Input<boolean>; requireSymbols: pulumi.Input<boolean>; requireUppercase: pulumi.Input<boolean>; }>;
A container for information about the user pool password policy.
property schemas
schemas?: pulumi.Input<pulumi.Input<{ attributeDataType: pulumi.Input<string>; developerOnlyAttribute: pulumi.Input<boolean>; mutable: pulumi.Input<boolean>; name: pulumi.Input<string>; numberAttributeConstraints: pulumi.Input<{ maxValue: pulumi.Input<string>; minValue: pulumi.Input<string>; }>; required: pulumi.Input<boolean>; stringAttributeConstraints: pulumi.Input<{ maxLength: pulumi.Input<string>; minLength: pulumi.Input<string>; }>; }>[]>;
A container with the schema attributes of a user pool. Maximum of 50 attributes.
property smsAuthenticationMessage
smsAuthenticationMessage?: pulumi.Input<string>;
A string representing the SMS authentication message.
property smsConfiguration
smsConfiguration?: pulumi.Input<{ externalId: pulumi.Input<string>; snsCallerArn: pulumi.Input<string>; }>;
The SMS Configuration.
property smsVerificationMessage
smsVerificationMessage?: pulumi.Input<string>;
A string representing the SMS verification message.
property tags
tags?: pulumi.Input<{[key: string]: any}>;
A mapping of tags to assign to the User Pool.
property usernameAttributes
usernameAttributes?: pulumi.Input<pulumi.Input<string>[]>;
Specifies whether email addresses or phone numbers can be specified as usernames when a user signs up. Conflicts with alias_attributes
.
property verificationMessageTemplate
verificationMessageTemplate?: pulumi.Input<{ defaultEmailOption: pulumi.Input<string>; emailMessage: pulumi.Input<string>; emailMessageByLink: pulumi.Input<string>; emailSubject: pulumi.Input<string>; emailSubjectByLink: pulumi.Input<string>; smsMessage: pulumi.Input<string>; }>;
The verification message templates configuration.