Fork me on GitHub

Module cognito

@pulumi/aws > cognito

Index

cognito/getUserPools.ts cognito/identityPool.ts cognito/identityPoolRoleAttachment.ts cognito/identityProvider.ts cognito/resourceServer.ts cognito/userGroup.ts cognito/userPool.ts cognito/userPoolClient.ts cognito/userPoolDomain.ts

class IdentityPool

Provides an AWS Cognito Identity Pool.

constructor

new IdentityPool(name: string, args: IdentityPoolArgs, opts?: pulumi.CustomResourceOptions)

Create a IdentityPool resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: IdentityPoolState): IdentityPool

Get an existing IdentityPool resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property allowUnauthenticatedIdentities

public allowUnauthenticatedIdentities: pulumi.Output<boolean | undefined>;

Whether the identity pool supports unauthenticated logins or not.

property arn

public arn: pulumi.Output<string>;

The ARN of the identity pool.

property cognitoIdentityProviders

public cognitoIdentityProviders: pulumi.Output<{ ... }[] | undefined>;

An array of Amazon Cognito Identity user pools and their client IDs.

property developerProviderName

public developerProviderName: pulumi.Output<string | undefined>;

The “domain” by which Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property identityPoolName

public identityPoolName: pulumi.Output<string>;

The Cognito Identity Pool name.

property openidConnectProviderArns

public openidConnectProviderArns: pulumi.Output<string[] | undefined>;

A list of OpendID Connect provider ARNs.

property samlProviderArns

public samlProviderArns: pulumi.Output<string[] | undefined>;

An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.

property supportedLoginProviders

public supportedLoginProviders: pulumi.Output<{ ... } | undefined>;

Key-Value pairs mapping provider names to provider app IDs.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class IdentityPoolRoleAttachment

Provides an AWS Cognito Identity Pool Roles Attachment.

constructor

new IdentityPoolRoleAttachment(name: string, args: IdentityPoolRoleAttachmentArgs, opts?: pulumi.CustomResourceOptions)

Create a IdentityPoolRoleAttachment resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: IdentityPoolRoleAttachmentState): IdentityPoolRoleAttachment

Get an existing IdentityPoolRoleAttachment resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property identityPoolId

public identityPoolId: pulumi.Output<string>;

An identity pool ID in the format REGION:GUID.

property roleMappings

public roleMappings: pulumi.Output<{ ... }[] | undefined>;

A List of Role Mapping.

property roles

public roles: pulumi.Output<{ ... }>;

The map of roles associated with this pool. For a given role, the key will be either “authenticated” or “unauthenticated” and the value will be the Role ARN.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

class IdentityProvider

Provides a Cognito User Identity Provider resource.

constructor

new IdentityProvider(name: string, args: IdentityProviderArgs, opts?: pulumi.CustomResourceOptions)

Create a IdentityProvider resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: IdentityProviderState): IdentityProvider

Get an existing IdentityProvider resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property attributeMapping

public attributeMapping: pulumi.Output<{ ... } | undefined>;

The map of attribute mapping of user pool attributes. AttributeMapping in AWS API documentation

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property idpIdentifiers

public idpIdentifiers: pulumi.Output<string[] | undefined>;

The list of identity providers.

property providerDetails

public providerDetails: pulumi.Output<{ ... }>;

The map of identity details, such as access token

property providerName

public providerName: pulumi.Output<string>;

The provider name

property providerType

public providerType: pulumi.Output<string>;

The provider type. See AWS API for valid values

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property userPoolId

public userPoolId: pulumi.Output<string>;

The user pool id

class ResourceServer

Provides a Cognito Resource Server.

constructor

new ResourceServer(name: string, args: ResourceServerArgs, opts?: pulumi.CustomResourceOptions)

Create a ResourceServer resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ResourceServerState): ResourceServer

Get an existing ResourceServer resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property identifier

public identifier: pulumi.Output<string>;

An identifier for the resource server.

property name

public name: pulumi.Output<string>;

A name for the resource server.

property scopeIdentifiers

public scopeIdentifiers: pulumi.Output<string[]>;

A list of all scopes configured for this resource server in the format identifier/scope_name.

property scopes

public scopes: pulumi.Output<{ ... }[] | undefined>;

A list of Authorization Scope.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property userPoolId

public userPoolId: pulumi.Output<string>;

class UserGroup

Provides a Cognito User Group resource.

constructor

new UserGroup(name: string, args: UserGroupArgs, opts?: pulumi.CustomResourceOptions)

Create a UserGroup resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: UserGroupState): UserGroup

Get an existing UserGroup resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property description

public description: pulumi.Output<string | undefined>;

The description of the user group.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

The name of the user group.

property precedence

public precedence: pulumi.Output<number | undefined>;

The precedence of the user group.

property roleArn

public roleArn: pulumi.Output<string | undefined>;

The ARN of the IAM role to be associated with the user group.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property userPoolId

public userPoolId: pulumi.Output<string>;

The user pool ID.

class UserPool

Provides a Cognito User Pool resource.

constructor

new UserPool(name: string, args?: UserPoolArgs, opts?: pulumi.CustomResourceOptions)

Create a UserPool resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: UserPoolState): UserPool

Get an existing UserPool resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property adminCreateUserConfig

public adminCreateUserConfig: pulumi.Output<{ ... }>;

The configuration for AdminCreateUser requests.

property aliasAttributes

public aliasAttributes: pulumi.Output<string[] | undefined>;

Attributes supported as an alias for this user pool. Possible values: phone_number, email, or preferred_username. Conflicts with username_attributes.

property arn

public arn: pulumi.Output<string>;

The ARN of the user pool.

property autoVerifiedAttributes

public autoVerifiedAttributes: pulumi.Output<string[] | undefined>;

The attributes to be auto-verified. Possible values: email, phone_number.

property creationDate

public creationDate: pulumi.Output<string>;

The date the user pool was created.

property deviceConfiguration

public deviceConfiguration: pulumi.Output<{ ... } | undefined>;

The configuration for the user pool’s device tracking.

property emailConfiguration

public emailConfiguration: pulumi.Output<{ ... } | undefined>;

The Email Configuration.

property emailVerificationMessage

public emailVerificationMessage: pulumi.Output<string>;

A string representing the email verification message. Must contain the {####} placeholder. NOTE: - If email_verification_message and verification_message_template.email_message are specified and the values are different, either one is prioritized and updated.

property emailVerificationSubject

public emailVerificationSubject: pulumi.Output<string>;

A string representing the email verification subject. NOTE: - If email_verification_subject and verification_message_template.email_subject are specified and the values are different, either one is prioritized and updated.

property endpoint

public endpoint: pulumi.Output<string>;

The endpoint name of the user pool. Example format: cognito-idp.REGION.amazonaws.com/xxxx_yyyyy

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property lambdaConfig

public lambdaConfig: pulumi.Output<{ ... }>;

A container for the AWS Lambda triggers associated with the user pool.

property lastModifiedDate

public lastModifiedDate: pulumi.Output<string>;

The date the user pool was last modified.

property mfaConfiguration

public mfaConfiguration: pulumi.Output<string | undefined>;

Set to enable multi-factor authentication. Must be one of the following values (ON, OFF, OPTIONAL)

property name

public name: pulumi.Output<string>;

The name of the attribute.

property passwordPolicy

public passwordPolicy: pulumi.Output<{ ... }>;

A container for information about the user pool password policy.

property schemas

public schemas: pulumi.Output<{ ... }[] | undefined>;

A container with the schema attributes of a user pool. Maximum of 50 attributes.

property smsAuthenticationMessage

public smsAuthenticationMessage: pulumi.Output<string | undefined>;

A string representing the SMS authentication message.

property smsConfiguration

public smsConfiguration: pulumi.Output<{ ... } | undefined>;

The SMS Configuration.

property smsVerificationMessage

public smsVerificationMessage: pulumi.Output<string | undefined>;

A string representing the SMS verification message.

property tags

public tags: pulumi.Output<Tags | undefined>;

A mapping of tags to assign to the User Pool.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property usernameAttributes

public usernameAttributes: pulumi.Output<string[] | undefined>;

Specifies whether email addresses or phone numbers can be specified as usernames when a user signs up. Conflicts with alias_attributes.

property verificationMessageTemplate

public verificationMessageTemplate: pulumi.Output<{ ... }>;

The verification message templates configuration.

class UserPoolClient

Provides a Cognito User Pool Client resource.

constructor

new UserPoolClient(name: string, args: UserPoolClientArgs, opts?: pulumi.CustomResourceOptions)

Create a UserPoolClient resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: UserPoolClientState): UserPoolClient

Get an existing UserPoolClient resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property allowedOauthFlows

public allowedOauthFlows: pulumi.Output<string[] | undefined>;

List of allowed OAuth flows (code, implicit, client_credentials).

property allowedOauthFlowsUserPoolClient

public allowedOauthFlowsUserPoolClient: pulumi.Output<boolean | undefined>;

Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.

property allowedOauthScopes

public allowedOauthScopes: pulumi.Output<string[] | undefined>;

List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).

property callbackUrls

public callbackUrls: pulumi.Output<string[] | undefined>;

List of allowed callback URLs for the identity providers.

property clientSecret

public clientSecret: pulumi.Output<string>;

The client secret of the user pool client.

property defaultRedirectUri

public defaultRedirectUri: pulumi.Output<string | undefined>;

The default redirect URI. Must be in the list of callback URLs.

property explicitAuthFlows

public explicitAuthFlows: pulumi.Output<string[] | undefined>;

List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH).

property generateSecret

public generateSecret: pulumi.Output<boolean | undefined>;

Should an application secret be generated. AWS JavaScript SDK requires this to be false.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property logoutUrls

public logoutUrls: pulumi.Output<string[] | undefined>;

List of allowed logout URLs for the identity providers.

property name

public name: pulumi.Output<string>;

The name of the application client.

property readAttributes

public readAttributes: pulumi.Output<string[] | undefined>;

List of user pool attributes the application client can read from.

property refreshTokenValidity

public refreshTokenValidity: pulumi.Output<number | undefined>;

The time limit in days refresh tokens are valid for.

property supportedIdentityProviders

public supportedIdentityProviders: pulumi.Output<string[] | undefined>;

List of provider names for the identity providers that are supported on this client.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property userPoolId

public userPoolId: pulumi.Output<string>;

The user pool the client belongs to.

property writeAttributes

public writeAttributes: pulumi.Output<string[] | undefined>;

List of user pool attributes the application client can write to.

class UserPoolDomain

Provides a Cognito User Pool Domain resource.

constructor

new UserPoolDomain(name: string, args: UserPoolDomainArgs, opts?: pulumi.CustomResourceOptions)

Create a UserPoolDomain resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: UserPoolDomainState): UserPoolDomain

Get an existing UserPoolDomain resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property awsAccountId

public awsAccountId: pulumi.Output<string>;

The AWS account ID for the user pool owner.

property cloudfrontDistributionArn

public cloudfrontDistributionArn: pulumi.Output<string>;

The ARN of the CloudFront distribution.

property domain

public domain: pulumi.Output<string>;

The domain string.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property s3Bucket

public s3Bucket: pulumi.Output<string>;

The S3 bucket where the static files for this domain are stored.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property userPoolId

public userPoolId: pulumi.Output<string>;

The user pool ID.

property version

public version: pulumi.Output<string>;

The app version.

function getUserPools

getUserPools(args: GetUserPoolsArgs, opts?: pulumi.InvokeOptions): Promise<GetUserPoolsResult>

Use this data source to get a list of cognito user pools.

interface GetUserPoolsArgs

A collection of arguments for invoking getUserPools.

property name

name: string;

Name of the cognito user pools. Name is not a unique attribute for cognito user pool, so multiple pools might be returned with given name.

interface GetUserPoolsResult

A collection of values returned by getUserPools.

property arns

arns: string[];

property id

id: string;

id is the provider-assigned unique ID for this managed resource.

property ids

ids: string[];

The list of cognito user pool ids.

interface IdentityPoolArgs

The set of arguments for constructing a IdentityPool resource.

property allowUnauthenticatedIdentities

allowUnauthenticatedIdentities?: pulumi.Input<boolean>;

Whether the identity pool supports unauthenticated logins or not.

property cognitoIdentityProviders

cognitoIdentityProviders?: pulumi.Input<pulumi.Input<{ ... }>[]>;

An array of Amazon Cognito Identity user pools and their client IDs.

property developerProviderName

developerProviderName?: pulumi.Input<string>;

The “domain” by which Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider.

property identityPoolName

identityPoolName: pulumi.Input<string>;

The Cognito Identity Pool name.

