com.pulumi.awsnative.cognito.kotlin.UserPoolIdentityProvider.kt Maven / Gradle / Ivy
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.awsnative.cognito.kotlin
import com.pulumi.core.Output
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Any
import kotlin.Boolean
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
/**
* Builder for [UserPoolIdentityProvider].
*/
@PulumiTagMarker
public class UserPoolIdentityProviderResourceBuilder internal constructor() {
public var name: String? = null
public var args: UserPoolIdentityProviderArgs = UserPoolIdentityProviderArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend UserPoolIdentityProviderArgsBuilder.() -> Unit) {
val builder = UserPoolIdentityProviderArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): UserPoolIdentityProvider {
val builtJavaResource =
com.pulumi.awsnative.cognito.UserPoolIdentityProvider(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return UserPoolIdentityProvider(builtJavaResource)
}
}
/**
* Resource Type definition for AWS::Cognito::UserPoolIdentityProvider
*/
public class UserPoolIdentityProvider internal constructor(
override val javaResource: com.pulumi.awsnative.cognito.UserPoolIdentityProvider,
) : KotlinCustomResource(javaResource, UserPoolIdentityProviderMapper) {
/**
* A mapping of IdP attributes to standard and custom user pool attributes.
* Search the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Cognito::UserPoolIdentityProvider` for more information about the expected schema for this property.
*/
public val attributeMapping: Output?
get() = javaResource.attributeMapping().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The resource ID.
*/
public val awsId: Output
get() = javaResource.awsId().applyValue({ args0 -> args0 })
/**
* A list of IdP identifiers.
*/
public val idpIdentifiers: Output>?
get() = javaResource.idpIdentifiers().applyValue({ args0 ->
args0.map({ args0 ->
args0.map({ args0 -> args0 })
}).orElse(null)
})
/**
* The scopes, URLs, and identifiers for your external identity provider. The following
* examples describe the provider detail keys for each IdP type. These values and their
* schema are subject to change. Social IdP `authorize_scopes` values must match
* the values listed here.
* - **OpenID Connect (OIDC)** - Amazon Cognito accepts the following elements when it can't discover endpoint URLs from `oidc_issuer` : `attributes_url` , `authorize_url` , `jwks_uri` , `token_url` .
* Create or update request: `"ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }`
* Describe response: `"ProviderDetails": { "attributes_request_method": "GET", "attributes_url": "https://auth.example.com/userInfo", "attributes_url_add_attributes": "false", "authorize_scopes": "openid profile email", "authorize_url": "https://auth.example.com/authorize", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "jwks_uri": "https://auth.example.com/.well-known/jwks.json", "oidc_issuer": "https://auth.example.com", "token_url": "https://example.com/token" }`
* - **SAML** - Create or update request with Metadata URL: `"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256" }`
* Create or update request with Metadata file: `"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "MetadataFile": "[metadata XML]", "RequestSigningAlgorithm": "rsa-sha256" }`
* The value of `MetadataFile` must be the plaintext metadata document with all quote (") characters escaped by backslashes.
* Describe response: `"ProviderDetails": { "IDPInit": "true", "IDPSignout": "true", "EncryptedResponses" : "true", "ActiveEncryptionCertificate": "[certificate]", "MetadataURL": "https://auth.example.com/sso/saml/metadata", "RequestSigningAlgorithm": "rsa-sha256", "SLORedirectBindingURI": "https://auth.example.com/slo/saml", "SSORedirectBindingURI": "https://auth.example.com/sso/saml" }`
* - **LoginWithAmazon** - Create or update request: `"ProviderDetails": { "authorize_scopes": "profile postal_code", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret"`
* Describe response: `"ProviderDetails": { "attributes_url": "https://api.amazon.com/user/profile", "attributes_url_add_attributes": "false", "authorize_scopes": "profile postal_code", "authorize_url": "https://www.amazon.com/ap/oa", "client_id": "amzn1.application-oa2-client.1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "POST", "token_url": "https://api.amazon.com/auth/o2/token" }`
* - **Google** - Create or update request: `"ProviderDetails": { "authorize_scopes": "email profile openid", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret" }`
* Describe response: `"ProviderDetails": { "attributes_url": "https://people.googleapis.com/v1/people/me?personFields=", "attributes_url_add_attributes": "true", "authorize_scopes": "email profile openid", "authorize_url": "https://accounts.google.com/o/oauth2/v2/auth", "client_id": "1example23456789.apps.googleusercontent.com", "client_secret": "provider-app-client-secret", "oidc_issuer": "https://accounts.google.com", "token_request_method": "POST", "token_url": "https://www.googleapis.com/oauth2/v4/token" }`
* - **SignInWithApple** - Create or update request: `"ProviderDetails": { "authorize_scopes": "email name", "client_id": "com.example.cognito", "private_key": "1EXAMPLE", "key_id": "2EXAMPLE", "team_id": "3EXAMPLE" }`
* Describe response: `"ProviderDetails": { "attributes_url_add_attributes": "false", "authorize_scopes": "email name", "authorize_url": "https://appleid.apple.com/auth/authorize", "client_id": "com.example.cognito", "key_id": "1EXAMPLE", "oidc_issuer": "https://appleid.apple.com", "team_id": "2EXAMPLE", "token_request_method": "POST", "token_url": "https://appleid.apple.com/auth/token" }`
* - **Facebook** - Create or update request: `"ProviderDetails": { "api_version": "v17.0", "authorize_scopes": "public_profile, email", "client_id": "1example23456789", "client_secret": "provider-app-client-secret" }`
* Describe response: `"ProviderDetails": { "api_version": "v17.0", "attributes_url": "https://graph.facebook.com/v17.0/me?fields=", "attributes_url_add_attributes": "true", "authorize_scopes": "public_profile, email", "authorize_url": "https://www.facebook.com/v17.0/dialog/oauth", "client_id": "1example23456789", "client_secret": "provider-app-client-secret", "token_request_method": "GET", "token_url": "https://graph.facebook.com/v17.0/oauth/access_token" }`
* Search the [CloudFormation User Guide](https://docs.aws.amazon.com/cloudformation/) for `AWS::Cognito::UserPoolIdentityProvider` for more information about the expected schema for this property.
*/
public val providerDetails: Output?
get() = javaResource.providerDetails().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The IdP name.
*/
public val providerName: Output
get() = javaResource.providerName().applyValue({ args0 -> args0 })
/**
* The IdP type.
*/
public val providerType: Output
get() = javaResource.providerType().applyValue({ args0 -> args0 })
/**
* The user pool ID.
*/
public val userPoolId: Output
get() = javaResource.userPoolId().applyValue({ args0 -> args0 })
}
public object UserPoolIdentityProviderMapper : ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.awsnative.cognito.UserPoolIdentityProvider::class == javaResource::class
override fun map(javaResource: Resource): UserPoolIdentityProvider =
UserPoolIdentityProvider(
javaResource as
com.pulumi.awsnative.cognito.UserPoolIdentityProvider,
)
}
/**
* @see [UserPoolIdentityProvider].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [UserPoolIdentityProvider].
*/
public suspend fun userPoolIdentityProvider(
name: String,
block: suspend UserPoolIdentityProviderResourceBuilder.() -> Unit,
): UserPoolIdentityProvider {
val builder = UserPoolIdentityProviderResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [UserPoolIdentityProvider].
* @param name The _unique_ name of the resulting resource.
*/
public fun userPoolIdentityProvider(name: String): UserPoolIdentityProvider {
val builder = UserPoolIdentityProviderResourceBuilder()
builder.name(name)
return builder.build()
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy