我已经通过AWS控制台创建了Cognito用户池,但我想通过CloudFormation自动创建新的Cognito用户池。我可以将当前的用户池配置导出到CloudFormation模板吗?如何将Cognito用户池设置导出到CloudFormation模板?
0
A
回答
0
目前无法从Cognito导出现有用户池。但是,您可以在AWS CloudFormation中创建新的用户池,然后使用AWS::Cognito::UserPool资源类型从CloudFormation本身继续管理这些池。
3
它不可能导出。您需要以下6个资源才能使过程自动化。
- Cognito验证的作用
- Cognito未经验证的作用
- 用户池
- 用户群的客户
- 身份游泳池
- 身份池角色附件
您将需要3个输出其你可能需要在你的代码中使用。以下是创建这些代码
AWSTemplateFormatVersion: 2010-09-09
Parameters:
envParameter:
Type: String
Default: dev
AllowedValues: [ dev, test, qa, prod ]
Description: Suffix to be added for names.
Resources:
myApiUserPool:
Type: "AWS::Cognito::UserPool"
Properties:
UserPoolName: !Sub myApiUserPool${envParameter}
myApiUserPoolClient:
Type: "AWS::Cognito::UserPoolClient"
Properties:
ClientName: !Sub myApiUserPoolClient${envParameter},
GenerateSecret: False
RefreshTokenValidity: 30
UserPoolId: !Ref myApiUserPool
myApiIdentityPool:
Type: "AWS::Cognito::IdentityPool"
Properties:
IdentityPoolName: !Sub myApiIdentityPool${envParameter}
AllowUnauthenticatedIdentities: False
CognitoIdentityProviders:
- ClientId: !Ref myApiUserPoolClient
ProviderName: !GetAtt myApiUserPool.ProviderName
cognitoUnauthRole:
Type: 'AWS::IAM::Role'
Properties:
RoleName: !Sub Cognito_${myApiIdentityPool.Name}_Unauth_Role
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Principal:
Federated: cognito-identity.amazonaws.com
Action: [ 'sts:AssumeRole' ]
Policies:
- PolicyName: cognitounauth
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- mobileanalytics:PutEvents
- cognito-sync:*
Resource:
- "*"
cognitoAuthRole:
Type: 'AWS::IAM::Role'
Properties:
RoleName: !Sub Cognito_${myApiIdentityPool.Name}_Auth_Role
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Principal:
Federated: cognito-identity.amazonaws.com
Action: [ 'sts:AssumeRole' ]
Policies:
- PolicyName: cognitoauth
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- mobileanalytics:PutEvents
- cognito-sync:*
- execute-api:*
Resource:
- "*"
myApiIdentityPoolRoleAttachment:
DependsOn: [ myApiIdentityPool, cognitoUnauthRole, cognitoAuthRole ]
Type: "AWS::Cognito::IdentityPoolRoleAttachment"
Properties:
IdentityPoolId: !Ref myApiIdentityPool
Roles:
authenticated: !GetAtt cognitoAuthRole.Arn
unauthenticated: !GetAtt cognitoUnauthRole.Arn
Outputs:
userPool:
Description: "User pool ID"
Value: !Ref myApiUserPool
identityPool:
Description: "Identity pool ID"
Value: !Ref myApiIdentityPool
ClientId:
Description: "Client id for the user pool appclient"
Value: !Ref myApiUserPoolClient
相关问题
- 1. 通过Cloudformation将角色添加到AWS Cognito身份池
- 2. 将用户导入带有md5密码的cognito用户池
- 3. 如何将Cognito用户池与身份池集成?
- 4. CloudFormation模板导入其他模板
- 5. AWS Cognito移动应用程序的用户池设置
- 6. 如何使用Java将用户注册到Amazon Cognito身份用户池
- 7. 使用IAM用户Cognito的用户池
- 8. 如何在RDS CloudFormation模板中设置PreferredBackupWindow参数?
- 9. 用于Cognito身份池创建的CloudFormation CognitoEvent列表
- 10. 由Cloudformation模板
- 11. 使用Cognito用户池,不使用Cognito联合身份(身份池)
- 12. 使用Amazon Cognito身份用户池
- 13. 使用API网关的Cognito用户池
- 14. AWS Cognito未能将用户池中的用户与身份池集成
- 15. AWS Cognito用户池标识REST示例
- 16. AWS Cognito用户池不带密码
- 17. 刷新标记AWS Cognito用户池
- 18. 如何使用cloudformation模板获取userdata的输出值?
- 19. 如何使用CloudFormation在IAM中设置用户名和组名?
- 20. 如何导出DocuSign帐户设置,用户和用户配置文件,然后将其导入新帐户?
- 21. AWS Cloudformation模板配置无效
- 22. 亚马逊Cognito的用户池 - CredentialsError:配置中缺少凭据
- 23. 如何将Cognito用户池与Facebook等外部提供者结合使用?
- 24. Cognito用户池:如何刷新访问令牌Android
- 25. 如何使用Cognito用户池+ Cognito Identity Pool用户加入应用程序数据?
- 26. AWS Cloudformation模板 - 在S3桶中设置区域
- 27. Cognito的API网关授权用户池+身份池
- 28. 如何将自定义模板库设置为基本模板
- 29. Android Studio。如何将实时模板导出到文件?
- 30. 收到一个错误,同时创造AWS Cognito用户池