property openidConnectProviderArns

openidConnectProviderArns?: pulumi.Input<pulumi.Input<string>[]>;

A list of OpendID Connect provider ARNs.

property samlProviderArns

samlProviderArns?: pulumi.Input<pulumi.Input<string>[]>;

An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.

property supportedLoginProviders

supportedLoginProviders?: pulumi.Input<{ ... }>;

Key-Value pairs mapping provider names to provider app IDs.

interface IdentityPoolRoleAttachmentArgs

The set of arguments for constructing a IdentityPoolRoleAttachment resource.

property identityPoolId

identityPoolId: pulumi.Input<string>;

An identity pool ID in the format REGION:GUID.

property roleMappings

roleMappings?: pulumi.Input<pulumi.Input<{ ... }>[]>;

A List of Role Mapping.

property roles

roles: pulumi.Input<{ ... }>;

The map of roles associated with this pool. For a given role, the key will be either “authenticated” or “unauthenticated” and the value will be the Role ARN.

interface IdentityPoolRoleAttachmentState

Input properties used for looking up and filtering IdentityPoolRoleAttachment resources.

property identityPoolId

identityPoolId?: pulumi.Input<string>;

An identity pool ID in the format REGION:GUID.

property roleMappings

roleMappings?: pulumi.Input<pulumi.Input<{ ... }>[]>;

A List of Role Mapping.

property roles

roles?: pulumi.Input<{ ... }>;

The map of roles associated with this pool. For a given role, the key will be either “authenticated” or “unauthenticated” and the value will be the Role ARN.

interface IdentityPoolState

Input properties used for looking up and filtering IdentityPool resources.

property allowUnauthenticatedIdentities

allowUnauthenticatedIdentities?: pulumi.Input<boolean>;

Whether the identity pool supports unauthenticated logins or not.

property arn

arn?: pulumi.Input<string>;

The ARN of the identity pool.

property cognitoIdentityProviders

cognitoIdentityProviders?: pulumi.Input<pulumi.Input<{ ... }>[]>;

An array of Amazon Cognito Identity user pools and their client IDs.

property developerProviderName

developerProviderName?: pulumi.Input<string>;

The “domain” by which Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider.

property identityPoolName

identityPoolName?: pulumi.Input<string>;

The Cognito Identity Pool name.

property openidConnectProviderArns

openidConnectProviderArns?: pulumi.Input<pulumi.Input<string>[]>;

A list of OpendID Connect provider ARNs.

property samlProviderArns

samlProviderArns?: pulumi.Input<pulumi.Input<string>[]>;

An array of Amazon Resource Names (ARNs) of the SAML provider for your identity.

property supportedLoginProviders

supportedLoginProviders?: pulumi.Input<{ ... }>;

Key-Value pairs mapping provider names to provider app IDs.

interface IdentityProviderArgs

The set of arguments for constructing a IdentityProvider resource.

property attributeMapping

attributeMapping?: pulumi.Input<{ ... }>;

The map of attribute mapping of user pool attributes. AttributeMapping in AWS API documentation

property idpIdentifiers

idpIdentifiers?: pulumi.Input<pulumi.Input<string>[]>;

The list of identity providers.

property providerDetails

providerDetails: pulumi.Input<{ ... }>;

The map of identity details, such as access token

property providerName

providerName: pulumi.Input<string>;

The provider name

property providerType

providerType: pulumi.Input<string>;

The provider type. See AWS API for valid values

property userPoolId

userPoolId: pulumi.Input<string>;

The user pool id

interface IdentityProviderState

Input properties used for looking up and filtering IdentityProvider resources.

property attributeMapping

attributeMapping?: pulumi.Input<{ ... }>;

The map of attribute mapping of user pool attributes. AttributeMapping in AWS API documentation

property idpIdentifiers

idpIdentifiers?: pulumi.Input<pulumi.Input<string>[]>;

The list of identity providers.

property providerDetails

providerDetails?: pulumi.Input<{ ... }>;

The map of identity details, such as access token

property providerName

providerName?: pulumi.Input<string>;

The provider name

property providerType

providerType?: pulumi.Input<string>;

The provider type. See AWS API for valid values

property userPoolId

userPoolId?: pulumi.Input<string>;

The user pool id

interface ResourceServerArgs

The set of arguments for constructing a ResourceServer resource.

property identifier

identifier: pulumi.Input<string>;

