AWS::Cognito::IdentityPoolRoleAttachment MappingRule

Defines how to map a claim to a role ARN.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:


{
  "Claim" : String,
  "MatchType" : String,
  "RoleARN" : String,
  "Value" : String
}


  Claim: String
  MatchType: String
  RoleARN: String
  Value: String

Claim

The claim name that must be present in the token. For example: "isAdmin" or "paid".

Required: Yes

Type: String

Update requires: No interruption

MatchType

The match condition that specifies how closely the claim value in the IdP token must match Value.

Valid values are: Equals, Contains, StartsWith, and NotEqual.

Required: Yes

Type: String

Update requires: No interruption

RoleARN

The Amazon Resource Name (ARN) of the role.

Required: Yes

Type: String

Update requires: No interruption

Value

A brief string that the claim must match. For example, "paid" or "yes".

Required: Yes

Type: String

Update requires: No interruption

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

AWS::Cognito::IdentityPoolRoleAttachment

RoleMapping