Package software.amazon.awscdk.services.cognito.identitypool.alpha

Interface IdentityPoolRoleMapping

All Superinterfaces:

software.amazon.jsii.JsiiSerializable

All Known Implementing Classes:

IdentityPoolRoleMapping.Jsii$Proxy

@Generated(value="jsii-pacmak/1.94.0 (build b380f01)",
           date="2024-01-13T02:49:33.834Z")
@Stability(Experimental)
public interface IdentityPoolRoleMapping
extends software.amazon.jsii.JsiiSerializable

(experimental) Map roles to users in the identity pool based on claims from the Identity Provider.

Example:

 import software.amazon.awscdk.services.cognito.identitypool.alpha.IdentityPoolRoleMapping;
 IdentityPool identityPool;
 IdentityPoolRoleMapping myAddedRoleMapping1;
 IdentityPoolRoleMapping myAddedRoleMapping2;
 IdentityPoolRoleMapping myAddedRoleMapping3;
 identityPool.addRoleMappings(myAddedRoleMapping1, myAddedRoleMapping2, myAddedRoleMapping3);
 

See Also:

• https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypoolroleattachment.html

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static final class	IdentityPoolRoleMapping.Builder	A builder for IdentityPoolRoleMapping
static final class	IdentityPoolRoleMapping.Jsii$Proxy	An implementation for IdentityPoolRoleMapping

Method Summary

Modifier and Type	Method	Description
static IdentityPoolRoleMapping.Builder	builder()
default String	getMappingKey()	(experimental) The key used for the role mapping in the role mapping hash.
IdentityPoolProviderUrl	getProviderUrl()	(experimental) The url of the provider of for which the role is mapped.
default Boolean	getResolveAmbiguousRoles()	(experimental) Allow for role assumption when results of role mapping are ambiguous.
default List<RoleMappingRule>	getRules()	(experimental) The claim and value that must be matched in order to assume the role.
default Boolean	getUseToken()	(experimental) If true then mapped roles must be passed through the cognito:roles or cognito:preferred_role claims from identity provider.

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Method Details

getProviderUrl

@Stability(Experimental)
@NotNull
IdentityPoolProviderUrl getProviderUrl()

(experimental) The url of the provider of for which the role is mapped.

getMappingKey

@Stability(Experimental)
@Nullable
default String getMappingKey()

(experimental) The key used for the role mapping in the role mapping hash.

Required if the providerUrl is a token.

Default: - the provided providerUrl

getResolveAmbiguousRoles

@Stability(Experimental)
@Nullable
default Boolean getResolveAmbiguousRoles()

(experimental) Allow for role assumption when results of role mapping are ambiguous.

Default: false - Ambiguous role resolutions will lead to requester being denied

getRules

@Stability(Experimental)
@Nullable
default List<RoleMappingRule> getRules()

(experimental) The claim and value that must be matched in order to assume the role.

Required if useToken is false

Default: - No Rule Mapping Rule

getUseToken

@Stability(Experimental)
@Nullable
default Boolean getUseToken()

(experimental) If true then mapped roles must be passed through the cognito:roles or cognito:preferred_role claims from identity provider.

Default: false

See Also:

• https://docs.aws.amazon.com/cognito/latest/developerguide/role-based-access-control.html#using-tokens-to-assign-roles-to-users

builder

@Stability(Experimental)
static IdentityPoolRoleMapping.Builder builder()

Returns:

a IdentityPoolRoleMapping.Builder of IdentityPoolRoleMapping