An identifier for the resource server.

property name

name?: pulumi.Input<string>;

A name for the resource server.

property scopes

scopes?: pulumi.Input<pulumi.Input<{ ... }>[]>;

A list of Authorization Scope.

property userPoolId

userPoolId: pulumi.Input<string>;

interface ResourceServerState

Input properties used for looking up and filtering ResourceServer resources.

property identifier

identifier?: pulumi.Input<string>;

An identifier for the resource server.

property name

name?: pulumi.Input<string>;

A name for the resource server.

property scopeIdentifiers

scopeIdentifiers?: pulumi.Input<pulumi.Input<string>[]>;

A list of all scopes configured for this resource server in the format identifier/scope_name.

property scopes

scopes?: pulumi.Input<pulumi.Input<{ ... }>[]>;

A list of Authorization Scope.

property userPoolId

userPoolId?: pulumi.Input<string>;

interface UserGroupArgs

The set of arguments for constructing a UserGroup resource.

property description

description?: pulumi.Input<string>;

The description of the user group.

property name

name?: pulumi.Input<string>;

The name of the user group.

property precedence

precedence?: pulumi.Input<number>;

The precedence of the user group.

property roleArn

roleArn?: pulumi.Input<string>;

The ARN of the IAM role to be associated with the user group.

property userPoolId

userPoolId: pulumi.Input<string>;

The user pool ID.

interface UserGroupState

Input properties used for looking up and filtering UserGroup resources.

property description

description?: pulumi.Input<string>;

The description of the user group.

property name

name?: pulumi.Input<string>;

The name of the user group.

property precedence

precedence?: pulumi.Input<number>;

The precedence of the user group.

property roleArn

roleArn?: pulumi.Input<string>;

The ARN of the IAM role to be associated with the user group.

property userPoolId

userPoolId?: pulumi.Input<string>;

The user pool ID.

interface UserPoolArgs

The set of arguments for constructing a UserPool resource.

property adminCreateUserConfig

adminCreateUserConfig?: pulumi.Input<{ ... }>;

The configuration for AdminCreateUser requests.

property aliasAttributes

aliasAttributes?: pulumi.Input<pulumi.Input<string>[]>;

Attributes supported as an alias for this user pool. Possible values: phone_number, email, or preferred_username. Conflicts with username_attributes.

property autoVerifiedAttributes

autoVerifiedAttributes?: pulumi.Input<pulumi.Input<string>[]>;

The attributes to be auto-verified. Possible values: email, phone_number.

property deviceConfiguration

deviceConfiguration?: pulumi.Input<{ ... }>;

The configuration for the user pool’s device tracking.

property emailConfiguration

emailConfiguration?: pulumi.Input<{ ... }>;

The Email Configuration.

property emailVerificationMessage

emailVerificationMessage?: pulumi.Input<string>;

A string representing the email verification message. Must contain the {####} placeholder. NOTE: - If email_verification_message and verification_message_template.email_message are specified and the values are different, either one is prioritized and updated.

property emailVerificationSubject

emailVerificationSubject?: pulumi.Input<string>;

A string representing the email verification subject. NOTE: - If email_verification_subject and verification_message_template.email_subject are specified and the values are different, either one is prioritized and updated.

property lambdaConfig

lambdaConfig?: pulumi.Input<{ ... }>;

A container for the AWS Lambda triggers associated with the user pool.

property mfaConfiguration

mfaConfiguration?: pulumi.Input<string>;

Set to enable multi-factor authentication. Must be one of the following values (ON, OFF, OPTIONAL)

property name

name?: pulumi.Input<string>;

The name of the attribute.

property passwordPolicy

passwordPolicy?: pulumi.Input<{ ... }>;

A container for information about the user pool password policy.

property schemas

schemas?: pulumi.Input<pulumi.Input<{ ... }>[]>;

A container with the schema attributes of a user pool. Maximum of 50 attributes.

property smsAuthenticationMessage

smsAuthenticationMessage?: pulumi.Input<string>;

A string representing the SMS authentication message.

property smsConfiguration

smsConfiguration?: pulumi.Input<{ ... }>;

The SMS Configuration.

property smsVerificationMessage

smsVerificationMessage?: pulumi.Input<string>;

A string representing the SMS verification message.

property tags

tags?: pulumi.Input<Tags>;

