class Aws::CognitoIdentity::Types::SetIdentityPoolRolesInput

Input to the `SetIdentityPoolRoles` action.

@note When making an API call, you may pass SetIdentityPoolRolesInput

data as a hash:

    {
      identity_pool_id: "IdentityPoolId", # required
      roles: { # required
        "RoleType" => "ARNString",
      },
      role_mappings: {
        "IdentityProviderName" => {
          type: "Token", # required, accepts Token, Rules
          ambiguous_role_resolution: "AuthenticatedRole", # accepts AuthenticatedRole, Deny
          rules_configuration: {
            rules: [ # required
              {
                claim: "ClaimName", # required
                match_type: "Equals", # required, accepts Equals, Contains, StartsWith, NotEqual
                value: "ClaimValue", # required
                role_arn: "ARNString", # required
              },
            ],
          },
        },
      },
    }

@!attribute [rw] identity_pool_id

An identity pool ID in the format REGION:GUID.
@return [String]

@!attribute [rw] roles

The map of roles associated with this pool. For a given role, the
key will be either "authenticated" or "unauthenticated" and the
value will be the Role ARN.
@return [Hash<String,String>]

@!attribute [rw] role_mappings

How users for a specific identity provider are to mapped to roles.
This is a string to RoleMapping object map. The string identifies
the identity provider, for example, "graph.facebook.com" or
"cognito-idp.us-east-1.amazonaws.com/us-east-1\_abcdefghi:app\_client\_id".

Up to 25 rules can be specified per identity provider.
@return [Hash<String,Types::RoleMapping>]

@see docs.aws.amazon.com/goto/WebAPI/cognito-identity-2014-06-30/SetIdentityPoolRolesInput AWS API Documentation

Constants

SENSITIVE