Syntax Properties Return values Examples

AWS::Cognito::UserPoolResourceServer

The AWS::Cognito::UserPoolResourceServer resource creates a new OAuth2.0 resource server and defines custom scopes in it.

Note

If you don't specify a value for a parameter, Amazon Cognito sets it to a default value.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON


{
  "Type" : "AWS::Cognito::UserPoolResourceServer",
  "Properties" : {
      "Identifier" : String,
      "Name" : String,
      "Scopes" : [ ResourceServerScopeType, ... ],
      "UserPoolId" : String
    }
}

YAML


Type: AWS::Cognito::UserPoolResourceServer
Properties:
  Identifier: String
  Name: String
  Scopes: 
    - ResourceServerScopeType
  UserPoolId: String

Properties

Identifier

A unique resource server identifier for the resource server. This could be an HTTPS endpoint where the resource server is located. For example: https://my-weather-api.example.com.

Required: Yes

Type: String

Pattern: [\x21\x23-\x5B\x5D-\x7E]+

Minimum: 1

Maximum: 256

Update requires: Replacement

Name

A friendly name for the resource server.

Required: Yes

Type: String

Pattern: [\w\s+=,.@-]+

Minimum: 1

Maximum: 256

Update requires: No interruption

Scopes

A list of scopes. Each scope is a map with keys ScopeName and ScopeDescription.

Required: No

Type: Array of ResourceServerScopeType

Maximum: 100

Update requires: No interruption

UserPoolId

The user pool ID for the user pool.

Required: Yes

Type: String

Pattern: [\w-]+_[0-9a-zA-Z]+

Minimum: 1

Maximum: 55

Update requires: Replacement

Return values

Ref

When you pass the logical ID of this resource to the intrinsic Ref function, Ref returns physicalResourceId, which is the resource server identifier “Identifier". For example:

{ "Ref": "yourResourceServerIdentifier" }

For the Amazon Cognito resource server yourResourceServerIdentifier, Ref returns the name of the resource server.

For more information about using the Ref function, see Ref.

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

Id: The resource ID.

Examples

Creating a new resource server for a user pool

The following example creates a resource server "Name" with the identifier "Identifier" in the referenced user pool.

JSON


{
	"UserPoolResourceServer": {
		"Type": "AWS::Cognito::UserPoolResourceServer",
		"Properties": {
			"UserPoolId": {
				"Ref": "UserPool"
			},
			"Identifier": "Identifier",
			"Name": "Name",
			"Scopes": [{
				"ScopeName": "ScopeName1",
				"ScopeDescription": "description"
			}, {
				"ScopeName": "ScopeName2",
				"ScopeDescription": "description"
			}]
		}
	}
}

YAML


UserPoolResourceServer: 
  Type: AWS::Cognito::UserPoolResourceServer
  Properties: 
    UserPoolId: !Ref UserPool 
    Identifier: "Identifier" 
    Name: "Name" 
    Scopes: 
     - ScopeName: "ScopeName1" 
       ScopeDescription: "description" 
     - ScopeName: "ScopeName2"
       ScopeDescription: "description"

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

AWS::Cognito::UserPoolIdentityProvider

ResourceServerScopeType