aws-cdk-lib 2.164.1__py3-none-any.whl → 2.166.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of aws-cdk-lib might be problematic. Click here for more details.
- aws_cdk/__init__.py +20 -0
- aws_cdk/_jsii/__init__.py +1 -1
- aws_cdk/_jsii/{aws-cdk-lib@2.164.1.jsii.tgz → aws-cdk-lib@2.166.0.jsii.tgz} +0 -0
- aws_cdk/aws_appsync/__init__.py +2163 -375
- aws_cdk/aws_autoscaling/__init__.py +145 -8
- aws_cdk/aws_backup/__init__.py +627 -3
- aws_cdk/aws_bedrock/__init__.py +982 -191
- aws_cdk/aws_codebuild/__init__.py +88 -33
- aws_cdk/aws_codepipeline/__init__.py +98 -5
- aws_cdk/aws_codestar/__init__.py +1 -1
- aws_cdk/aws_cognito/__init__.py +656 -102
- aws_cdk/aws_connect/__init__.py +1 -1
- aws_cdk/aws_datasync/__init__.py +9 -7
- aws_cdk/aws_devopsguru/__init__.py +2 -2
- aws_cdk/aws_dms/__init__.py +762 -0
- aws_cdk/aws_dynamodb/__init__.py +13 -8
- aws_cdk/aws_ec2/__init__.py +134 -35
- aws_cdk/aws_ecs/__init__.py +41 -31
- aws_cdk/aws_eks/__init__.py +10 -12
- aws_cdk/aws_elasticache/__init__.py +52 -6
- aws_cdk/aws_emrserverless/__init__.py +35 -33
- aws_cdk/aws_events/__init__.py +25 -30
- aws_cdk/aws_imagebuilder/__init__.py +183 -0
- aws_cdk/aws_iot/__init__.py +37 -43
- aws_cdk/aws_iotwireless/__init__.py +2 -2
- aws_cdk/aws_kinesis/__init__.py +297 -1
- aws_cdk/aws_lambda/__init__.py +3 -3
- aws_cdk/aws_m2/__init__.py +58 -58
- aws_cdk/aws_mediapackagev2/__init__.py +191 -0
- aws_cdk/aws_memorydb/__init__.py +41 -0
- aws_cdk/aws_networkfirewall/__init__.py +14 -5
- aws_cdk/aws_opensearchservice/__init__.py +969 -0
- aws_cdk/aws_pipes/__init__.py +1 -1
- aws_cdk/aws_qbusiness/__init__.py +23 -14
- aws_cdk/aws_rds/__init__.py +187 -48
- aws_cdk/aws_redshift/__init__.py +23 -23
- aws_cdk/aws_refactorspaces/__init__.py +56 -61
- aws_cdk/aws_resiliencehub/__init__.py +4 -4
- aws_cdk/aws_route53/__init__.py +37 -9
- aws_cdk/aws_s3_deployment/__init__.py +13 -7
- aws_cdk/aws_sagemaker/__init__.py +128 -23
- aws_cdk/aws_secretsmanager/__init__.py +2 -1
- aws_cdk/aws_ses/__init__.py +19 -0
- aws_cdk/aws_synthetics/__init__.py +121 -0
- aws_cdk/aws_timestream/__init__.py +41 -0
- aws_cdk/aws_wisdom/__init__.py +2035 -61
- {aws_cdk_lib-2.164.1.dist-info → aws_cdk_lib-2.166.0.dist-info}/METADATA +6 -6
- {aws_cdk_lib-2.164.1.dist-info → aws_cdk_lib-2.166.0.dist-info}/RECORD +52 -52
- {aws_cdk_lib-2.164.1.dist-info → aws_cdk_lib-2.166.0.dist-info}/LICENSE +0 -0
- {aws_cdk_lib-2.164.1.dist-info → aws_cdk_lib-2.166.0.dist-info}/NOTICE +0 -0
- {aws_cdk_lib-2.164.1.dist-info → aws_cdk_lib-2.166.0.dist-info}/WHEEL +0 -0
- {aws_cdk_lib-2.164.1.dist-info → aws_cdk_lib-2.166.0.dist-info}/top_level.txt +0 -0
aws_cdk/aws_cognito/__init__.py
CHANGED
|
@@ -1011,6 +1011,33 @@ cognito.UserPoolIdentityProviderGoogle(self, "google",
|
|
|
1011
1011
|
)
|
|
1012
1012
|
)
|
|
1013
1013
|
```
|
|
1014
|
+
|
|
1015
|
+
### User Pool Group
|
|
1016
|
+
|
|
1017
|
+
Support for groups in Amazon Cognito user pools enables you to create and manage groups and add users to groups.
|
|
1018
|
+
Use groups to create collections of users to manage their permissions or to represent different types of users.
|
|
1019
|
+
|
|
1020
|
+
You can assign an AWS Identity and Access Management (IAM) role to a group to define the permissions for members of a group.
|
|
1021
|
+
|
|
1022
|
+
For more information, see [Adding groups to a user pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-user-groups.html).
|
|
1023
|
+
|
|
1024
|
+
```python
|
|
1025
|
+
# user_pool: cognito.UserPool
|
|
1026
|
+
# role: iam.Role
|
|
1027
|
+
|
|
1028
|
+
|
|
1029
|
+
cognito.UserPoolGroup(self, "UserPoolGroup",
|
|
1030
|
+
user_pool=user_pool,
|
|
1031
|
+
group_name="my-group-name",
|
|
1032
|
+
precedence=1,
|
|
1033
|
+
role=role
|
|
1034
|
+
)
|
|
1035
|
+
|
|
1036
|
+
# You can also add a group by using addGroup method.
|
|
1037
|
+
user_pool.add_group("AnotherUserPoolGroup",
|
|
1038
|
+
group_name="another-group-name"
|
|
1039
|
+
)
|
|
1040
|
+
```
|
|
1014
1041
|
'''
|
|
1015
1042
|
from pkgutil import extend_path
|
|
1016
1043
|
__path__ = extend_path(__path__, __name__)
|
|
@@ -8854,14 +8881,14 @@ class CfnUserPoolIdentityProvider(
|
|
|
8854
8881
|
# provider_details: Any
|
|
8855
8882
|
|
|
8856
8883
|
cfn_user_pool_identity_provider = cognito.CfnUserPoolIdentityProvider(self, "MyCfnUserPoolIdentityProvider",
|
|
8884
|
+
provider_details=provider_details,
|
|
8857
8885
|
provider_name="providerName",
|
|
8858
8886
|
provider_type="providerType",
|
|
8859
8887
|
user_pool_id="userPoolId",
|
|
8860
8888
|
|
|
8861
8889
|
# the properties below are optional
|
|
8862
8890
|
attribute_mapping=attribute_mapping,
|
|
8863
|
-
idp_identifiers=["idpIdentifiers"]
|
|
8864
|
-
provider_details=provider_details
|
|
8891
|
+
idp_identifiers=["idpIdentifiers"]
|
|
8865
8892
|
)
|
|
8866
8893
|
'''
|
|
8867
8894
|
|
|
@@ -8870,34 +8897,34 @@ class CfnUserPoolIdentityProvider(
|
|
|
8870
8897
|
scope: _constructs_77d1e7e8.Construct,
|
|
8871
8898
|
id: builtins.str,
|
|
8872
8899
|
*,
|
|
8900
|
+
provider_details: typing.Any,
|
|
8873
8901
|
provider_name: builtins.str,
|
|
8874
8902
|
provider_type: builtins.str,
|
|
8875
8903
|
user_pool_id: builtins.str,
|
|
8876
8904
|
attribute_mapping: typing.Any = None,
|
|
8877
8905
|
idp_identifiers: typing.Optional[typing.Sequence[builtins.str]] = None,
|
|
8878
|
-
provider_details: typing.Any = None,
|
|
8879
8906
|
) -> None:
|
|
8880
8907
|
'''
|
|
8881
8908
|
:param scope: Scope in which this resource is defined.
|
|
8882
8909
|
:param id: Construct identifier for this resource (unique in its scope).
|
|
8910
|
+
:param provider_details: The scopes, URLs, and identifiers for your external identity provider. The following examples describe the provider detail keys for each IdP type. These values and their schema are subject to change. Social IdP ``authorize_scopes`` values must match the values listed here. - **OpenID Connect (OIDC)** - Amazon Cognito accepts the following elements when it can't discover endpoint URLs from ``oidc_issuer`` : ``attributes_url`` , ``authorize_url`` , ``jwks_uri`` , ``token_url`` . Create or update request: ``"ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }`` Describe response: ``"ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }`` - **SAML** - Create or update request with Metadata URL: ``"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }`` Create or update request with Metadata file: ``"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }`` The value of ``MetadataFile`` must be the plaintext metadata document with all quote (") characters escaped by backslashes. Describe response: ``"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }`` - **LoginWithAmazon** - Create or update request: ``"ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"`` Describe response: ``"ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }`` - **Google** - Create or update request: ``"ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }`` Describe response: ``"ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }`` - **SignInWithApple** - Create or update request: ``"ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }`` Describe response: ``"ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }`` - **Facebook** - Create or update request: ``"ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }`` Describe response: ``"ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }``
|
|
8883
8911
|
:param provider_name: The IdP name.
|
|
8884
8912
|
:param provider_type: The IdP type.
|
|
8885
8913
|
:param user_pool_id: The user pool ID.
|
|
8886
8914
|
:param attribute_mapping: A mapping of IdP attributes to standard and custom user pool attributes.
|
|
8887
8915
|
:param idp_identifiers: A list of IdP identifiers.
|
|
8888
|
-
:param provider_details: The scopes, URLs, and identifiers for your external identity provider. The following examples describe the provider detail keys for each IdP type. These values and their schema are subject to change. Social IdP ``authorize_scopes`` values must match the values listed here. - **OpenID Connect (OIDC)** - Amazon Cognito accepts the following elements when it can't discover endpoint URLs from ``oidc_issuer`` : ``attributes_url`` , ``authorize_url`` , ``jwks_uri`` , ``token_url`` . Create or update request: ``"ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }`` Describe response: ``"ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }`` - **SAML** - Create or update request with Metadata URL: ``"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }`` Create or update request with Metadata file: ``"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }`` The value of ``MetadataFile`` must be the plaintext metadata document with all quote (") characters escaped by backslashes. Describe response: ``"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }`` - **LoginWithAmazon** - Create or update request: ``"ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"`` Describe response: ``"ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }`` - **Google** - Create or update request: ``"ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }`` Describe response: ``"ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }`` - **SignInWithApple** - Create or update request: ``"ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }`` Describe response: ``"ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }`` - **Facebook** - Create or update request: ``"ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }`` Describe response: ``"ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }``
|
|
8889
8916
|
'''
|
|
8890
8917
|
if __debug__:
|
|
8891
8918
|
type_hints = typing.get_type_hints(_typecheckingstub__759e90505ceb64aa7002be11d4da4a87090102263927799f662a83f606483634)
|
|
8892
8919
|
check_type(argname="argument scope", value=scope, expected_type=type_hints["scope"])
|
|
8893
8920
|
check_type(argname="argument id", value=id, expected_type=type_hints["id"])
|
|
8894
8921
|
props = CfnUserPoolIdentityProviderProps(
|
|
8922
|
+
provider_details=provider_details,
|
|
8895
8923
|
provider_name=provider_name,
|
|
8896
8924
|
provider_type=provider_type,
|
|
8897
8925
|
user_pool_id=user_pool_id,
|
|
8898
8926
|
attribute_mapping=attribute_mapping,
|
|
8899
8927
|
idp_identifiers=idp_identifiers,
|
|
8900
|
-
provider_details=provider_details,
|
|
8901
8928
|
)
|
|
8902
8929
|
|
|
8903
8930
|
jsii.create(self.__class__, self, [scope, id, props])
|
|
@@ -8932,20 +8959,24 @@ class CfnUserPoolIdentityProvider(
|
|
|
8932
8959
|
'''The CloudFormation resource type name for this resource class.'''
|
|
8933
8960
|
return typing.cast(builtins.str, jsii.sget(cls, "CFN_RESOURCE_TYPE_NAME"))
|
|
8934
8961
|
|
|
8935
|
-
@builtins.property
|
|
8936
|
-
@jsii.member(jsii_name="attrId")
|
|
8937
|
-
def attr_id(self) -> builtins.str:
|
|
8938
|
-
'''The resource ID.
|
|
8939
|
-
|
|
8940
|
-
:cloudformationAttribute: Id
|
|
8941
|
-
'''
|
|
8942
|
-
return typing.cast(builtins.str, jsii.get(self, "attrId"))
|
|
8943
|
-
|
|
8944
8962
|
@builtins.property
|
|
8945
8963
|
@jsii.member(jsii_name="cfnProperties")
|
|
8946
8964
|
def _cfn_properties(self) -> typing.Mapping[builtins.str, typing.Any]:
|
|
8947
8965
|
return typing.cast(typing.Mapping[builtins.str, typing.Any], jsii.get(self, "cfnProperties"))
|
|
8948
8966
|
|
|
8967
|
+
@builtins.property
|
|
8968
|
+
@jsii.member(jsii_name="providerDetails")
|
|
8969
|
+
def provider_details(self) -> typing.Any:
|
|
8970
|
+
'''The scopes, URLs, and identifiers for your external identity provider.'''
|
|
8971
|
+
return typing.cast(typing.Any, jsii.get(self, "providerDetails"))
|
|
8972
|
+
|
|
8973
|
+
@provider_details.setter
|
|
8974
|
+
def provider_details(self, value: typing.Any) -> None:
|
|
8975
|
+
if __debug__:
|
|
8976
|
+
type_hints = typing.get_type_hints(_typecheckingstub__dd9b80463fd736be9b8b32bf8d2368b0c44578e3b056d45e068ca1e5fdfdb299)
|
|
8977
|
+
check_type(argname="argument value", value=value, expected_type=type_hints["value"])
|
|
8978
|
+
jsii.set(self, "providerDetails", value) # pyright: ignore[reportArgumentType]
|
|
8979
|
+
|
|
8949
8980
|
@builtins.property
|
|
8950
8981
|
@jsii.member(jsii_name="providerName")
|
|
8951
8982
|
def provider_name(self) -> builtins.str:
|
|
@@ -9014,51 +9045,38 @@ class CfnUserPoolIdentityProvider(
|
|
|
9014
9045
|
check_type(argname="argument value", value=value, expected_type=type_hints["value"])
|
|
9015
9046
|
jsii.set(self, "idpIdentifiers", value) # pyright: ignore[reportArgumentType]
|
|
9016
9047
|
|
|
9017
|
-
@builtins.property
|
|
9018
|
-
@jsii.member(jsii_name="providerDetails")
|
|
9019
|
-
def provider_details(self) -> typing.Any:
|
|
9020
|
-
'''The scopes, URLs, and identifiers for your external identity provider.'''
|
|
9021
|
-
return typing.cast(typing.Any, jsii.get(self, "providerDetails"))
|
|
9022
|
-
|
|
9023
|
-
@provider_details.setter
|
|
9024
|
-
def provider_details(self, value: typing.Any) -> None:
|
|
9025
|
-
if __debug__:
|
|
9026
|
-
type_hints = typing.get_type_hints(_typecheckingstub__dd9b80463fd736be9b8b32bf8d2368b0c44578e3b056d45e068ca1e5fdfdb299)
|
|
9027
|
-
check_type(argname="argument value", value=value, expected_type=type_hints["value"])
|
|
9028
|
-
jsii.set(self, "providerDetails", value) # pyright: ignore[reportArgumentType]
|
|
9029
|
-
|
|
9030
9048
|
|
|
9031
9049
|
@jsii.data_type(
|
|
9032
9050
|
jsii_type="aws-cdk-lib.aws_cognito.CfnUserPoolIdentityProviderProps",
|
|
9033
9051
|
jsii_struct_bases=[],
|
|
9034
9052
|
name_mapping={
|
|
9053
|
+
"provider_details": "providerDetails",
|
|
9035
9054
|
"provider_name": "providerName",
|
|
9036
9055
|
"provider_type": "providerType",
|
|
9037
9056
|
"user_pool_id": "userPoolId",
|
|
9038
9057
|
"attribute_mapping": "attributeMapping",
|
|
9039
9058
|
"idp_identifiers": "idpIdentifiers",
|
|
9040
|
-
"provider_details": "providerDetails",
|
|
9041
9059
|
},
|
|
9042
9060
|
)
|
|
9043
9061
|
class CfnUserPoolIdentityProviderProps:
|
|
9044
9062
|
def __init__(
|
|
9045
9063
|
self,
|
|
9046
9064
|
*,
|
|
9065
|
+
provider_details: typing.Any,
|
|
9047
9066
|
provider_name: builtins.str,
|
|
9048
9067
|
provider_type: builtins.str,
|
|
9049
9068
|
user_pool_id: builtins.str,
|
|
9050
9069
|
attribute_mapping: typing.Any = None,
|
|
9051
9070
|
idp_identifiers: typing.Optional[typing.Sequence[builtins.str]] = None,
|
|
9052
|
-
provider_details: typing.Any = None,
|
|
9053
9071
|
) -> None:
|
|
9054
9072
|
'''Properties for defining a ``CfnUserPoolIdentityProvider``.
|
|
9055
9073
|
|
|
9074
|
+
:param provider_details: The scopes, URLs, and identifiers for your external identity provider. The following examples describe the provider detail keys for each IdP type. These values and their schema are subject to change. Social IdP ``authorize_scopes`` values must match the values listed here. - **OpenID Connect (OIDC)** - Amazon Cognito accepts the following elements when it can't discover endpoint URLs from ``oidc_issuer`` : ``attributes_url`` , ``authorize_url`` , ``jwks_uri`` , ``token_url`` . Create or update request: ``"ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }`` Describe response: ``"ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }`` - **SAML** - Create or update request with Metadata URL: ``"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }`` Create or update request with Metadata file: ``"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }`` The value of ``MetadataFile`` must be the plaintext metadata document with all quote (") characters escaped by backslashes. Describe response: ``"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }`` - **LoginWithAmazon** - Create or update request: ``"ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"`` Describe response: ``"ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }`` - **Google** - Create or update request: ``"ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }`` Describe response: ``"ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }`` - **SignInWithApple** - Create or update request: ``"ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }`` Describe response: ``"ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }`` - **Facebook** - Create or update request: ``"ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }`` Describe response: ``"ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }``
|
|
9056
9075
|
:param provider_name: The IdP name.
|
|
9057
9076
|
:param provider_type: The IdP type.
|
|
9058
9077
|
:param user_pool_id: The user pool ID.
|
|
9059
9078
|
:param attribute_mapping: A mapping of IdP attributes to standard and custom user pool attributes.
|
|
9060
9079
|
:param idp_identifiers: A list of IdP identifiers.
|
|
9061
|
-
:param provider_details: The scopes, URLs, and identifiers for your external identity provider. The following examples describe the provider detail keys for each IdP type. These values and their schema are subject to change. Social IdP ``authorize_scopes`` values must match the values listed here. - **OpenID Connect (OIDC)** - Amazon Cognito accepts the following elements when it can't discover endpoint URLs from ``oidc_issuer`` : ``attributes_url`` , ``authorize_url`` , ``jwks_uri`` , ``token_url`` . Create or update request: ``"ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }`` Describe response: ``"ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }`` - **SAML** - Create or update request with Metadata URL: ``"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }`` Create or update request with Metadata file: ``"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }`` The value of ``MetadataFile`` must be the plaintext metadata document with all quote (") characters escaped by backslashes. Describe response: ``"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }`` - **LoginWithAmazon** - Create or update request: ``"ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"`` Describe response: ``"ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }`` - **Google** - Create or update request: ``"ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }`` Describe response: ``"ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }`` - **SignInWithApple** - Create or update request: ``"ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }`` Describe response: ``"ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }`` - **Facebook** - Create or update request: ``"ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }`` Describe response: ``"ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }``
|
|
9062
9080
|
|
|
9063
9081
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolidentityprovider.html
|
|
9064
9082
|
:exampleMetadata: fixture=_generated
|
|
@@ -9073,25 +9091,26 @@ class CfnUserPoolIdentityProviderProps:
|
|
|
9073
9091
|
# provider_details: Any
|
|
9074
9092
|
|
|
9075
9093
|
cfn_user_pool_identity_provider_props = cognito.CfnUserPoolIdentityProviderProps(
|
|
9094
|
+
provider_details=provider_details,
|
|
9076
9095
|
provider_name="providerName",
|
|
9077
9096
|
provider_type="providerType",
|
|
9078
9097
|
user_pool_id="userPoolId",
|
|
9079
9098
|
|
|
9080
9099
|
# the properties below are optional
|
|
9081
9100
|
attribute_mapping=attribute_mapping,
|
|
9082
|
-
idp_identifiers=["idpIdentifiers"]
|
|
9083
|
-
provider_details=provider_details
|
|
9101
|
+
idp_identifiers=["idpIdentifiers"]
|
|
9084
9102
|
)
|
|
9085
9103
|
'''
|
|
9086
9104
|
if __debug__:
|
|
9087
9105
|
type_hints = typing.get_type_hints(_typecheckingstub__41106943fcdd509be0174e1e1c8a8c320bd77587c77e22cfc1c1b7378dfb42ec)
|
|
9106
|
+
check_type(argname="argument provider_details", value=provider_details, expected_type=type_hints["provider_details"])
|
|
9088
9107
|
check_type(argname="argument provider_name", value=provider_name, expected_type=type_hints["provider_name"])
|
|
9089
9108
|
check_type(argname="argument provider_type", value=provider_type, expected_type=type_hints["provider_type"])
|
|
9090
9109
|
check_type(argname="argument user_pool_id", value=user_pool_id, expected_type=type_hints["user_pool_id"])
|
|
9091
9110
|
check_type(argname="argument attribute_mapping", value=attribute_mapping, expected_type=type_hints["attribute_mapping"])
|
|
9092
9111
|
check_type(argname="argument idp_identifiers", value=idp_identifiers, expected_type=type_hints["idp_identifiers"])
|
|
9093
|
-
check_type(argname="argument provider_details", value=provider_details, expected_type=type_hints["provider_details"])
|
|
9094
9112
|
self._values: typing.Dict[builtins.str, typing.Any] = {
|
|
9113
|
+
"provider_details": provider_details,
|
|
9095
9114
|
"provider_name": provider_name,
|
|
9096
9115
|
"provider_type": provider_type,
|
|
9097
9116
|
"user_pool_id": user_pool_id,
|
|
@@ -9100,8 +9119,51 @@ class CfnUserPoolIdentityProviderProps:
|
|
|
9100
9119
|
self._values["attribute_mapping"] = attribute_mapping
|
|
9101
9120
|
if idp_identifiers is not None:
|
|
9102
9121
|
self._values["idp_identifiers"] = idp_identifiers
|
|
9103
|
-
|
|
9104
|
-
|
|
9122
|
+
|
|
9123
|
+
@builtins.property
|
|
9124
|
+
def provider_details(self) -> typing.Any:
|
|
9125
|
+
'''The scopes, URLs, and identifiers for your external identity provider.
|
|
9126
|
+
|
|
9127
|
+
The following
|
|
9128
|
+
examples describe the provider detail keys for each IdP type. These values and their
|
|
9129
|
+
schema are subject to change. Social IdP ``authorize_scopes`` values must match
|
|
9130
|
+
the values listed here.
|
|
9131
|
+
|
|
9132
|
+
- **OpenID Connect (OIDC)** - Amazon Cognito accepts the following elements when it can't discover endpoint URLs from ``oidc_issuer`` : ``attributes_url`` , ``authorize_url`` , ``jwks_uri`` , ``token_url`` .
|
|
9133
|
+
|
|
9134
|
+
Create or update request: ``"ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }``
|
|
9135
|
+
|
|
9136
|
+
Describe response: ``"ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }``
|
|
9137
|
+
|
|
9138
|
+
- **SAML** - Create or update request with Metadata URL: ``"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }``
|
|
9139
|
+
|
|
9140
|
+
Create or update request with Metadata file: ``"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }``
|
|
9141
|
+
|
|
9142
|
+
The value of ``MetadataFile`` must be the plaintext metadata document with all quote (") characters escaped by backslashes.
|
|
9143
|
+
|
|
9144
|
+
Describe response: ``"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }``
|
|
9145
|
+
|
|
9146
|
+
- **LoginWithAmazon** - Create or update request: ``"ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"``
|
|
9147
|
+
|
|
9148
|
+
Describe response: ``"ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }``
|
|
9149
|
+
|
|
9150
|
+
- **Google** - Create or update request: ``"ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }``
|
|
9151
|
+
|
|
9152
|
+
Describe response: ``"ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }``
|
|
9153
|
+
|
|
9154
|
+
- **SignInWithApple** - Create or update request: ``"ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }``
|
|
9155
|
+
|
|
9156
|
+
Describe response: ``"ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }``
|
|
9157
|
+
|
|
9158
|
+
- **Facebook** - Create or update request: ``"ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }``
|
|
9159
|
+
|
|
9160
|
+
Describe response: ``"ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }``
|
|
9161
|
+
|
|
9162
|
+
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolidentityprovider.html#cfn-cognito-userpoolidentityprovider-providerdetails
|
|
9163
|
+
'''
|
|
9164
|
+
result = self._values.get("provider_details")
|
|
9165
|
+
assert result is not None, "Required property 'provider_details' is missing"
|
|
9166
|
+
return typing.cast(typing.Any, result)
|
|
9105
9167
|
|
|
9106
9168
|
@builtins.property
|
|
9107
9169
|
def provider_name(self) -> builtins.str:
|
|
@@ -9151,50 +9213,6 @@ class CfnUserPoolIdentityProviderProps:
|
|
|
9151
9213
|
result = self._values.get("idp_identifiers")
|
|
9152
9214
|
return typing.cast(typing.Optional[typing.List[builtins.str]], result)
|
|
9153
9215
|
|
|
9154
|
-
@builtins.property
|
|
9155
|
-
def provider_details(self) -> typing.Any:
|
|
9156
|
-
'''The scopes, URLs, and identifiers for your external identity provider.
|
|
9157
|
-
|
|
9158
|
-
The following
|
|
9159
|
-
examples describe the provider detail keys for each IdP type. These values and their
|
|
9160
|
-
schema are subject to change. Social IdP ``authorize_scopes`` values must match
|
|
9161
|
-
the values listed here.
|
|
9162
|
-
|
|
9163
|
-
- **OpenID Connect (OIDC)** - Amazon Cognito accepts the following elements when it can't discover endpoint URLs from ``oidc_issuer`` : ``attributes_url`` , ``authorize_url`` , ``jwks_uri`` , ``token_url`` .
|
|
9164
|
-
|
|
9165
|
-
Create or update request: ``"ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }``
|
|
9166
|
-
|
|
9167
|
-
Describe response: ``"ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }``
|
|
9168
|
-
|
|
9169
|
-
- **SAML** - Create or update request with Metadata URL: ``"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }``
|
|
9170
|
-
|
|
9171
|
-
Create or update request with Metadata file: ``"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }``
|
|
9172
|
-
|
|
9173
|
-
The value of ``MetadataFile`` must be the plaintext metadata document with all quote (") characters escaped by backslashes.
