AWS::VerifiedPermissions::IdentitySource IdentitySourceDetails - Amazon CloudFormation
SyntaxProperties
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::VerifiedPermissions::IdentitySource IdentitySourceDetails

A structure that contains configuration of the identity source.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{
  "ClientIds" : [ String, ... ],
  "DiscoveryUrl" : String,
  "OpenIdIssuer" : String,
  "UserPoolArn" : String
}

YAML

  ClientIds: 
    - String
  DiscoveryUrl: String
  OpenIdIssuer: String
  UserPoolArn: String

Properties

ClientIds

The application client IDs associated with the specified Amazon Cognito user pool that are enabled for this identity source.

Required: No

Type: List of String

Update requires: No interruption

DiscoveryUrl

The well-known URL that points to this user pool's OIDC discovery endpoint. This is a URL string in the following format. This URL replaces the placeholders for both the Amazon Web Services Region and the user pool identifier with those appropriate for this user pool.

https://cognito-idp.<region>.amazonaws.com/<user-pool-id>/.well-known/openid-configuration

Required: No

Type: String

Update requires: No interruption

OpenIdIssuer

A string that identifies the type of OIDC service represented by this identity source.

At this time, the only valid value is cognito.

Required: No

Type: String

Update requires: No interruption

UserPoolArn

The Amazon Resource Name (ARN) of the Amazon Cognito user pool whose identities are accessible to this Verified Permissions policy store.

Required: No

Type: String

Update requires: No interruption