AWS::VerifiedPermissions::IdentitySource CognitoUserPoolConfiguration - Amazon CloudFormation
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::VerifiedPermissions::IdentitySource CognitoUserPoolConfiguration

A structure that contains configuration information used when creating or updating an identity source that represents a connection to an Amazon Cognito user pool used as an identity provider for Verified Permissions.


To declare this entity in your Amazon CloudFormation template, use the following syntax:


{ "ClientIds" : [ String, ... ], "GroupConfiguration" : CognitoGroupConfiguration, "UserPoolArn" : String }



The unique application client IDs that are associated with the specified Amazon Cognito user pool.

Example: "ClientIds": ["&ExampleCogClientId;"]

Required: No

Type: Array of String

Minimum: 1 | 0

Maximum: 255 | 1000

Update requires: No interruption


The type of entity that a policy store maps to groups from an Amazon Cognito user pool identity source.

Required: No

Type: CognitoGroupConfiguration

Update requires: No interruption


The Amazon Resource Name (ARN) of the Amazon Cognito user pool that contains the identities to be authorized.

Required: Yes

Type: String

Pattern: ^arn:[a-zA-Z0-9-]+:cognito-idp:(([a-zA-Z0-9-]+:\d{12}:userpool/[\w-]+_[0-9a-zA-Z]+))$

Minimum: 1

Maximum: 255

Update requires: No interruption