» Resource: aws_cognito_identity_pool
Provides an AWS Cognito Identity Pool.
» Example Usage
resource "aws_iam_saml_provider" "default" {
name = "my-saml-provider"
saml_metadata_document = "${file("saml-metadata.xml")}"
}
resource "aws_cognito_identity_pool" "main" {
identity_pool_name = "identity pool"
allow_unauthenticated_identities = false
cognito_identity_providers {
client_id = "6lhlkkfbfb4q5kpp90urffae"
provider_name = "cognito-idp.us-east-1.amazonaws.com/us-east-1_Tv0493apJ"
server_side_token_check = false
}
cognito_identity_providers {
client_id = "7kodkvfqfb4qfkp39eurffae"
provider_name = "cognito-idp.us-east-1.amazonaws.com/eu-west-1_Zr231apJu"
server_side_token_check = false
}
supported_login_providers = {
"graph.facebook.com" = "7346241598935552"
"accounts.google.com" = "123456789012.apps.googleusercontent.com"
}
saml_provider_arns = ["${aws_iam_saml_provider.default.arn}"]
openid_connect_provider_arns = ["arn:aws:iam::123456789012:oidc-provider/foo.example.com"]
}
» Argument Reference
The Cognito Identity Pool argument layout is a structure composed of several sub-resources - these resources are laid out below.
-
identity_pool_name
(Required) - The Cognito Identity Pool name. -
allow_unauthenticated_identities
(Required) - Whether the identity pool supports unauthenticated logins or not. -
developer_provider_name
(Optional) - The "domain" by which Cognito will refer to your users. This name acts as a placeholder that allows your backend and the Cognito service to communicate about the developer provider. -
cognito_identity_providers
(Optional) - An array of Amazon Cognito Identity user pools and their client IDs. -
openid_connect_provider_arns
(Optional) - A list of OpendID Connect provider ARNs. -
saml_provider_arns
(Optional) - An array of Amazon Resource Names (ARNs) of the SAML provider for your identity. -
supported_login_providers
(Optional) - Key-Value pairs mapping provider names to provider app IDs.
» Cognito Identity Providers
-
client_id
(Optional) - The client ID for the Amazon Cognito Identity User Pool. -
provider_name
(Optional) - The provider name for an Amazon Cognito Identity User Pool. -
server_side_token_check
(Optional) - Whether server-side token validation is enabled for the identity provider’s token or not.
» Attributes Reference
In addition to the arguments, which are exported, the following attributes are exported:
» Import
Cognito Identity Pool can be imported using the name, e.g.
$ terraform import aws_cognito_identity_pool.mypool <identity-pool-id>