UNPKG

@pulumi/aws-native

Version:

The Pulumi AWS Cloud Control Provider enables you to build, deploy, and manage [any AWS resource that's supported by the AWS Cloud Control API](https://github.com/pulumi/pulumi-aws-native/blob/master/provider/cmd/pulumi-gen-aws-native/supported-types.txt)

pulumi.com

pulumi/pulumi-aws-native

48 lines (47 loc) 2.71 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
import * as pulumi from "@pulumi/pulumi"; /** * Resource Type definition for AWS::Cognito::UserPoolGroup */ export declare function getUserPoolGroup(args: GetUserPoolGroupArgs, opts?: pulumi.InvokeOptions): Promise<GetUserPoolGroupResult>; export interface GetUserPoolGroupArgs { /** * A name for the group. This name must be unique in your user pool. */ groupName: string; /** * The ID of the user pool where you want to create a user group. */ userPoolId: string; } export interface GetUserPoolGroupResult { /** * A description of the group that you're creating. */ readonly description?: string; /** * A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower `Precedence` values take precedence over groups with higher or null `Precedence` values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the `cognito:roles` and `cognito:preferred_role` claims. * * Two groups can have the same `Precedence` value. If this happens, neither group takes precedence over the other. If two groups with the same `Precedence` have the same role ARN, that role is used in the `cognito:preferred_role` claim in tokens for users in each group. If the two groups have different role ARNs, the `cognito:preferred_role` claim isn't set in users' tokens. * * The default `Precedence` value is null. The maximum `Precedence` value is `2^31-1` . */ readonly precedence?: number; /** * The Amazon Resource Name (ARN) for the IAM role that you want to associate with the group. A group role primarily declares a preferred role for the credentials that you get from an identity pool. Amazon Cognito ID tokens have a `cognito:preferred_role` claim that presents the highest-precedence group that a user belongs to. Both ID and access tokens also contain a `cognito:groups` claim that list all the groups that a user is a member of. */ readonly roleArn?: string; } /** * Resource Type definition for AWS::Cognito::UserPoolGroup */ export declare function getUserPoolGroupOutput(args: GetUserPoolGroupOutputArgs, opts?: pulumi.InvokeOutputOptions): pulumi.Output<GetUserPoolGroupResult>; export interface GetUserPoolGroupOutputArgs { /** * A name for the group. This name must be unique in your user pool. */ groupName: pulumi.Input<string>; /** * The ID of the user pool where you want to create a user group. */ userPoolId: pulumi.Input<string>; }