Creating Amazon Verified Permissions resources with Amazon CloudFormation
Amazon Verified Permissions is integrated with Amazon CloudFormation, a service that helps you to model and set up your Amazon resources so that you can spend less time creating and managing your resources and infrastructure. You create a template that describes all the Amazon resources that you want (such as policy stores), and Amazon CloudFormation provisions and configures those resources for you.
When you use Amazon CloudFormation, you can reuse your template to set up your Verified Permissions resources consistently and repeatedly. Describe your resources once, and then provision the same resources over and over in multiple Amazon Web Services accounts and Regions.
Important
Amazon Cognito Identity is not available in all of the same Amazon Web Services Regions as Amazon Verified Permissions. If you receive
an error from Amazon CloudFormation regarding Amazon Cognito Identity, such as Unrecognized resource types:
AWS::Cognito::UserPool, AWS::Cognito::UserPoolClient, we recommend that you
create the Amazon Cognito user pool and client in the geographically closest Amazon Web Services Region where
Amazon Cognito Identity is available. Use this newly created user pool when creating the Verified Permissions identity
source.
Verified Permissions and Amazon CloudFormation templates
To provision and configure resources for Verified Permissions and related services, you must understand Amazon CloudFormation templates. Templates are formatted text files in JSON or YAML. These templates describe the resources that you want to provision in your Amazon CloudFormation stacks. If you're unfamiliar with JSON or YAML, you can use Amazon CloudFormation Designer to help you get started with Amazon CloudFormation templates. For more information, see What is Amazon CloudFormation Designer? in the Amazon CloudFormation User Guide.
Verified Permissions supports creating identity sources, policies, policy stores, and policy templates in Amazon CloudFormation. For more information, including examples of JSON and YAML templates for Verified Permissions resources, see the Amazon Verified Permissions resource type reference in the Amazon CloudFormation User Guide.
Amazon CDK constructs
The Amazon Cloud Development Kit (Amazon CDK) is an open-source software development framework for defining cloud infrastructure in code and provisioning it through Amazon CloudFormation. Constructs, or reusable cloud components, can be used to create Amazon CloudFormation templates. These templates can then be used to deploy your cloud infrastructure.
To learn more and download Amazon CDK, see Amazon Cloud Development Kit
The following are links to documentation for Verified Permissions Amazon CDK resources, such as constructs.
Learn more about Amazon CloudFormation
To learn more about Amazon CloudFormation, see the following resources: