Docs Home Pulumi IaC Pulumi ESC Pulumi Insights Pulumi Cloud Packages Tutorials
  1. Packages
  2. AWS Cloud Control
  3. API Docs
  4. verifiedpermissions
  5. IdentitySource

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi
pulumi/pulumi-aws-native

aws-native.verifiedpermissions.IdentitySource

Explore with Pulumi AI

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi
pulumi/pulumi-aws-native

Definition of AWS::VerifiedPermissions::IdentitySource Resource Type

Example Usage

Example

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;

return await Deployment.RunAsync(() => 
{
    var config = new Config();
    var policyStoreId = config.Require("policyStoreId");
    var userPoolArn = config.Require("userPoolArn");
    var clientIds = config.RequireObject<string[]>("clientIds");
    var principalEntityType = config.Require("principalEntityType");
    var identitySource = new AwsNative.VerifiedPermissions.IdentitySource("identitySource", new()
    {
        PolicyStoreId = policyStoreId,
        Configuration = new AwsNative.VerifiedPermissions.Inputs.IdentitySourceConfiguration0PropertiesArgs
        {
            CognitoUserPoolConfiguration = new AwsNative.VerifiedPermissions.Inputs.IdentitySourceCognitoUserPoolConfigurationArgs
            {
                UserPoolArn = userPoolArn,
                ClientIds = clientIds,
            },
        },
        PrincipalEntityType = principalEntityType,
    });

    return new Dictionary<string, object?>
    {
        ["identitySourceId"] = identitySource.IdentitySourceId,
    };
});
Copy
package main

import (
	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/verifiedpermissions"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		cfg := config.New(ctx, "")
		policyStoreId := cfg.Require("policyStoreId")
		userPoolArn := cfg.Require("userPoolArn")
		clientIds := cfg.Require("clientIds")
		principalEntityType := cfg.Require("principalEntityType")
		identitySource, err := verifiedpermissions.NewIdentitySource(ctx, "identitySource", &verifiedpermissions.IdentitySourceArgs{
			PolicyStoreId: pulumi.String(policyStoreId),
			Configuration: &verifiedpermissions.IdentitySourceConfiguration0PropertiesArgs{
				CognitoUserPoolConfiguration: &verifiedpermissions.IdentitySourceCognitoUserPoolConfigurationArgs{
					UserPoolArn: pulumi.String(userPoolArn),
					ClientIds:   clientIds,
				},
			},
			PrincipalEntityType: pulumi.String(principalEntityType),
		})
		if err != nil {
			return err
		}
		ctx.Export("identitySourceId", identitySource.IdentitySourceId)
		return nil
	})
}
Copy

Coming soon!

import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";

const config = new pulumi.Config();
const policyStoreId = config.require("policyStoreId");
const userPoolArn = config.require("userPoolArn");
const clientIds = config.requireObject<Array<string>>("clientIds");
const principalEntityType = config.require("principalEntityType");
const identitySource = new aws_native.verifiedpermissions.IdentitySource("identitySource", {
    policyStoreId: policyStoreId,
    configuration: {
        cognitoUserPoolConfiguration: {
            userPoolArn: userPoolArn,
            clientIds: clientIds,
        },
    },
    principalEntityType: principalEntityType,
});
export const identitySourceId = identitySource.identitySourceId;
Copy
import pulumi
import pulumi_aws_native as aws_native

config = pulumi.Config()
policy_store_id = config.require("policyStoreId")
user_pool_arn = config.require("userPoolArn")
client_ids = config.require_object("clientIds")
principal_entity_type = config.require("principalEntityType")
identity_source = aws_native.verifiedpermissions.IdentitySource("identitySource",
    policy_store_id=policy_store_id,
    configuration={
        "cognito_user_pool_configuration": {
            "user_pool_arn": user_pool_arn,
            "client_ids": client_ids,
        },
    },
    principal_entity_type=principal_entity_type)
pulumi.export("identitySourceId", identity_source.identity_source_id)
Copy

Coming soon!

Create IdentitySource Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new IdentitySource(name: string, args: IdentitySourceArgs, opts?: CustomResourceOptions);
@overload
def IdentitySource(resource_name: str,
                   args: IdentitySourceArgs,
                   opts: Optional[ResourceOptions] = None)

@overload
def IdentitySource(resource_name: str,
                   opts: Optional[ResourceOptions] = None,
                   configuration: Optional[Union[IdentitySourceConfiguration0PropertiesArgs, IdentitySourceConfiguration1PropertiesArgs]] = None,
                   policy_store_id: Optional[str] = None,
                   principal_entity_type: Optional[str] = None)
func NewIdentitySource(ctx *Context, name string, args IdentitySourceArgs, opts ...ResourceOption) (*IdentitySource, error)
public IdentitySource(string name, IdentitySourceArgs args, CustomResourceOptions? opts = null)
public IdentitySource(String name, IdentitySourceArgs args)
public IdentitySource(String name, IdentitySourceArgs args, CustomResourceOptions options)

type: aws-native:verifiedpermissions:IdentitySource
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args This property is required. IdentitySourceArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args This property is required. IdentitySourceArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args This property is required. IdentitySourceArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args This property is required. IdentitySourceArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. IdentitySourceArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

IdentitySource Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The IdentitySource resource accepts the following input properties:

Configuration This property is required. Pulumi.AwsNative.VerifiedPermissions.Inputs.IdentitySourceConfiguration0Properties | Pulumi.AwsNative.VerifiedPermissions.Inputs.IdentitySourceConfiguration1Properties
Contains configuration information used when creating a new identity source.
PolicyStoreId This property is required. string
Specifies the ID of the policy store in which you want to store this identity source. Only policies and requests made using this policy store can reference identities from the identity provider configured in the new identity source.
PrincipalEntityType string
Specifies the namespace and data type of the principals generated for identities authenticated by the new identity source.
Configuration This property is required. IdentitySourceConfiguration0PropertiesArgs | IdentitySourceConfiguration1PropertiesArgs
Contains configuration information used when creating a new identity source.
PolicyStoreId This property is required. string
Specifies the ID of the policy store in which you want to store this identity source. Only policies and requests made using this policy store can reference identities from the identity provider configured in the new identity source.
PrincipalEntityType string
Specifies the namespace and data type of the principals generated for identities authenticated by the new identity source.
configuration This property is required. IdentitySourceConfiguration0Properties | IdentitySourceConfiguration1Properties
Contains configuration information used when creating a new identity source.
policyStoreId This property is required. String
Specifies the ID of the policy store in which you want to store this identity source. Only policies and requests made using this policy store can reference identities from the identity provider configured in the new identity source.
principalEntityType String
Specifies the namespace and data type of the principals generated for identities authenticated by the new identity source.
configuration This property is required. IdentitySourceConfiguration0Properties | IdentitySourceConfiguration1Properties
Contains configuration information used when creating a new identity source.
policyStoreId This property is required. string
Specifies the ID of the policy store in which you want to store this identity source. Only policies and requests made using this policy store can reference identities from the identity provider configured in the new identity source.
principalEntityType string
Specifies the namespace and data type of the principals generated for identities authenticated by the new identity source.
configuration This property is required. IdentitySourceConfiguration0PropertiesArgs | IdentitySourceConfiguration1PropertiesArgs
Contains configuration information used when creating a new identity source.
policy_store_id This property is required. str
Specifies the ID of the policy store in which you want to store this identity source. Only policies and requests made using this policy store can reference identities from the identity provider configured in the new identity source.
principal_entity_type str
Specifies the namespace and data type of the principals generated for identities authenticated by the new identity source.
configuration This property is required. Property Map | Property Map
Contains configuration information used when creating a new identity source.
policyStoreId This property is required. String
Specifies the ID of the policy store in which you want to store this identity source. Only policies and requests made using this policy store can reference identities from the identity provider configured in the new identity source.
principalEntityType String
Specifies the namespace and data type of the principals generated for identities authenticated by the new identity source.

Outputs

All input properties are implicitly available as output properties. Additionally, the IdentitySource resource produces the following output properties:

Details Pulumi.AwsNative.VerifiedPermissions.Outputs.IdentitySourceDetails
Id string
The provider-assigned unique ID for this managed resource.
IdentitySourceId string
The unique ID of the new or updated identity store.
Details IdentitySourceDetails
Id string
The provider-assigned unique ID for this managed resource.
IdentitySourceId string
The unique ID of the new or updated identity store.
details IdentitySourceDetails
id String
The provider-assigned unique ID for this managed resource.
identitySourceId String
The unique ID of the new or updated identity store.
details IdentitySourceDetails
id string
The provider-assigned unique ID for this managed resource.
identitySourceId string
The unique ID of the new or updated identity store.
details IdentitySourceDetails
id str
The provider-assigned unique ID for this managed resource.
identity_source_id str
The unique ID of the new or updated identity store.
details Property Map
id String
The provider-assigned unique ID for this managed resource.
identitySourceId String
The unique ID of the new or updated identity store.

Supporting Types

IdentitySourceCognitoGroupConfiguration
, IdentitySourceCognitoGroupConfigurationArgs

GroupEntityType This property is required. string
GroupEntityType This property is required. string
groupEntityType This property is required. String
groupEntityType This property is required. string
group_entity_type This property is required. str
groupEntityType This property is required. String

IdentitySourceCognitoUserPoolConfiguration
, IdentitySourceCognitoUserPoolConfigurationArgs

userPoolArn This property is required. String
clientIds List<String>
groupConfiguration Property Map

IdentitySourceConfiguration0Properties
, IdentitySourceConfiguration0PropertiesArgs

cognitoUserPoolConfiguration This property is required. Property Map

IdentitySourceConfiguration1Properties
, IdentitySourceConfiguration1PropertiesArgs

openIdConnectConfiguration This property is required. Property Map

IdentitySourceDetails
, IdentitySourceDetailsArgs

IdentitySourceOpenIdConnectAccessTokenConfiguration
, IdentitySourceOpenIdConnectAccessTokenConfigurationArgs

Audiences List<string>
PrincipalIdClaim string
audiences List<String>
principalIdClaim String
audiences Sequence[str]
principal_id_claim str
audiences List<String>
principalIdClaim String

IdentitySourceOpenIdConnectConfiguration
, IdentitySourceOpenIdConnectConfigurationArgs

issuer This property is required. String
tokenSelection This property is required. Property Map | Property Map
entityIdPrefix String
groupConfiguration Property Map

IdentitySourceOpenIdConnectGroupConfiguration
, IdentitySourceOpenIdConnectGroupConfigurationArgs

GroupClaim This property is required. string
GroupEntityType This property is required. string
GroupClaim This property is required. string
GroupEntityType This property is required. string
groupClaim This property is required. String
groupEntityType This property is required. String
groupClaim This property is required. string
groupEntityType This property is required. string
group_claim This property is required. str
group_entity_type This property is required. str
groupClaim This property is required. String
groupEntityType This property is required. String

IdentitySourceOpenIdConnectIdentityTokenConfiguration
, IdentitySourceOpenIdConnectIdentityTokenConfigurationArgs

ClientIds List<string>
PrincipalIdClaim string
clientIds List<String>
principalIdClaim String
clientIds List<String>
principalIdClaim String

IdentitySourceOpenIdConnectTokenSelection0Properties
, IdentitySourceOpenIdConnectTokenSelection0PropertiesArgs

accessTokenOnly This property is required. Property Map

IdentitySourceOpenIdConnectTokenSelection1Properties
, IdentitySourceOpenIdConnectTokenSelection1PropertiesArgs

identityTokenOnly This property is required. Property Map

IdentitySourceOpenIdIssuer
, IdentitySourceOpenIdIssuerArgs

Cognito
COGNITO
IdentitySourceOpenIdIssuerCognito
COGNITO
Cognito
COGNITO
Cognito
COGNITO
COGNITO
COGNITO
"COGNITO"
COGNITO

Package Details

Repository
AWS Native pulumi/pulumi-aws-native
License
Apache-2.0

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.27.0 published on Monday, Apr 14, 2025 by Pulumi
pulumi/pulumi-aws-native