Amazon Cognito Identity examples using Amazon CLI - Amazon Command Line Interface
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

This documentation is for Version 1 of the Amazon CLI only. For documentation related to Version 2 of the Amazon CLI, see the Version 2 User Guide.

Amazon Cognito Identity examples using Amazon CLI

The following code examples show you how to perform actions and implement common scenarios by using the Amazon Command Line Interface with Amazon Cognito Identity.

Actions are code excerpts from larger programs and must be run in context. While actions show you how to call individual service functions, you can see actions in context in their related scenarios.

Each example includes a link to the complete source code, where you can find instructions on how to set up and run the code in context.

Topics

Actions

The following code example shows how to use create-identity-pool.

Amazon CLI

To create an identity pool with Cognito identity pool provider

This example creates an identity pool named MyIdentityPool. It has a Cognito identity pool provider. Unauthenticated identities are not allowed.

Command:

aws cognito-identity create-identity-pool --identity-pool-name MyIdentityPool --no-allow-unauthenticated-identities --cognito-identity-providers ProviderName="cognito-idp.us-west-2.amazonaws.com/us-west-2_aaaaaaaaa",ClientId="3n4b5urk1ft4fl3mg5e62d9ado",ServerSideTokenCheck=false

Output:

{ "IdentityPoolId": "us-west-2:11111111-1111-1111-1111-111111111111", "IdentityPoolName": "MyIdentityPool", "AllowUnauthenticatedIdentities": false, "CognitoIdentityProviders": [ { "ProviderName": "cognito-idp.us-west-2.amazonaws.com/us-west-2_111111111", "ClientId": "3n4b5urk1ft4fl3mg5e62d9ado", "ServerSideTokenCheck": false } ] }

The following code example shows how to use delete-identities.

Amazon CLI

To delete identity pool

This example deletes an identity pool.

Command:

aws cognito-identity delete-identity-pool --identity-ids-to-delete "us-west-2:11111111-1111-1111-1111-111111111111"

Output:

{ "UnprocessedIdentityIds": [] }

The following code example shows how to use delete-identity-pool.

Amazon CLI

To delete identity pool

The following delete-identity-pool example deletes the specified identity pool.

Command:

aws cognito-identity delete-identity-pool \ --identity-pool-id "us-west-2:11111111-1111-1111-1111-111111111111"

This command produces no output.

The following code example shows how to use describe-identity-pool.

Amazon CLI

To describe an identity pool

This example describes an identity pool.

Command:

aws cognito-identity describe-identity-pool --identity-pool-id "us-west-2:11111111-1111-1111-1111-111111111111"

Output:

{ "IdentityPoolId": "us-west-2:11111111-1111-1111-1111-111111111111", "IdentityPoolName": "MyIdentityPool", "AllowUnauthenticatedIdentities": false, "CognitoIdentityProviders": [ { "ProviderName": "cognito-idp.us-west-2.amazonaws.com/us-west-2_111111111", "ClientId": "3n4b5urk1ft4fl3mg5e62d9ado", "ServerSideTokenCheck": false } ] }

The following code example shows how to use get-identity-pool-roles.

Amazon CLI

To get identity pool roles

This example gets identity pool roles.

Command:

aws cognito-identity get-identity-pool-roles --identity-pool-id "us-west-2:11111111-1111-1111-1111-111111111111"

Output:

{ "IdentityPoolId": "us-west-2:11111111-1111-1111-1111-111111111111", "Roles": { "authenticated": "arn:aws:iam::111111111111:role/Cognito_MyIdentityPoolAuth_Role", "unauthenticated": "arn:aws:iam::111111111111:role/Cognito_MyIdentityPoolUnauth_Role" } }

The following code example shows how to use list-identity-pools.

Amazon CLI

To list identity pools

This example lists identity pools. There s a maximum of 20 identities listed.

Command:

aws cognito-identity list-identity-pools --max-results 20

Output:

{ "IdentityPools": [ { "IdentityPoolId": "us-west-2:11111111-1111-1111-1111-111111111111", "IdentityPoolName": "MyIdentityPool" }, { "IdentityPoolId": "us-west-2:11111111-1111-1111-1111-111111111111", "IdentityPoolName": "AnotherIdentityPool" }, { "IdentityPoolId": "us-west-2:11111111-1111-1111-1111-111111111111", "IdentityPoolName": "IdentityPoolRegionA" } ] }

The following code example shows how to use set-identity-pool-roles.

Amazon CLI

To set identity pool roles

The following set-identity-pool-roles example sets an identity pool role.

aws cognito-identity set-identity-pool-roles \ --identity-pool-id "us-west-2:11111111-1111-1111-1111-111111111111" \ --roles authenticated="arn:aws:iam::111111111111:role/Cognito_MyIdentityPoolAuth_Role"

The following code example shows how to use update-identity-pool.

Amazon CLI

To update an identity pool

This example updates an identity pool. It sets the name to MyIdentityPool. It adds Cognito as an identity provider. It disallows unauthenticated identities.

Command:

aws cognito-identity update-identity-pool --identity-pool-id "us-west-2:11111111-1111-1111-1111-111111111111" --identity-pool-name "MyIdentityPool" --no-allow-unauthenticated-identities --cognito-identity-providers ProviderName="cognito-idp.us-west-2.amazonaws.com/us-west-2_111111111",ClientId="3n4b5urk1ft4fl3mg5e62d9ado",ServerSideTokenCheck=false

Output:

{ "IdentityPoolId": "us-west-2:11111111-1111-1111-1111-111111111111", "IdentityPoolName": "MyIdentityPool", "AllowUnauthenticatedIdentities": false, "CognitoIdentityProviders": [ { "ProviderName": "cognito-idp.us-west-2.amazonaws.com/us-west-2_111111111", "ClientId": "3n4b5urk1ft4fl3mg5e62d9ado", "ServerSideTokenCheck": false } ] }