|
|
9174
|
-
|
|
9175
|
-
Describe response: ``"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }``
|
|
9176
|
-
|
|
9177
|
-
- **LoginWithAmazon** - Create or update request: ``"ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"``
|
|
9178
|
-
|
|
9179
|
-
Describe response: ``"ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }``
|
|
9180
|
-
|
|
9181
|
-
- **Google** - Create or update request: ``"ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }``
|
|
9182
|
-
|
|
9183
|
-
Describe response: ``"ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }``
|
|
9184
|
-
|
|
9185
|
-
- **SignInWithApple** - Create or update request: ``"ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }``
|
|
9186
|
-
|
|
9187
|
-
Describe response: ``"ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }``
|
|
9188
|
-
|
|
9189
|
-
- **Facebook** - Create or update request: ``"ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }``
|
|
9190
|
-
|
|
9191
|
-
Describe response: ``"ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }``
|
|
9192
|
-
|
|
9193
|
-
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolidentityprovider.html#cfn-cognito-userpoolidentityprovider-providerdetails
|
|
9194
|
-
'''
|
|
9195
|
-
result = self._values.get("provider_details")
|
|
9196
|
-
return typing.cast(typing.Any, result)
|
|
9197
|
-
|
|
9198
9216
|
def __eq__(self, rhs: typing.Any) -> builtins.bool:
|
|
9199
9217
|
return isinstance(rhs, self.__class__) and rhs._values == self._values
|
|
9200
9218
|
|
|
@@ -13131,6 +13149,28 @@ class IUserPool(_IResource_c80c4260, typing_extensions.Protocol):
|
|
|
13131
13149
|
'''
|
|
13132
13150
|
...
|
|
13133
13151
|
|
|
13152
|
+
@jsii.member(jsii_name="addGroup")
|
|
13153
|
+
def add_group(
|
|
13154
|
+
self,
|
|
13155
|
+
id: builtins.str,
|
|
13156
|
+
*,
|
|
13157
|
+
description: typing.Optional[builtins.str] = None,
|
|
13158
|
+
group_name: typing.Optional[builtins.str] = None,
|
|
13159
|
+
precedence: typing.Optional[jsii.Number] = None,
|
|
13160
|
+
role: typing.Optional[_IRole_235f5d8e] = None,
|
|
13161
|
+
) -> "UserPoolGroup":
|
|
13162
|
+
'''Add a new group to this user pool.
|
|
13163
|
+
|
|
13164
|
+
:param id: -
|
|
13165
|
+
:param description: A string containing the description of the group. Default: - no description
|
|
13166
|
+
:param group_name: The name of the group. Must be unique. Default: - auto generate a name
|
|
13167
|
+
:param precedence: A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower Precedence values take precedence over groups with higher or null Precedence values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the cognito:roles and cognito:preferred_role claims. Two groups can have the same Precedence value. If this happens, neither group takes precedence over the other. If two groups with the same Precedence have the same role ARN, that role is used in the cognito:preferred_role claim in tokens for users in each group. If the two groups have different role ARNs, the cognito:preferred_role claim isn't set in users' tokens. Default: - null
|
|
13168
|
+
:param role: The role for the group. Default: - no description
|
|
13169
|
+
|
|
13170
|
+
:see: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-user-groups.html
|
|
13171
|
+
'''
|
|
13172
|
+
...
|
|
13173
|
+
|
|
13134
13174
|
@jsii.member(jsii_name="addResourceServer")
|
|
13135
13175
|
def add_resource_server(
|
|
13136
13176
|
self,
|
|
@@ -13303,6 +13343,38 @@ class _IUserPoolProxy(
|
|
|
13303
13343
|
|
|
13304
13344
|
return typing.cast("UserPoolDomain", jsii.invoke(self, "addDomain", [id, options]))
|
|
13305
13345
|
|
|
13346
|
+
@jsii.member(jsii_name="addGroup")
|
|
13347
|
+
def add_group(
|
|
13348
|
+
self,
|
|
13349
|
+
id: builtins.str,
|
|
13350
|
+
*,
|
|
13351
|
+
description: typing.Optional[builtins.str] = None,
|
|
13352
|
+
group_name: typing.Optional[builtins.str] = None,
|
|
13353
|
+
precedence: typing.Optional[jsii.Number] = None,
|
|
13354
|
+
role: typing.Optional[_IRole_235f5d8e] = None,
|
|
13355
|
+
) -> "UserPoolGroup":
|
|
13356
|
+
'''Add a new group to this user pool.
|
|
13357
|
+
|
|
13358
|
+
:param id: -
|
|
13359
|
+
:param description: A string containing the description of the group. Default: - no description
|
|
13360
|
+
:param group_name: The name of the group. Must be unique. Default: - auto generate a name
|
|
13361
|
+
:param precedence: A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower Precedence values take precedence over groups with higher or null Precedence values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the cognito:roles and cognito:preferred_role claims. Two groups can have the same Precedence value. If this happens, neither group takes precedence over the other. If two groups with the same Precedence have the same role ARN, that role is used in the cognito:preferred_role claim in tokens for users in each group. If the two groups have different role ARNs, the cognito:preferred_role claim isn't set in users' tokens. Default: - null
|
|
13362
|
+
:param role: The role for the group. Default: - no description
|
|
13363
|
+
|
|
13364
|
+
:see: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-user-groups.html
|
|
13365
|
+
'''
|
|
13366
|
+
if __debug__:
|
|
13367
|
+
type_hints = typing.get_type_hints(_typecheckingstub__e70d406698753c50dbab4e4d1f9837fc55e7c713f52b3937d20745b5ab2a221e)
|
|
13368
|
+
check_type(argname="argument id", value=id, expected_type=type_hints["id"])
|
|
13369
|
+
options = UserPoolGroupOptions(
|
|
13370
|
+
description=description,
|
|
13371
|
+
group_name=group_name,
|
|
13372
|
+
precedence=precedence,
|
|
13373
|
+
role=role,
|
|
13374
|
+
)
|
|
13375
|
+
|
|
13376
|
+
return typing.cast("UserPoolGroup", jsii.invoke(self, "addGroup", [id, options]))
|
|
13377
|
+
|
|
13306
13378
|
@jsii.member(jsii_name="addResourceServer")
|
|
13307
13379
|
def add_resource_server(
|
|
13308
13380
|
self,
|
|
@@ -13460,6 +13532,40 @@ class _IUserPoolDomainProxy(
|
|
|
13460
13532
|
typing.cast(typing.Any, IUserPoolDomain).__jsii_proxy_class__ = lambda : _IUserPoolDomainProxy
|
|
13461
13533
|
|
|
13462
13534
|
|
|
13535
|
+
@jsii.interface(jsii_type="aws-cdk-lib.aws_cognito.IUserPoolGroup")
|
|
13536
|
+
class IUserPoolGroup(_IResource_c80c4260, typing_extensions.Protocol):
|
|
13537
|
+
'''Represents a user pool group.'''
|
|
13538
|
+
|
|
13539
|
+
@builtins.property
|
|
13540
|
+
@jsii.member(jsii_name="groupName")
|
|
13541
|
+
def group_name(self) -> builtins.str:
|
|
13542
|
+
'''The user group name.
|
|
13543
|
+
|
|
13544
|
+
:attribute: true
|
|
13545
|
+
'''
|
|
13546
|
+
...
|
|
13547
|
+
|
|
13548
|
+
|
|
13549
|
+
class _IUserPoolGroupProxy(
|
|
13550
|
+
jsii.proxy_for(_IResource_c80c4260), # type: ignore[misc]
|
|
13551
|
+
):
|
|
13552
|
+
'''Represents a user pool group.'''
|
|
13553
|
+
|
|
13554
|
+
__jsii_type__: typing.ClassVar[str] = "aws-cdk-lib.aws_cognito.IUserPoolGroup"
|
|
13555
|
+
|
|
13556
|
+
@builtins.property
|
|
13557
|
+
@jsii.member(jsii_name="groupName")
|
|
13558
|
+
def group_name(self) -> builtins.str:
|
|
13559
|
+
'''The user group name.
|
|
13560
|
+
|
|
13561
|
+
:attribute: true
|
|
13562
|
+
'''
|
|
13563
|
+
return typing.cast(builtins.str, jsii.get(self, "groupName"))
|
|
13564
|
+
|
|
13565
|
+
# Adding a "__jsii_proxy_class__(): typing.Type" function to the interface
|
|
13566
|
+
typing.cast(typing.Any, IUserPoolGroup).__jsii_proxy_class__ = lambda : _IUserPoolGroupProxy
|
|
13567
|
+
|
|
13568
|
+
|
|
13463
13569
|
@jsii.interface(jsii_type="aws-cdk-lib.aws_cognito.IUserPoolIdentityProvider")
|
|
13464
13570
|
class IUserPoolIdentityProvider(_IResource_c80c4260, typing_extensions.Protocol):
|
|
13465
13571
|
'''Represents a UserPoolIdentityProvider.'''
|
|
@@ -16497,6 +16603,36 @@ class UserPool(
|
|
|
16497
16603
|
|
|
16498
16604
|
return typing.cast("UserPoolDomain", jsii.invoke(self, "addDomain", [id, options]))
|
|
16499
16605
|
|
|
16606
|
+
@jsii.member(jsii_name="addGroup")
|
|
16607
|
+
def add_group(
|
|
16608
|
+
self,
|
|
16609
|
+
id: builtins.str,
|
|
16610
|
+
*,
|
|
16611
|
+
description: typing.Optional[builtins.str] = None,
|
|
16612
|
+
group_name: typing.Optional[builtins.str] = None,
|
|
16613
|
+
precedence: typing.Optional[jsii.Number] = None,
|
|
16614
|
+
role: typing.Optional[_IRole_235f5d8e] = None,
|
|
16615
|
+
) -> "UserPoolGroup":
|
|
16616
|
+
'''Add a new group to this user pool.
