UNPKG

aws-cdk-lib

Version:

Version 2 of the AWS Cloud Development Kit library

github.com/aws/aws-cdk

aws/aws-cdk

109 lines (108 loc) 3.46 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
import { Construct } from 'constructs'; import { UserPoolIdentityProviderProps } from './base'; import { UserPoolIdentityProviderBase } from './private/user-pool-idp-base'; /** * Properties to initialize UserPoolIdentityProviderSaml. */ export interface UserPoolIdentityProviderSamlProps extends UserPoolIdentityProviderProps { /** * The name of the provider. Must be between 3 and 32 characters. * * @default - the unique ID of the construct */ readonly name?: string; /** * Identifiers * * Identifiers can be used to redirect users to the correct IdP in multitenant apps. * * @default - no identifiers used */ readonly identifiers?: string[]; /** * The SAML metadata. */ readonly metadata: UserPoolIdentityProviderSamlMetadata; /** * Whether to enable the "Sign-out flow" feature. * * @default - false */ readonly idpSignout?: boolean; /** * Whether to require encrypted SAML assertions from IdP. * * @see https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-SAML-signing-encryption.html#cognito-user-pools-SAML-encryption * * @default false */ readonly encryptedResponses?: boolean; /** * The signing algorithm for SAML requests. * * @see https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-SAML-signing-encryption.html#cognito-user-pools-SAML-signing * * @default - don't sign requests */ readonly requestSigningAlgorithm?: SigningAlgorithm; /** * Whether to enable IdP-initiated SAML auth flows. * * @default false */ readonly idpInitiated?: boolean; } /** * Signing algorithms for SAML requests. */ export declare enum SigningAlgorithm { /** * RSA with SHA-256. */ RSA_SHA256 = "rsa-sha256" } /** * Metadata types that can be used for a SAML user pool identity provider. */ export declare enum UserPoolIdentityProviderSamlMetadataType { /** Metadata provided via a URL. */ URL = "url", /** Metadata provided via the contents of a file. */ FILE = "file" } /** * Metadata for a SAML user pool identity provider. */ export declare class UserPoolIdentityProviderSamlMetadata { readonly metadataContent: string; readonly metadataType: UserPoolIdentityProviderSamlMetadataType; /** * Specify SAML metadata via a URL. */ static url(url: string): UserPoolIdentityProviderSamlMetadata; /** * Specify SAML metadata via the contents of a file. */ static file(fileContent: string): UserPoolIdentityProviderSamlMetadata; /** * Construct the metadata for a SAML identity provider. * * @param metadataContent A URL hosting SAML metadata, or the content of a file containing SAML metadata. * @param metadataType The type of metadata, either a URL or file content. */ private constructor(); } /** * Represents an identity provider that integrates with SAML. * @resource AWS::Cognito::UserPoolIdentityProvider */ export declare class UserPoolIdentityProviderSaml extends UserPoolIdentityProviderBase { /** * Uniquely identifies this class. */ static readonly PROPERTY_INJECTION_ID: string; readonly providerName: string; constructor(scope: Construct, id: string, props: UserPoolIdentityProviderSamlProps); private getProviderName; private validateName; }