SetIdentityPoolRoles
Sets the roles for an identity pool. These roles are used when making calls to GetCredentialsForIdentity action.
You must use Amazon developer credentials to call this operation.
Request Syntax
{
"IdentityPoolId": "string
",
"RoleMappings": {
"string
" : {
"AmbiguousRoleResolution": "string
",
"RulesConfiguration": {
"Rules": [
{
"Claim": "string
",
"MatchType": "string
",
"RoleARN": "string
",
"Value": "string
"
}
]
},
"Type": "string
"
}
},
"Roles": {
"string
" : "string
"
}
}
Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- IdentityPoolId
-
An identity pool ID in the format REGION:GUID.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 55.
Pattern:
[\w-]+:[0-9a-f-]+
Required: Yes
- RoleMappings
-
How users for a specific identity provider are to mapped to roles. This is a string to RoleMapping object map. The string identifies the identity provider, for example,
graph.facebook.com
orcognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id
.Up to 25 rules can be specified per identity provider.
Type: String to RoleMapping object map
Map Entries: Maximum number of 10 items.
Key Length Constraints: Minimum length of 1. Maximum length of 128.
Required: No
- Roles
-
The map of roles associated with this pool. For a given role, the key will be either "authenticated" or "unauthenticated" and the value will be the Role ARN.
Type: String to string map
Map Entries: Maximum number of 2 items.
Key Pattern:
(un)?authenticated
Value Length Constraints: Minimum length of 20. Maximum length of 2048.
Required: Yes
Response Elements
If the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.
Errors
For information about the errors that are common to all actions, see Common Errors.
- ConcurrentModificationException
-
Thrown if there are parallel requests to modify a resource.
HTTP Status Code: 400
- InternalErrorException
-
Thrown when the service encounters an error during processing the request.
HTTP Status Code: 500
- InvalidParameterException
-
Thrown for missing or bad input parameter(s).
HTTP Status Code: 400
- NotAuthorizedException
-
Thrown when a user is not authorized to access the requested resource.
HTTP Status Code: 400
- ResourceConflictException
-
Thrown when a user tries to use a login which is already linked to another account.
HTTP Status Code: 400
- ResourceNotFoundException
-
Thrown when the requested resource (for example, a dataset or record) does not exist.
HTTP Status Code: 400
- TooManyRequestsException
-
Thrown when a request is throttled.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific Amazon SDKs, see the following: