Class: Aws::CognitoIdentity::Types::RoleMapping

Inherits:

Struct

• Object
• Struct
• Aws::CognitoIdentity::Types::RoleMapping

Includes:

Structure

Defined in:

lib/aws-sdk-cognitoidentity/types.rb

Overview

Note:

When making an API call, you may pass RoleMapping data as a hash:

{
  type: "Token", # required, accepts Token, Rules
  ambiguous_role_resolution: "AuthenticatedRole", # accepts AuthenticatedRole, Deny
  rules_configuration: {
    rules: [ # required
      {
        claim: "ClaimName", # required
        match_type: "Equals", # required, accepts Equals, Contains, StartsWith, NotEqual
        value: "ClaimValue", # required
        role_arn: "ARNString", # required
      },
    ],
  },
}

A role mapping.

See Also:

• AWS API Documentation

Instance Attribute Summary

• #ambiguous_role_resolution ⇒ String

  If you specify Token or Rules as the ‘Type`, `AmbiguousRoleResolution` is required.

• #rules_configuration ⇒ Types::RulesConfigurationType

  The rules to be used for mapping users to roles.

• #type ⇒ String

  The role mapping type.

Instance Attribute Details

#ambiguous_role_resolution ⇒ String

If you specify Token or Rules as the ‘Type`, `AmbiguousRoleResolution` is required.

Specifies the action to be taken if either no rules match the claim value for the ‘Rules` type, or there is no `cognito:preferred_role` claim and there are multiple `cognito:roles` matches for the `Token` type.

Returns:

• (String)

# File 'lib/aws-sdk-cognitoidentity/types.rb', line 990

class RoleMapping < Struct.new(
  :type,
  :ambiguous_role_resolution,
  :rules_configuration)
  include Aws::Structure
end

#rules_configuration ⇒ Types::RulesConfigurationType

The rules to be used for mapping users to roles.

If you specify Rules as the role mapping type, ‘RulesConfiguration` is required.

Returns:

• (Types::RulesConfigurationType)

# File 'lib/aws-sdk-cognitoidentity/types.rb', line 990

class RoleMapping < Struct.new(
  :type,
  :ambiguous_role_resolution,
  :rules_configuration)
  include Aws::Structure
end

#type ⇒ String

The role mapping type. Token will use ‘cognito:roles` and `cognito:preferred_role` claims from the Cognito identity provider token to map groups to roles. Rules will attempt to match claims from the token to map to a role.

Returns:

• (String)

# File 'lib/aws-sdk-cognitoidentity/types.rb', line 990

class RoleMapping < Struct.new(
  :type,
  :ambiguous_role_resolution,
  :rules_configuration)
  include Aws::Structure
end