|
|
16617
|
+
|
|
16618
|
+
:param id: -
|
|
16619
|
+
:param description: A string containing the description of the group. Default: - no description
|
|
16620
|
+
:param group_name: The name of the group. Must be unique. Default: - auto generate a name
|
|
16621
|
+
:param precedence: A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower Precedence values take precedence over groups with higher or null Precedence values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the cognito:roles and cognito:preferred_role claims. Two groups can have the same Precedence value. If this happens, neither group takes precedence over the other. If two groups with the same Precedence have the same role ARN, that role is used in the cognito:preferred_role claim in tokens for users in each group. If the two groups have different role ARNs, the cognito:preferred_role claim isn't set in users' tokens. Default: - null
|
|
16622
|
+
:param role: The role for the group. Default: - no description
|
|
16623
|
+
'''
|
|
16624
|
+
if __debug__:
|
|
16625
|
+
type_hints = typing.get_type_hints(_typecheckingstub__182df28f489c4d9ab970aca99503d45cd2196b431c6ce7b04bb1e343694049fa)
|
|
16626
|
+
check_type(argname="argument id", value=id, expected_type=type_hints["id"])
|
|
16627
|
+
options = UserPoolGroupOptions(
|
|
16628
|
+
description=description,
|
|
16629
|
+
group_name=group_name,
|
|
16630
|
+
precedence=precedence,
|
|
16631
|
+
role=role,
|
|
16632
|
+
)
|
|
16633
|
+
|
|
16634
|
+
return typing.cast("UserPoolGroup", jsii.invoke(self, "addGroup", [id, options]))
|
|
16635
|
+
|
|
16500
16636
|
@jsii.member(jsii_name="addResourceServer")
|
|
16501
16637
|
def add_resource_server(
|
|
16502
16638
|
self,
|
|
@@ -18041,32 +18177,382 @@ class UserPoolEmailConfig:
|
|
|
18041
18177
|
)
|
|
18042
18178
|
|
|
18043
18179
|
|
|
18044
|
-
|
|
18180
|
+
@jsii.implements(IUserPoolGroup)
|
|
18181
|
+
class UserPoolGroup(
|
|
18182
|
+
_Resource_45bc6135,
|
|
18045
18183
|
metaclass=jsii.JSIIMeta,
|
|
18046
|
-
jsii_type="aws-cdk-lib.aws_cognito.
|
|
18184
|
+
jsii_type="aws-cdk-lib.aws_cognito.UserPoolGroup",
|
|
18047
18185
|
):
|
|
18048
|
-
'''
|
|
18186
|
+
'''Define a user pool group.
|
|
18049
18187
|
|
|
18050
|
-
|
|
18051
|
-
|
|
18052
|
-
|
|
18053
|
-
|
|
18188
|
+
:exampleMetadata: infused
|
|
18189
|
+
|
|
18190
|
+
Example::
|
|
18191
|
+
|
|
18192
|
+
# user_pool: cognito.UserPool
|
|
18193
|
+
# role: iam.Role
|
|
18194
|
+
|
|
18195
|
+
|
|
18196
|
+
cognito.UserPoolGroup(self, "UserPoolGroup",
|
|
18197
|
+
user_pool=user_pool,
|
|
18198
|
+
group_name="my-group-name",
|
|
18199
|
+
precedence=1,
|
|
18200
|
+
role=role
|
|
18201
|
+
)
|
|
18202
|
+
|
|
18203
|
+
# You can also add a group by using addGroup method.
|
|
18204
|
+
user_pool.add_group("AnotherUserPoolGroup",
|
|
18205
|
+
group_name="another-group-name"
|
|
18206
|
+
)
|
|
18207
|
+
'''
|
|
18208
|
+
|
|
18209
|
+
def __init__(
|
|
18210
|
+
self,
|
|
18054
18211
|
scope: _constructs_77d1e7e8.Construct,
|
|
18055
18212
|
id: builtins.str,
|
|
18056
|
-
|
|
18057
|
-
|
|
18058
|
-
|
|
18059
|
-
|
|
18213
|
+
*,
|
|
18214
|
+
user_pool: IUserPool,
|
|
18215
|
+
description: typing.Optional[builtins.str] = None,
|
|
18216
|
+
group_name: typing.Optional[builtins.str] = None,
|
|
18217
|
+
precedence: typing.Optional[jsii.Number] = None,
|
|
18218
|
+
role: typing.Optional[_IRole_235f5d8e] = None,
|
|
18219
|
+
) -> None:
|
|
18220
|
+
'''
|
|
18060
18221
|
:param scope: -
|
|
18061
18222
|
:param id: -
|
|
18062
|
-
:param
|
|
18223
|
+
:param user_pool: The user pool to which this group is associated.
|
|
18224
|
+
:param description: A string containing the description of the group. Default: - no description
|
|
18225
|
+
:param group_name: The name of the group. Must be unique. Default: - auto generate a name
|
|
18226
|
+
:param precedence: A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower Precedence values take precedence over groups with higher or null Precedence values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the cognito:roles and cognito:preferred_role claims. Two groups can have the same Precedence value. If this happens, neither group takes precedence over the other. If two groups with the same Precedence have the same role ARN, that role is used in the cognito:preferred_role claim in tokens for users in each group. If the two groups have different role ARNs, the cognito:preferred_role claim isn't set in users' tokens. Default: - null
|
|
18227
|
+
:param role: The role for the group. Default: - no description
|
|
18063
18228
|
'''
|
|
18064
18229
|
if __debug__:
|
|
18065
|
-
type_hints = typing.get_type_hints(
|
|
18230
|
+
type_hints = typing.get_type_hints(_typecheckingstub__775ac13db76309a928c26a49c092fd74e83d97ad55358f5e3e7abc39c87da53a)
|
|
18066
18231
|
check_type(argname="argument scope", value=scope, expected_type=type_hints["scope"])
|
|
18067
18232
|
check_type(argname="argument id", value=id, expected_type=type_hints["id"])
|
|
18068
|
-
|
|
18069
|
-
|
|
18233
|
+
props = UserPoolGroupProps(
|
|
18234
|
+
user_pool=user_pool,
|
|
18235
|
+
description=description,
|
|
18236
|
+
group_name=group_name,
|
|
18237
|
+
precedence=precedence,
|
|
18238
|
+
role=role,
|
|
18239
|
+
)
|
|
18240
|
+
|
|
18241
|
+
jsii.create(self.__class__, self, [scope, id, props])
|
|
18242
|
+
|
|
18243
|
+
@jsii.member(jsii_name="fromGroupName")
|
|
18244
|
+
@builtins.classmethod
|
|
18245
|
+
def from_group_name(
|
|
18246
|
+
cls,
|
|
18247
|
+
scope: _constructs_77d1e7e8.Construct,
|
|
18248
|
+
id: builtins.str,
|
|
18249
|
+
group_name: builtins.str,
|
|
18250
|
+
) -> IUserPoolGroup:
|
|
18251
|
+
'''Import a UserPoolGroup given its group name.
|
|
18252
|
+
|
|
18253
|
+
:param scope: -
|
|
18254
|
+
:param id: -
|
|
18255
|
+
:param group_name: -
|
|
18256
|
+
'''
|
|
18257
|
+
if __debug__:
|
|
18258
|
+
type_hints = typing.get_type_hints(_typecheckingstub__9d44902ed5a2acfdafc23199f3078ecfdbefe799f2ec29a5b0d850ee7b6d36ec)
|
|
18259
|
+
check_type(argname="argument scope", value=scope, expected_type=type_hints["scope"])
|
|
18260
|
+
check_type(argname="argument id", value=id, expected_type=type_hints["id"])
|
|
18261
|
+
check_type(argname="argument group_name", value=group_name, expected_type=type_hints["group_name"])
|
|
18262
|
+
return typing.cast(IUserPoolGroup, jsii.sinvoke(cls, "fromGroupName", [scope, id, group_name]))
|
|
18263
|
+
|
|
18264
|
+
@builtins.property
|
|
18265
|
+
@jsii.member(jsii_name="groupName")
|
|
18266
|
+
def group_name(self) -> builtins.str:
|
|
18267
|
+
'''The user group name.'''
|
|
18268
|
+
return typing.cast(builtins.str, jsii.get(self, "groupName"))
|
|
18269
|
+
|
|
18270
|
+
|
|
18271
|
+
@jsii.data_type(
|
|
18272
|
+
jsii_type="aws-cdk-lib.aws_cognito.UserPoolGroupOptions",
|
|
18273
|
+
jsii_struct_bases=[],
|
|
18274
|
+
name_mapping={
|
|
18275
|
+
"description": "description",
|
|
18276
|
+
"group_name": "groupName",
|
|
18277
|
+
"precedence": "precedence",
|
|
18278
|
+
"role": "role",
|
|
18279
|
+
},
|
|
18280
|
+
)
|
|
18281
|
+
class UserPoolGroupOptions:
|
|
18282
|
+
def __init__(
|
|
18283
|
+
self,
|
|
18284
|
+
*,
|
|
18285
|
+
description: typing.Optional[builtins.str] = None,
|
|
18286
|
+
group_name: typing.Optional[builtins.str] = None,
|
|
18287
|
+
precedence: typing.Optional[jsii.Number] = None,
|
|
18288
|
+
role: typing.Optional[_IRole_235f5d8e] = None,
|
|
18289
|
+
) -> None:
|
|
18290
|
+
'''Options to create a UserPoolGroup.