A mapping of tags to assign to the User Pool.

property usernameAttributes

usernameAttributes?: pulumi.Input<pulumi.Input<string>[]>;

Specifies whether email addresses or phone numbers can be specified as usernames when a user signs up. Conflicts with alias_attributes.

property verificationMessageTemplate

verificationMessageTemplate?: pulumi.Input<{ ... }>;

The verification message templates configuration.

interface UserPoolClientArgs

The set of arguments for constructing a UserPoolClient resource.

property allowedOauthFlows

allowedOauthFlows?: pulumi.Input<pulumi.Input<string>[]>;

List of allowed OAuth flows (code, implicit, client_credentials).

property allowedOauthFlowsUserPoolClient

allowedOauthFlowsUserPoolClient?: pulumi.Input<boolean>;

Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.

property allowedOauthScopes

allowedOauthScopes?: pulumi.Input<pulumi.Input<string>[]>;

List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).

property callbackUrls

callbackUrls?: pulumi.Input<pulumi.Input<string>[]>;

List of allowed callback URLs for the identity providers.

property defaultRedirectUri

defaultRedirectUri?: pulumi.Input<string>;

The default redirect URI. Must be in the list of callback URLs.

property explicitAuthFlows

explicitAuthFlows?: pulumi.Input<pulumi.Input<string>[]>;

List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH).

property generateSecret

generateSecret?: pulumi.Input<boolean>;

Should an application secret be generated. AWS JavaScript SDK requires this to be false.

property logoutUrls

logoutUrls?: pulumi.Input<pulumi.Input<string>[]>;

List of allowed logout URLs for the identity providers.

property name

name?: pulumi.Input<string>;

The name of the application client.

property readAttributes

readAttributes?: pulumi.Input<pulumi.Input<string>[]>;

List of user pool attributes the application client can read from.

property refreshTokenValidity

refreshTokenValidity?: pulumi.Input<number>;

The time limit in days refresh tokens are valid for.

property supportedIdentityProviders

supportedIdentityProviders?: pulumi.Input<pulumi.Input<string>[]>;

List of provider names for the identity providers that are supported on this client.

property userPoolId

userPoolId: pulumi.Input<string>;

The user pool the client belongs to.

property writeAttributes

writeAttributes?: pulumi.Input<pulumi.Input<string>[]>;

List of user pool attributes the application client can write to.

interface UserPoolClientState

Input properties used for looking up and filtering UserPoolClient resources.

property allowedOauthFlows

allowedOauthFlows?: pulumi.Input<pulumi.Input<string>[]>;

List of allowed OAuth flows (code, implicit, client_credentials).

property allowedOauthFlowsUserPoolClient

allowedOauthFlowsUserPoolClient?: pulumi.Input<boolean>;

Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.

property allowedOauthScopes

allowedOauthScopes?: pulumi.Input<pulumi.Input<string>[]>;

List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).

property callbackUrls

callbackUrls?: pulumi.Input<pulumi.Input<string>[]>;

List of allowed callback URLs for the identity providers.

property clientSecret

clientSecret?: pulumi.Input<string>;

The client secret of the user pool client.

property defaultRedirectUri

defaultRedirectUri?: pulumi.Input<string>;

The default redirect URI. Must be in the list of callback URLs.

property explicitAuthFlows

explicitAuthFlows?: pulumi.Input<pulumi.Input<string>[]>;

List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH).

property generateSecret

generateSecret?: pulumi.Input<boolean>;

Should an application secret be generated. AWS JavaScript SDK requires this to be false.

property logoutUrls

logoutUrls?: pulumi.Input<pulumi.Input<string>[]>;

List of allowed logout URLs for the identity providers.

property name

name?: pulumi.Input<string>;

The name of the application client.

property readAttributes

readAttributes?: pulumi.Input<pulumi.Input<string>[]>;

List of user pool attributes the application client can read from.

property refreshTokenValidity

refreshTokenValidity?: pulumi.Input<number>;

The time limit in days refresh tokens are valid for.

property supportedIdentityProviders

supportedIdentityProviders?: pulumi.Input<pulumi.Input<string>[]>;

List of provider names for the identity providers that are supported on this client.

property userPoolId

userPoolId?: pulumi.Input<string>;

The user pool the client belongs to.

