IdentityPoolRoleMapping
- class aws_cdk.aws_cognito_identitypool_alpha.IdentityPoolRoleMapping(*, provider_url, mapping_key=None, resolve_ambiguous_roles=None, rules=None, use_token=None)
Bases:
object
(experimental) Map roles to users in the Identity Pool based on claims from the Identity Provider.
- Parameters:
provider_url (
IdentityPoolProviderUrl
) – (experimental) The url of the Provider for which the role is mapped.mapping_key (
Optional
[str
]) – (experimental) The key used for the role mapping in the role mapping hash. Required if the providerUrl is a token. Default: - The provided providerUrlresolve_ambiguous_roles (
Optional
[bool
]) – (experimental) Allow for role assumption when results of role mapping are ambiguous. Default: false - Ambiguous role resolutions will lead to requester being deniedrules (
Optional
[Sequence
[Union
[RoleMappingRule
,Dict
[str
,Any
]]]]) – (experimental) The claim and value that must be matched in order to assume the role. Required if useToken is false Default: - No role mapping ruleuse_token (
Optional
[bool
]) – (experimental) If true then mapped roles must be passed through the cognito:roles or cognito:preferred_role claims from Identity Provider. Default: false
- See:
- Stability:
experimental
- ExampleMetadata:
infused
Example:
from aws_cdk.aws_cognito_identitypool_alpha import IdentityPoolRoleMapping # identity_pool: IdentityPool # my_added_role_mapping1: IdentityPoolRoleMapping # my_added_role_mapping2: IdentityPoolRoleMapping # my_added_role_mapping3: IdentityPoolRoleMapping identity_pool.add_role_mappings(my_added_role_mapping1, my_added_role_mapping2, my_added_role_mapping3)
Attributes
- mapping_key
(experimental) The key used for the role mapping in the role mapping hash.
Required if the providerUrl is a token.
- Default:
The provided providerUrl
- Stability:
experimental
- provider_url
(experimental) The url of the Provider for which the role is mapped.
- Stability:
experimental
- resolve_ambiguous_roles
(experimental) Allow for role assumption when results of role mapping are ambiguous.
- Default:
false - Ambiguous role resolutions will lead to requester being denied
- Stability:
experimental
- rules
(experimental) The claim and value that must be matched in order to assume the role.
Required if useToken is false
- Default:
No role mapping rule
- Stability:
experimental
- use_token
preferred_role claims from Identity Provider.
- Default:
false
- See:
- Stability:
experimental
- Type:
(experimental) If true then mapped roles must be passed through the cognito
- Type:
roles or cognito