|
|
18291
|
+
|
|
18292
|
+
:param description: A string containing the description of the group. Default: - no description
|
|
18293
|
+
:param group_name: The name of the group. Must be unique. Default: - auto generate a name
|
|
18294
|
+
:param precedence: A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower Precedence values take precedence over groups with higher or null Precedence values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the cognito:roles and cognito:preferred_role claims. Two groups can have the same Precedence value. If this happens, neither group takes precedence over the other. If two groups with the same Precedence have the same role ARN, that role is used in the cognito:preferred_role claim in tokens for users in each group. If the two groups have different role ARNs, the cognito:preferred_role claim isn't set in users' tokens. Default: - null
|
|
18295
|
+
:param role: The role for the group. Default: - no description
|
|
18296
|
+
|
|
18297
|
+
:exampleMetadata: infused
|
|
18298
|
+
|
|
18299
|
+
Example::
|
|
18300
|
+
|
|
18301
|
+
# user_pool: cognito.UserPool
|
|
18302
|
+
# role: iam.Role
|
|
18303
|
+
|
|
18304
|
+
|
|
18305
|
+
cognito.UserPoolGroup(self, "UserPoolGroup",
|
|
18306
|
+
user_pool=user_pool,
|
|
18307
|
+
group_name="my-group-name",
|
|
18308
|
+
precedence=1,
|
|
18309
|
+
role=role
|
|
18310
|
+
)
|
|
18311
|
+
|
|
18312
|
+
# You can also add a group by using addGroup method.
|
|
18313
|
+
user_pool.add_group("AnotherUserPoolGroup",
|
|
18314
|
+
group_name="another-group-name"
|
|
18315
|
+
)
|
|
18316
|
+
'''
|
|
18317
|
+
if __debug__:
|
|
18318
|
+
type_hints = typing.get_type_hints(_typecheckingstub__a76259212a5e57f1375d5eb2940f0d6cde7a130c86d1a85fc682cc6597a4934b)
|
|
18319
|
+
check_type(argname="argument description", value=description, expected_type=type_hints["description"])
|
|
18320
|
+
check_type(argname="argument group_name", value=group_name, expected_type=type_hints["group_name"])
|
|
18321
|
+
check_type(argname="argument precedence", value=precedence, expected_type=type_hints["precedence"])
|
|
18322
|
+
check_type(argname="argument role", value=role, expected_type=type_hints["role"])
|
|
18323
|
+
self._values: typing.Dict[builtins.str, typing.Any] = {}
|
|
18324
|
+
if description is not None:
|
|
18325
|
+
self._values["description"] = description
|
|
18326
|
+
if group_name is not None:
|
|
18327
|
+
self._values["group_name"] = group_name
|
|
18328
|
+
if precedence is not None:
|
|
18329
|
+
self._values["precedence"] = precedence
|
|
18330
|
+
if role is not None:
|
|
18331
|
+
self._values["role"] = role
|
|
18332
|
+
|
|
18333
|
+
@builtins.property
|
|
18334
|
+
def description(self) -> typing.Optional[builtins.str]:
|
|
18335
|
+
'''A string containing the description of the group.
|
|
18336
|
+
|
|
18337
|
+
:default: - no description
|
|
18338
|
+
'''
|
|
18339
|
+
result = self._values.get("description")
|
|
18340
|
+
return typing.cast(typing.Optional[builtins.str], result)
|
|
18341
|
+
|
|
18342
|
+
@builtins.property
|
|
18343
|
+
def group_name(self) -> typing.Optional[builtins.str]:
|
|
18344
|
+
'''The name of the group.
|
|
18345
|
+
|
|
18346
|
+
Must be unique.
|
|
18347
|
+
|
|
18348
|
+
:default: - auto generate a name
|
|
18349
|
+
'''
|
|
18350
|
+
result = self._values.get("group_name")
|
|
18351
|
+
return typing.cast(typing.Optional[builtins.str], result)
|
|
18352
|
+
|
|
18353
|
+
@builtins.property
|
|
18354
|
+
def precedence(self) -> typing.Optional[jsii.Number]:
|
|
18355
|
+
'''A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool.
|
|
18356
|
+
|
|
18357
|
+
Zero is the highest precedence value.
|
|
18358
|
+
|
|
18359
|
+
Groups with lower Precedence values take precedence over groups with higher or null Precedence values.
|
|
18360
|
+
If a user belongs to two or more groups, it is the group with the lowest precedence value
|
|
18361
|
+
whose role ARN is given in the user's tokens for the cognito:roles and cognito:preferred_role claims.
|
|
18362
|
+
|
|
18363
|
+
Two groups can have the same Precedence value. If this happens, neither group takes precedence over the other.
|
|
18364
|
+
If two groups with the same Precedence have the same role ARN, that role is used in the cognito:preferred_role
|
|
18365
|
+
claim in tokens for users in each group.
|
|
18366
|
+
If the two groups have different role ARNs, the cognito:preferred_role claim isn't set in users' tokens.
|
|
18367
|
+
|
|
18368
|
+
:default: - null
|
|
18369
|
+
'''
|
|
18370
|
+
result = self._values.get("precedence")
|
|
18371
|
+
return typing.cast(typing.Optional[jsii.Number], result)
|
|
18372
|
+
|
|
18373
|
+
@builtins.property
|
|
18374
|
+
def role(self) -> typing.Optional[_IRole_235f5d8e]:
|
|
18375
|
+
'''The role for the group.
|
|
18376
|
+
|
|
18377
|
+
:default: - no description
|
|
18378
|
+
'''
|
|
18379
|
+
result = self._values.get("role")
|
|
18380
|
+
return typing.cast(typing.Optional[_IRole_235f5d8e], result)
|
|
18381
|
+
|
|
18382
|
+
def __eq__(self, rhs: typing.Any) -> builtins.bool:
|
|
18383
|
+
return isinstance(rhs, self.__class__) and rhs._values == self._values
|
|
18384
|
+
|
|
18385
|
+
def __ne__(self, rhs: typing.Any) -> builtins.bool:
|
|
18386
|
+
return not (rhs == self)
|
|
18387
|
+
|
|
18388
|
+
def __repr__(self) -> str:
|
|
18389
|
+
return "UserPoolGroupOptions(%s)" % ", ".join(
|
|
18390
|
+
k + "=" + repr(v) for k, v in self._values.items()
|
|
18391
|
+
)
|
|
18392
|
+
|
|
18393
|
+
|
|
18394
|
+
@jsii.data_type(
|
|
18395
|
+
jsii_type="aws-cdk-lib.aws_cognito.UserPoolGroupProps",
|
|
18396
|
+
jsii_struct_bases=[UserPoolGroupOptions],
|
|
18397
|
+
name_mapping={
|
|
18398
|
+
"description": "description",
|
|
18399
|
+
"group_name": "groupName",
|
|
18400
|
+
"precedence": "precedence",
|
|
18401
|
+
"role": "role",
|
|
18402
|
+
"user_pool": "userPool",
|
|
18403
|
+
},
|
|
18404
|
+
)
|
|
18405
|
+
class UserPoolGroupProps(UserPoolGroupOptions):
|
|
18406
|
+
def __init__(
|
|
18407
|
+
self,
|
|
18408
|
+
*,
|
|
18409
|
+
description: typing.Optional[builtins.str] = None,
|
|
18410
|
+
group_name: typing.Optional[builtins.str] = None,
|
|
18411
|
+
precedence: typing.Optional[jsii.Number] = None,
|
|
18412
|
+
role: typing.Optional[_IRole_235f5d8e] = None,
|
|
18413
|
+
user_pool: IUserPool,
|
|
18414
|
+
) -> None:
|
|
18415
|
+
'''Props for UserPoolGroup construct.
|
|
18416
|
+
|
|
18417
|
+
:param description: A string containing the description of the group. Default: - no description
|
|
18418
|
+
:param group_name: The name of the group. Must be unique. Default: - auto generate a name
|
|
18419
|
+
:param precedence: A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower Precedence values take precedence over groups with higher or null Precedence values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the cognito:roles and cognito:preferred_role claims. Two groups can have the same Precedence value. If this happens, neither group takes precedence over the other. If two groups with the same Precedence have the same role ARN, that role is used in the cognito:preferred_role claim in tokens for users in each group. If the two groups have different role ARNs, the cognito:preferred_role claim isn't set in users' tokens. Default: - null
|
|
18420
|
+
:param role: The role for the group. Default: - no description
|
|
18421
|
+
:param user_pool: The user pool to which this group is associated.