property writeAttributes

writeAttributes?: pulumi.Input<pulumi.Input<string>[]>;

List of user pool attributes the application client can write to.

interface UserPoolDomainArgs

The set of arguments for constructing a UserPoolDomain resource.

property domain

domain: pulumi.Input<string>;

The domain string.

property userPoolId

userPoolId: pulumi.Input<string>;

The user pool ID.

interface UserPoolDomainState

Input properties used for looking up and filtering UserPoolDomain resources.

property awsAccountId

awsAccountId?: pulumi.Input<string>;

The AWS account ID for the user pool owner.

property cloudfrontDistributionArn

cloudfrontDistributionArn?: pulumi.Input<string>;

The ARN of the CloudFront distribution.

property domain

domain?: pulumi.Input<string>;

The domain string.

property s3Bucket

s3Bucket?: pulumi.Input<string>;

The S3 bucket where the static files for this domain are stored.

property userPoolId

userPoolId?: pulumi.Input<string>;

The user pool ID.

property version

version?: pulumi.Input<string>;

The app version.

interface UserPoolState

Input properties used for looking up and filtering UserPool resources.

property adminCreateUserConfig

adminCreateUserConfig?: pulumi.Input<{ ... }>;

The configuration for AdminCreateUser requests.

property aliasAttributes

aliasAttributes?: pulumi.Input<pulumi.Input<string>[]>;

Attributes supported as an alias for this user pool. Possible values: phone_number, email, or preferred_username. Conflicts with username_attributes.

property arn

arn?: pulumi.Input<string>;

The ARN of the user pool.

property autoVerifiedAttributes

autoVerifiedAttributes?: pulumi.Input<pulumi.Input<string>[]>;

The attributes to be auto-verified. Possible values: email, phone_number.

property creationDate

creationDate?: pulumi.Input<string>;

The date the user pool was created.

property deviceConfiguration

deviceConfiguration?: pulumi.Input<{ ... }>;

The configuration for the user pool’s device tracking.

property emailConfiguration

emailConfiguration?: pulumi.Input<{ ... }>;

The Email Configuration.

property emailVerificationMessage

emailVerificationMessage?: pulumi.Input<string>;

A string representing the email verification message. Must contain the {####} placeholder. NOTE: - If email_verification_message and verification_message_template.email_message are specified and the values are different, either one is prioritized and updated.

property emailVerificationSubject

emailVerificationSubject?: pulumi.Input<string>;

A string representing the email verification subject. NOTE: - If email_verification_subject and verification_message_template.email_subject are specified and the values are different, either one is prioritized and updated.

property endpoint

endpoint?: pulumi.Input<string>;

The endpoint name of the user pool. Example format: cognito-idp.REGION.amazonaws.com/xxxx_yyyyy

property lambdaConfig

lambdaConfig?: pulumi.Input<{ ... }>;

A container for the AWS Lambda triggers associated with the user pool.

property lastModifiedDate

lastModifiedDate?: pulumi.Input<string>;

The date the user pool was last modified.

property mfaConfiguration

mfaConfiguration?: pulumi.Input<string>;

Set to enable multi-factor authentication. Must be one of the following values (ON, OFF, OPTIONAL)

property name

name?: pulumi.Input<string>;

The name of the attribute.

property passwordPolicy

passwordPolicy?: pulumi.Input<{ ... }>;

A container for information about the user pool password policy.

property schemas

schemas?: pulumi.Input<pulumi.Input<{ ... }>[]>;

A container with the schema attributes of a user pool. Maximum of 50 attributes.

property smsAuthenticationMessage

smsAuthenticationMessage?: pulumi.Input<string>;

A string representing the SMS authentication message.

property smsConfiguration

smsConfiguration?: pulumi.Input<{ ... }>;

The SMS Configuration.

property smsVerificationMessage

smsVerificationMessage?: pulumi.Input<string>;

A string representing the SMS verification message.

property tags

tags?: pulumi.Input<Tags>;

A mapping of tags to assign to the User Pool.

property usernameAttributes

usernameAttributes?: pulumi.Input<pulumi.Input<string>[]>;

Specifies whether email addresses or phone numbers can be specified as usernames when a user signs up. Conflicts with alias_attributes.

property verificationMessageTemplate

verificationMessageTemplate?: pulumi.Input<{ ... }>;

The verification message templates configuration.