AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.

Class: Aws::CognitoIdentity::Types::RoleMapping

Inherits:
Struct
  • Object
show all
Defined in:
gems/aws-sdk-cognitoidentity/lib/aws-sdk-cognitoidentity/types.rb

Overview

Note:

When making an API call, you may pass RoleMapping data as a hash:

{
  type: "Token", # required, accepts Token, Rules
  ambiguous_role_resolution: "AuthenticatedRole", # accepts AuthenticatedRole, Deny
  rules_configuration: {
    rules: [ # required
      {
        claim: "ClaimName", # required
        match_type: "Equals", # required, accepts Equals, Contains, StartsWith, NotEqual
        value: "ClaimValue", # required
        role_arn: "ARNString", # required
      },
    ],
  },
}

A role mapping.

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#ambiguous_role_resolutionString

If you specify Token or Rules as the Type, AmbiguousRoleResolution is required.

Specifies the action to be taken if either no rules match the claim value for the Rules type, or there is no cognito:preferred_role claim and there are multiple cognito:roles matches for the Token type.

Returns:

  • (String)


1338
1339
1340
1341
1342
1343
1344
# File 'gems/aws-sdk-cognitoidentity/lib/aws-sdk-cognitoidentity/types.rb', line 1338

class RoleMapping < Struct.new(
  :type,
  :ambiguous_role_resolution,
  :rules_configuration)
  SENSITIVE = []
  include Aws::Structure
end

#rules_configurationTypes::RulesConfigurationType

The rules to be used for mapping users to roles.

If you specify Rules as the role mapping type, RulesConfiguration is required.



1338
1339
1340
1341
1342
1343
1344
# File 'gems/aws-sdk-cognitoidentity/lib/aws-sdk-cognitoidentity/types.rb', line 1338

class RoleMapping < Struct.new(
  :type,
  :ambiguous_role_resolution,
  :rules_configuration)
  SENSITIVE = []
  include Aws::Structure
end

#typeString

The role mapping type. Token will use cognito:roles and cognito:preferred_role claims from the Cognito identity provider token to map groups to roles. Rules will attempt to match claims from the token to map to a role.

Returns:

  • (String)


1338
1339
1340
1341
1342
1343
1344
# File 'gems/aws-sdk-cognitoidentity/lib/aws-sdk-cognitoidentity/types.rb', line 1338

class RoleMapping < Struct.new(
  :type,
  :ambiguous_role_resolution,
  :rules_configuration)
  SENSITIVE = []
  include Aws::Structure
end