|
|
18422
|
+
|
|
18423
|
+
:exampleMetadata: infused
|
|
18424
|
+
|
|
18425
|
+
Example::
|
|
18426
|
+
|
|
18427
|
+
# user_pool: cognito.UserPool
|
|
18428
|
+
# role: iam.Role
|
|
18429
|
+
|
|
18430
|
+
|
|
18431
|
+
cognito.UserPoolGroup(self, "UserPoolGroup",
|
|
18432
|
+
user_pool=user_pool,
|
|
18433
|
+
group_name="my-group-name",
|
|
18434
|
+
precedence=1,
|
|
18435
|
+
role=role
|
|
18436
|
+
)
|
|
18437
|
+
|
|
18438
|
+
# You can also add a group by using addGroup method.
|
|
18439
|
+
user_pool.add_group("AnotherUserPoolGroup",
|
|
18440
|
+
group_name="another-group-name"
|
|
18441
|
+
)
|
|
18442
|
+
'''
|
|
18443
|
+
if __debug__:
|
|
18444
|
+
type_hints = typing.get_type_hints(_typecheckingstub__6f5beec5c4d6b11b4325b68ae8691c3f5f2eb75f4aa5ef1c6e333e5df0fe7e36)
|
|
18445
|
+
check_type(argname="argument description", value=description, expected_type=type_hints["description"])
|
|
18446
|
+
check_type(argname="argument group_name", value=group_name, expected_type=type_hints["group_name"])
|
|
18447
|
+
check_type(argname="argument precedence", value=precedence, expected_type=type_hints["precedence"])
|
|
18448
|
+
check_type(argname="argument role", value=role, expected_type=type_hints["role"])
|
|
18449
|
+
check_type(argname="argument user_pool", value=user_pool, expected_type=type_hints["user_pool"])
|
|
18450
|
+
self._values: typing.Dict[builtins.str, typing.Any] = {
|
|
18451
|
+
"user_pool": user_pool,
|
|
18452
|
+
}
|
|
18453
|
+
if description is not None:
|
|
18454
|
+
self._values["description"] = description
|
|
18455
|
+
if group_name is not None:
|
|
18456
|
+
self._values["group_name"] = group_name
|
|
18457
|
+
if precedence is not None:
|
|
18458
|
+
self._values["precedence"] = precedence
|
|
18459
|
+
if role is not None:
|
|
18460
|
+
self._values["role"] = role
|
|
18461
|
+
|
|
18462
|
+
@builtins.property
|
|
18463
|
+
def description(self) -> typing.Optional[builtins.str]:
|
|
18464
|
+
'''A string containing the description of the group.
|
|
18465
|
+
|
|
18466
|
+
:default: - no description
|
|
18467
|
+
'''
|
|
18468
|
+
result = self._values.get("description")
|
|
18469
|
+
return typing.cast(typing.Optional[builtins.str], result)
|
|
18470
|
+
|
|
18471
|
+
@builtins.property
|
|
18472
|
+
def group_name(self) -> typing.Optional[builtins.str]:
|
|
18473
|
+
'''The name of the group.
|
|
18474
|
+
|
|
18475
|
+
Must be unique.
|
|
18476
|
+
|
|
18477
|
+
:default: - auto generate a name
|
|
18478
|
+
'''
|
|
18479
|
+
result = self._values.get("group_name")
|
|
18480
|
+
return typing.cast(typing.Optional[builtins.str], result)
|
|
18481
|
+
|
|
18482
|
+
@builtins.property
|
|
18483
|
+
def precedence(self) -> typing.Optional[jsii.Number]:
|
|
18484
|
+
'''A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool.
|
|
18485
|
+
|
|
18486
|
+
Zero is the highest precedence value.
|
|
18487
|
+
|
|
18488
|
+
Groups with lower Precedence values take precedence over groups with higher or null Precedence values.
|
|
18489
|
+
If a user belongs to two or more groups, it is the group with the lowest precedence value
|
|
18490
|
+
whose role ARN is given in the user's tokens for the cognito:roles and cognito:preferred_role claims.
|
|
18491
|
+
|
|
18492
|
+
Two groups can have the same Precedence value. If this happens, neither group takes precedence over the other.
|
|
18493
|
+
If two groups with the same Precedence have the same role ARN, that role is used in the cognito:preferred_role
|
|
18494
|
+
claim in tokens for users in each group.
|
|
18495
|
+
If the two groups have different role ARNs, the cognito:preferred_role claim isn't set in users' tokens.
|
|
18496
|
+
|
|
18497
|
+
:default: - null
|
|
18498
|
+
'''
|
|
18499
|
+
result = self._values.get("precedence")
|
|
18500
|
+
return typing.cast(typing.Optional[jsii.Number], result)
|
|
18501
|
+
|
|
18502
|
+
@builtins.property
|
|
18503
|
+
def role(self) -> typing.Optional[_IRole_235f5d8e]:
|
|
18504
|
+
'''The role for the group.
|
|
18505
|
+
|
|
18506
|
+
:default: - no description
|
|
18507
|
+
'''
|
|
18508
|
+
result = self._values.get("role")
|
|
18509
|
+
return typing.cast(typing.Optional[_IRole_235f5d8e], result)
|
|
18510
|
+
|
|
18511
|
+
@builtins.property
|
|
18512
|
+
def user_pool(self) -> IUserPool:
|
|
18513
|
+
'''The user pool to which this group is associated.'''
|
|
18514
|
+
result = self._values.get("user_pool")
|
|
18515
|
+
assert result is not None, "Required property 'user_pool' is missing"
|
|
18516
|
+
return typing.cast(IUserPool, result)
|
|
18517
|
+
|
|
18518
|
+
def __eq__(self, rhs: typing.Any) -> builtins.bool:
|
|
18519
|
+
return isinstance(rhs, self.__class__) and rhs._values == self._values
|
|
18520
|
+
|
|
18521
|
+
def __ne__(self, rhs: typing.Any) -> builtins.bool:
|
|
18522
|
+
return not (rhs == self)
|
|
18523
|
+
|
|
18524
|
+
def __repr__(self) -> str:
|
|
18525
|
+
return "UserPoolGroupProps(%s)" % ", ".join(
|
|
18526
|
+
k + "=" + repr(v) for k, v in self._values.items()
|
|
18527
|
+
)
|
|
18528
|
+
|
|
18529
|
+
|
|
18530
|
+
class UserPoolIdentityProvider(
|
|
18531
|
+
metaclass=jsii.JSIIMeta,
|
|
18532
|
+
jsii_type="aws-cdk-lib.aws_cognito.UserPoolIdentityProvider",
|
|
18533
|
+
):
|
|
18534
|
+
'''User pool third-party identity providers.'''
|
|
18535
|
+
|
|
18536
|
+
@jsii.member(jsii_name="fromProviderName")
|
|
18537
|
+
@builtins.classmethod
|
|
18538
|
+
def from_provider_name(
|
|
18539
|
+
cls,
|
|
18540
|
+
scope: _constructs_77d1e7e8.Construct,
|
|
18541
|
+
id: builtins.str,
|
|
18542
|
+
provider_name: builtins.str,
|
|
18543
|
+
) -> IUserPoolIdentityProvider:
|
|
18544
|
+
'''Import an existing UserPoolIdentityProvider.
