identity_pools
Creates, updates, deletes or gets an identity_pool resource or lists identity_pools in a region
Overview
| Name | identity_pools |
| Type | Resource |
| Description | Resource Type definition for AWS::Cognito::IdentityPool |
| Id | awscc.cognito.identity_pools |
Fields
- get (all properties)
- list (identifiers only)
| Name | Datatype | Description |
|---|---|---|
push_sync | object | |
cognito_identity_providers | array | |
developer_provider_name | string | |
cognito_streams | object | |
supported_login_providers | object | |
name | string | |
cognito_events | object | |
id | string | |
identity_pool_name | string | |
allow_unauthenticated_identities | boolean | |
saml_provider_arns | array | |
open_id_connect_provider_arns | array | |
allow_classic_flow | boolean | |
identity_pool_tags | array | An array of key-value pairs to apply to this resource. |
region | string | AWS region. |
| Name | Datatype | Description |
|---|---|---|
id | string | |
region | string | AWS region. |
For more information, see AWS::Cognito::IdentityPool.
Methods
| Name | Resource | Accessible by | Required Params |
|---|---|---|---|
create_resource | identity_pools | INSERT | AllowUnauthenticatedIdentities, region |
delete_resource | identity_pools | DELETE | Identifier, region |
update_resource | identity_pools | UPDATE | Identifier, PatchDocument, region |
list_resources | identity_pools_list_only | SELECT | region |
get_resource | identity_pools | SELECT | Identifier, region |
SELECT examples
- get (all properties)
- list (identifiers only)
Gets all properties from an individual identity_pool.
SELECT
region,
push_sync,
cognito_identity_providers,
developer_provider_name,
cognito_streams,
supported_login_providers,
name,
cognito_events,
id,
identity_pool_name,
allow_unauthenticated_identities,
saml_provider_arns,
open_id_connect_provider_arns,
allow_classic_flow,
identity_pool_tags
FROM awscc.cognito.identity_pools
WHERE
region = 'us-east-1' AND
Identifier = '{{ id }}';
Lists all identity_pools in a region.
SELECT
region,
id
FROM awscc.cognito.identity_pools_list_only
WHERE
region = 'us-east-1';
INSERT example
Use the following StackQL query and manifest file to create a new identity_pool resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO awscc.cognito.identity_pools (
AllowUnauthenticatedIdentities,
region
)
SELECT
'{{ allow_unauthenticated_identities }}',
'{{ region }}';
/*+ create */
INSERT INTO awscc.cognito.identity_pools (
PushSync,
CognitoIdentityProviders,
DeveloperProviderName,
CognitoStreams,
SupportedLoginProviders,
CognitoEvents,
IdentityPoolName,
AllowUnauthenticatedIdentities,
SamlProviderARNs,
OpenIdConnectProviderARNs,
AllowClassicFlow,
IdentityPoolTags,
region
)
SELECT
'{{ push_sync }}',
'{{ cognito_identity_providers }}',
'{{ developer_provider_name }}',
'{{ cognito_streams }}',
'{{ supported_login_providers }}',
'{{ cognito_events }}',
'{{ identity_pool_name }}',
'{{ allow_unauthenticated_identities }}',
'{{ saml_provider_arns }}',
'{{ open_id_connect_provider_arns }}',
'{{ allow_classic_flow }}',
'{{ identity_pool_tags }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: identity_pool
props:
- name: push_sync
value:
application_arns:
- '{{ application_arns[0] }}'
role_arn: '{{ role_arn }}'
- name: cognito_identity_providers
value:
- server_side_token_check: '{{ server_side_token_check }}'
provider_name: '{{ provider_name }}'
client_id: '{{ client_id }}'
- name: developer_provider_name
value: '{{ developer_provider_name }}'
- name: cognito_streams
value:
streaming_status: '{{ streaming_status }}'
stream_name: '{{ stream_name }}'
role_arn: '{{ role_arn }}'
- name: supported_login_providers
value: {}
- name: cognito_events
value: {}
- name: identity_pool_name
value: '{{ identity_pool_name }}'
- name: allow_unauthenticated_identities
value: '{{ allow_unauthenticated_identities }}'
- name: saml_provider_arns
value:
- '{{ saml_provider_arns[0] }}'
- name: open_id_connect_provider_arns
value:
- '{{ open_id_connect_provider_arns[0] }}'
- name: allow_classic_flow
value: '{{ allow_classic_flow }}'
- name: identity_pool_tags
value:
- key: '{{ key }}'
value: '{{ value }}'
UPDATE example
Use the following StackQL query and manifest file to update a identity_pool resource, using stack-deploy.
/*+ update */
UPDATE awscc.cognito.identity_pools
SET PatchDocument = string('{{ {
"PushSync": push_sync,
"CognitoIdentityProviders": cognito_identity_providers,
"DeveloperProviderName": developer_provider_name,
"CognitoStreams": cognito_streams,
"SupportedLoginProviders": supported_login_providers,
"CognitoEvents": cognito_events,
"IdentityPoolName": identity_pool_name,
"AllowUnauthenticatedIdentities": allow_unauthenticated_identities,
"SamlProviderARNs": saml_provider_arns,
"OpenIdConnectProviderARNs": open_id_connect_provider_arns,
"AllowClassicFlow": allow_classic_flow,
"IdentityPoolTags": identity_pool_tags
} | generate_patch_document }}')
WHERE
region = '{{ region }}' AND
Identifier = '{{ id }}';
DELETE example
/*+ delete */
DELETE FROM awscc.cognito.identity_pools
WHERE
Identifier = '{{ id }}' AND
region = 'us-east-1';
Permissions
To operate on the identity_pools resource, the following permissions are required:
- Create
- Read
- Update
- Delete
- List
cognito-identity:CreateIdentityPool,
cognito-sync:SetIdentityPoolConfiguration,
cognito-sync:SetCognitoEvents,
cognito-identity:TagResource,
iam:PassRole
cognito-identity:DescribeIdentityPool
cognito-identity:UpdateIdentityPool,
cognito-identity:DescribeIdentityPool,
cognito-sync:SetIdentityPoolConfiguration,
cognito-sync:SetCognitoEvents,
cognito-identity:TagResource,
cognito-identity:UntagResource,
iam:PassRole
cognito-identity:DeleteIdentityPool
cognito-identity:ListIdentityPools