CognitoAuthorizerProps

class aws_cdk.aws_bedrock_agentcore_alpha.CognitoAuthorizerProps(*, user_pool, allowed_audiences=None, allowed_clients=None, allowed_scopes=None, custom_claims=None)

Bases: object

(experimental) ************************************************************************ Factory ***********************************************************************.

Parameters:

  • user_pool (IUserPool) – (experimental) The Cognito User Pool to use for authentication.

  • allowed_audiences (Optional[Sequence[str]]) – (experimental) The allowed audiences for JWT validation. Default: - No audience validation

  • allowed_clients (Optional[Sequence[IUserPoolClient]]) – (experimental) The allowed User Pool clients. Default: - All clients are allowed

  • allowed_scopes (Optional[Sequence[str]]) – (experimental) The allowed scopes for JWT validation. Default: - No scope validation

  • custom_claims (Optional[Sequence[GatewayCustomClaim]]) – (experimental) Custom claims for additional JWT token validation. Allows you to validate additional fields in JWT tokens beyond the standard audience, client, and scope validations. Default: - No custom claim validation

Stability:

experimental

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_bedrock_agentcore_alpha as bedrock_agentcore_alpha
from aws_cdk import aws_cognito as cognito

# gateway_custom_claim: bedrock_agentcore_alpha.GatewayCustomClaim
# user_pool: cognito.UserPool
# user_pool_client: cognito.UserPoolClient

cognito_authorizer_props = bedrock_agentcore_alpha.CognitoAuthorizerProps(
    user_pool=user_pool,

    # the properties below are optional
    allowed_audiences=["allowedAudiences"],
    allowed_clients=[user_pool_client],
    allowed_scopes=["allowedScopes"],
    custom_claims=[gateway_custom_claim]
)

Attributes

allowed_audiences

(experimental) The allowed audiences for JWT validation.

Default:

  • No audience validation

Stability:

experimental

allowed_clients

(experimental) The allowed User Pool clients.

Default:

  • All clients are allowed

Stability:

experimental

allowed_scopes

(experimental) The allowed scopes for JWT validation.

Default:

  • No scope validation

Stability:

experimental

custom_claims

(experimental) Custom claims for additional JWT token validation.

Allows you to validate additional fields in JWT tokens beyond the standard audience, client, and scope validations.

Default:

  • No custom claim validation

Stability:

experimental

user_pool

(experimental) The Cognito User Pool to use for authentication.

Stability:

experimental