|
|
18545
|
+
|
|
18546
|
+
:param scope: -
|
|
18547
|
+
:param id: -
|
|
18548
|
+
:param provider_name: -
|
|
18549
|
+
'''
|
|
18550
|
+
if __debug__:
|
|
18551
|
+
type_hints = typing.get_type_hints(_typecheckingstub__9db3563a94587e916fce47561a9ad603b26f36fbcb7b72d5e133ddf1e77b76d6)
|
|
18552
|
+
check_type(argname="argument scope", value=scope, expected_type=type_hints["scope"])
|
|
18553
|
+
check_type(argname="argument id", value=id, expected_type=type_hints["id"])
|
|
18554
|
+
check_type(argname="argument provider_name", value=provider_name, expected_type=type_hints["provider_name"])
|
|
18555
|
+
return typing.cast(IUserPoolIdentityProvider, jsii.sinvoke(cls, "fromProviderName", [scope, id, provider_name]))
|
|
18070
18556
|
|
|
18071
18557
|
|
|
18072
18558
|
@jsii.implements(IUserPoolIdentityProvider)
|
|
@@ -21540,6 +22026,7 @@ __all__ = [
|
|
|
21540
22026
|
"IUserPool",
|
|
21541
22027
|
"IUserPoolClient",
|
|
21542
22028
|
"IUserPoolDomain",
|
|
22029
|
+
"IUserPoolGroup",
|
|
21543
22030
|
"IUserPoolIdentityProvider",
|
|
21544
22031
|
"IUserPoolResourceServer",
|
|
21545
22032
|
"KeepOriginalAttrs",
|
|
@@ -21578,6 +22065,9 @@ __all__ = [
|
|
|
21578
22065
|
"UserPoolDomainProps",
|
|
21579
22066
|
"UserPoolEmail",
|
|
21580
22067
|
"UserPoolEmailConfig",
|
|
22068
|
+
"UserPoolGroup",
|
|
22069
|
+
"UserPoolGroupOptions",
|
|
22070
|
+
"UserPoolGroupProps",
|
|
21581
22071
|
"UserPoolIdentityProvider",
|
|
21582
22072
|
"UserPoolIdentityProviderAmazon",
|
|
21583
22073
|
"UserPoolIdentityProviderAmazonProps",
|
|
@@ -22760,12 +23250,12 @@ def _typecheckingstub__759e90505ceb64aa7002be11d4da4a87090102263927799f662a83f60
|
|
|
22760
23250
|
scope: _constructs_77d1e7e8.Construct,
|
|
22761
23251
|
id: builtins.str,
|
|
22762
23252
|
*,
|
|
23253
|
+
provider_details: typing.Any,
|
|
22763
23254
|
provider_name: builtins.str,
|
|
22764
23255
|
provider_type: builtins.str,
|
|
22765
23256
|
user_pool_id: builtins.str,
|
|
22766
23257
|
attribute_mapping: typing.Any = None,
|
|
22767
23258
|
idp_identifiers: typing.Optional[typing.Sequence[builtins.str]] = None,
|
|
22768
|
-
provider_details: typing.Any = None,
|
|
22769
23259
|
) -> None:
|
|
22770
23260
|
"""Type checking stubs"""
|
|
22771
23261
|
pass
|
|
@@ -22782,6 +23272,12 @@ def _typecheckingstub__7ff11acc316d5d73192edfeab5a5d7fb2aa7891c069fce7ccaa876300
|
|
|
22782
23272
|
"""Type checking stubs"""
|
|
22783
23273
|
pass
|
|
22784
23274
|
|
|
23275
|
+
def _typecheckingstub__dd9b80463fd736be9b8b32bf8d2368b0c44578e3b056d45e068ca1e5fdfdb299(
|
|
23276
|
+
value: typing.Any,
|
|
23277
|
+
) -> None:
|
|
23278
|
+
"""Type checking stubs"""
|
|
23279
|
+
pass
|
|
23280
|
+
|
|
22785
23281
|
def _typecheckingstub__03fef1ca3436f487bdb2ac4c72e914ca702f01a40d12470aaa64c77a0f7e15a2(
|
|
22786
23282
|
value: builtins.str,
|
|
22787
23283
|
) -> None:
|
|
@@ -22812,20 +23308,14 @@ def _typecheckingstub__7662247fd2cd01f6776c3a84fedff308a45861e95cabe426cb256482a
|
|
|
22812
23308
|
"""Type checking stubs"""
|
|
22813
23309
|
pass
|
|
22814
23310
|
|
|
22815
|
-
def _typecheckingstub__dd9b80463fd736be9b8b32bf8d2368b0c44578e3b056d45e068ca1e5fdfdb299(
|
|
22816
|
-
value: typing.Any,
|
|
22817
|
-
) -> None:
|
|
22818
|
-
"""Type checking stubs"""
|
|
22819
|
-
pass
|
|
22820
|
-
|
|
22821
23311
|
def _typecheckingstub__41106943fcdd509be0174e1e1c8a8c320bd77587c77e22cfc1c1b7378dfb42ec(
|
|
22822
23312
|
*,
|
|
23313
|
+
provider_details: typing.Any,
|
|
22823
23314
|
provider_name: builtins.str,
|
|
22824
23315
|
provider_type: builtins.str,
|
|
22825
23316
|
user_pool_id: builtins.str,
|
|
22826
23317
|
attribute_mapping: typing.Any = None,
|
|
22827
23318
|
idp_identifiers: typing.Optional[typing.Sequence[builtins.str]] = None,
|
|
22828
|
-
provider_details: typing.Any = None,
|
|
22829
23319
|
) -> None:
|
|
22830
23320
|
"""Type checking stubs"""
|
|
22831
23321
|
pass
|
|
@@ -23346,6 +23836,17 @@ def _typecheckingstub__792921e0d9eecd6253eadd31c7fba82fdce9c0ba38f25dcba7dcd063e
|
|
|
23346
23836
|
"""Type checking stubs"""
|
|
23347
23837
|
pass
|
|
23348
23838
|
|
|
23839
|
+
def _typecheckingstub__e70d406698753c50dbab4e4d1f9837fc55e7c713f52b3937d20745b5ab2a221e(
|
|
23840
|
+
id: builtins.str,
|
|
23841
|
+
*,
|
|
23842
|
+
description: typing.Optional[builtins.str] = None,
|
|
23843
|
+
group_name: typing.Optional[builtins.str] = None,
|
|
23844
|
+
precedence: typing.Optional[jsii.Number] = None,
|
|
23845
|
+
role: typing.Optional[_IRole_235f5d8e] = None,
|
|
23846
|
+
) -> None:
|
|
23847
|
+
"""Type checking stubs"""
|
|
23848
|
+
pass
|
|
23849
|
+
|
|
23349
23850
|
def _typecheckingstub__6e7f4643c9bff39b5095e7aa370612aed9ce88bfde927b1cbbd7b3a21df157a2(
|
|
23350
23851
|
id: builtins.str,
|
|
23351
23852
|
*,
|
|
@@ -23654,6 +24155,17 @@ def _typecheckingstub__f9659a33214c6a8f47e5cc02aec61f89c8bd48113d0c9b3e32a81fef2
|
|
|
23654
24155
|
"""Type checking stubs"""
|
|
23655
24156
|
pass
|
|
23656
24157
|
|
|
24158
|
+
def _typecheckingstub__182df28f489c4d9ab970aca99503d45cd2196b431c6ce7b04bb1e343694049fa(
|
|
24159
|
+
id: builtins.str,
|
|
24160
|
+
*,
|
|
24161
|
+
description: typing.Optional[builtins.str] = None,
|
|
24162
|
+
group_name: typing.Optional[builtins.str] = None,
|
|
24163
|
+
precedence: typing.Optional[jsii.Number] = None,
|
|
24164
|
+
role: typing.Optional[_IRole_235f5d8e] = None,
|
|
24165
|
+
) -> None:
|
|
24166
|
+
"""Type checking stubs"""
|
|
24167
|
+
pass
|
|
24168
|
+
|
|
23657
24169
|
def _typecheckingstub__15a655e8061891a027a61815d064f6a0d9d429f80e33f0c0c98213485f2beedd(
|
|
23658
24170
|
id: builtins.str,
|
|
23659
24171
|
*,
|
|
@@ -23829,6 +24341,48 @@ def _typecheckingstub__e3ce90cb9624f22600c6b33192c8ad7ad7f3946d65d49e2cf22b46b1d
|
|
|
23829
24341
|
"""Type checking stubs"""
|
|
23830
24342
|
pass
|
|
23831
24343
|
|
|
24344
|
+
def _typecheckingstub__775ac13db76309a928c26a49c092fd74e83d97ad55358f5e3e7abc39c87da53a(
|
|
24345
|
+
scope: _constructs_77d1e7e8.Construct,
|
|
24346
|
+
id: builtins.str,
|
|
24347
|
+
*,
|
|
24348
|
+
user_pool: IUserPool,
|
|
24349
|
+
description: typing.Optional[builtins.str] = None,
|
|
24350
|
+
group_name: typing.Optional[builtins.str] = None,
|
|
24351
|
+
precedence: typing.Optional[jsii.Number] = None,
|
|
24352
|
+
role: typing.Optional[_IRole_235f5d8e] = None,
|
|
24353
|
+
) -> None:
|
|
24354
|
+
"""Type checking stubs"""
|
|
24355
|
+
pass
|
|
24356
|
+
|
|
24357
|
+
def _typecheckingstub__9d44902ed5a2acfdafc23199f3078ecfdbefe799f2ec29a5b0d850ee7b6d36ec(
|
|
24358
|
+
scope: _constructs_77d1e7e8.Construct,
|
|
24359
|
+
id: builtins.str,
|
|
24360
|
+
group_name: builtins.str,
|
|
24361
|
+
) -> None:
|
|
24362
|
+
"""Type checking stubs"""
|
|
24363
|
+
pass
|
|
24364
|
+
|
|
24365
|
+
def _typecheckingstub__a76259212a5e57f1375d5eb2940f0d6cde7a130c86d1a85fc682cc6597a4934b(
|
|
24366
|
+
*,
|
|
24367
|
+
description: typing.Optional[builtins.str] = None,
|
|
24368
|
+
group_name: typing.Optional[builtins.str] = None,
|
|
24369
|
+
precedence: typing.Optional[jsii.Number] = None,
|
|
24370
|
+
role: typing.Optional[_IRole_235f5d8e] = None,
|
|
24371
|
+
) -> None:
|
|
24372
|
+
"""Type checking stubs"""
|
|
24373
|
+
pass
|
|
24374
|
+
|
|
24375
|
+
def _typecheckingstub__6f5beec5c4d6b11b4325b68ae8691c3f5f2eb75f4aa5ef1c6e333e5df0fe7e36(
|
|
24376
|
+
*,
|
|
24377
|
+
description: typing.Optional[builtins.str] = None,
|
|
24378
|
+
group_name: typing.Optional[builtins.str] = None,
|
|
24379
|
+
precedence: typing.Optional[jsii.Number] = None,
|
|
24380
|
+
role: typing.Optional[_IRole_235f5d8e] = None,
|
|
24381
|
+
user_pool: IUserPool,
|
|
24382
|
+
) -> None:
|
|
24383
|
+
"""Type checking stubs"""
|
|
24384
|
+
pass
|
|
24385
|
+
|
|
23832
24386
|
def _typecheckingstub__9db3563a94587e916fce47561a9ad603b26f36fbcb7b72d5e133ddf1e77b76d6(
|
|
23833
24387
|
scope: _constructs_77d1e7e8.Construct,
|
|
23834
24388
|
id: builtins.str,
|