Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(cognito): the Cognito Identity Pools module is now in Developer Preview #31854

Merged
merged 12 commits into from
Oct 22, 2024
22 changes: 11 additions & 11 deletions packages/@aws-cdk/aws-cognito-identitypool-alpha/README.md
Original file line number Diff line number Diff line change
@@ -1,25 +1,25 @@
# Amazon Cognito Identity Pool Construct Library

> **Identity Pools are in a separate module while the API is being stabilized. Once we stabilize the module, they will**
**be included into the stable [aws-cognito](../aws-cognito) library. Please provide feedback on this experience by**
**creating an [issue here](https://github.com/aws/aws-cdk/issues/new/choose)**

<!--BEGIN STABILITY BANNER-->

---

![cdk-constructs: Experimental](https://img.shields.io/badge/cdk--constructs-experimental-important.svg?style=for-the-badge)
![cdk-constructs: Developer Preview](https://img.shields.io/badge/cdk--constructs-developer--preview-informational.svg?style=for-the-badge)

> The APIs of higher level constructs in this module are experimental and under active development.
> They are subject to non-backward compatible changes or removal in any future version. These are
> not subject to the [Semantic Versioning](https://semver.org/) model and breaking changes will be
> announced in the release notes. This means that while you may use them, you may need to update
> your source code when upgrading to a newer version of this package.
> The APIs of higher level constructs in this module are in **developer preview** before they
> become stable. We will only make breaking changes to address unforeseen API issues. Therefore,
> these APIs are not subject to [Semantic Versioning](https://semver.org/), and breaking changes
> will be announced in release notes. This means that while you may use them, you may need to
> update your source code when upgrading to a newer version of this package.

---

<!--END STABILITY BANNER-->


> **Identity Pools are in a separate module while the API is being stabilized. Once we stabilize the module, they will**
**be included into the stable [aws-cognito](../aws-cognito) library. Please provide feedback on this experience by**
**creating an [issue here](https://github.com/aws/aws-cdk/issues/new/choose)**

[Amazon Cognito Identity Pools](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-identity.html) enable you to grant your users access to other AWS services.

Identity Pools are one of the two main components of [Amazon Cognito](https://docs.aws.amazon.com/cognito/latest/developerguide/what-is-amazon-cognito.html), which provides authentication, authorization, and
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,7 @@
"node": ">= 14.15.0"
},
"stability": "experimental",
"maturity": "experimental",
"maturity": "developer-preview",
"awscdkio": {
"announce": false
},
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ import { Effect, PolicyStatement } from 'aws-cdk-lib/aws-iam';
import { App, SecretValue, Stack } from 'aws-cdk-lib';
import { IdentityPool, IdentityPoolProviderUrl } from '../lib/identitypool';
import { UserPoolAuthenticationProvider } from '../lib/identitypool-user-pool-authentication-provider';
import { IdentityPoolRoleAttachment } from '../lib/identitypool-role-attachment';

const app = new App();
const stack = new Stack(app, 'integ-identitypool');
Expand Down Expand Up @@ -63,6 +64,19 @@ const idPool = new IdentityPool(stack, 'identitypool', {
allowClassicFlow: true,
identityPoolName: 'my-id-pool',
});
idPool.addRoleMappings(
{
mappingKey: 'myKey',
providerUrl: IdentityPoolProviderUrl.userPool(userPool, client),
rules: [
{
claim: 'myClaim',
claimValue: 'myValue',
mappedRole: idPool.authenticatedRole,
},
],
}
);
idPool.authenticatedRole.addToPrincipalPolicy(new PolicyStatement({
effect: Effect.ALLOW,
actions: ['dynamodb:*'],
Expand All @@ -74,4 +88,7 @@ idPool.unauthenticatedRole.addToPrincipalPolicy(new PolicyStatement({
resources: ['*'],
}));
idPool.addUserPoolAuthentication(new UserPoolAuthenticationProvider({ userPool: otherPool }));
new IdentityPoolRoleAttachment(stack, 'RoleAttachment', {
identityPool: idPool,
});
app.synth();
Loading