We recommend new projects start with resources from the AWS provider.
aws-native.cognito.UserPoolGroup
Explore with Pulumi AI
We recommend new projects start with resources from the AWS provider.
Resource Type definition for AWS::Cognito::UserPoolGroup
Create UserPoolGroup Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new UserPoolGroup(name: string, args: UserPoolGroupArgs, opts?: CustomResourceOptions);@overload
def UserPoolGroup(resource_name: str,
                  args: UserPoolGroupArgs,
                  opts: Optional[ResourceOptions] = None)
@overload
def UserPoolGroup(resource_name: str,
                  opts: Optional[ResourceOptions] = None,
                  user_pool_id: Optional[str] = None,
                  description: Optional[str] = None,
                  group_name: Optional[str] = None,
                  precedence: Optional[int] = None,
                  role_arn: Optional[str] = None)func NewUserPoolGroup(ctx *Context, name string, args UserPoolGroupArgs, opts ...ResourceOption) (*UserPoolGroup, error)public UserPoolGroup(string name, UserPoolGroupArgs args, CustomResourceOptions? opts = null)
public UserPoolGroup(String name, UserPoolGroupArgs args)
public UserPoolGroup(String name, UserPoolGroupArgs args, CustomResourceOptions options)
type: aws-native:cognito:UserPoolGroup
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args UserPoolGroupArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args UserPoolGroupArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args UserPoolGroupArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args UserPoolGroupArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args UserPoolGroupArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
UserPoolGroup Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The UserPoolGroup resource accepts the following input properties:
- UserPool stringId 
- The ID of the user pool where you want to create a user group.
- Description string
- A description of the group that you're creating.
- GroupName string
- A name for the group. This name must be unique in your user pool.
- Precedence int
- A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower - Precedencevalues take precedence over groups with higher or null- Precedencevalues. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the- cognito:rolesand- cognito:preferred_roleclaims.- Two groups can have the same - Precedencevalue. If this happens, neither group takes precedence over the other. If two groups with the same- Precedencehave the same role ARN, that role is used in the- cognito:preferred_roleclaim in tokens for users in each group. If the two groups have different role ARNs, the- cognito:preferred_roleclaim isn't set in users' tokens.- The default - Precedencevalue is null. The maximum- Precedencevalue is- 2^31-1.
- RoleArn string
- The Amazon Resource Name (ARN) for the IAM role that you want to associate with the group. A group role primarily declares a preferred role for the credentials that you get from an identity pool. Amazon Cognito ID tokens have a cognito:preferred_roleclaim that presents the highest-precedence group that a user belongs to. Both ID and access tokens also contain acognito:groupsclaim that list all the groups that a user is a member of.
- UserPool stringId 
- The ID of the user pool where you want to create a user group.
- Description string
- A description of the group that you're creating.
- GroupName string
- A name for the group. This name must be unique in your user pool.
- Precedence int
- A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower - Precedencevalues take precedence over groups with higher or null- Precedencevalues. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the- cognito:rolesand- cognito:preferred_roleclaims.- Two groups can have the same - Precedencevalue. If this happens, neither group takes precedence over the other. If two groups with the same- Precedencehave the same role ARN, that role is used in the- cognito:preferred_roleclaim in tokens for users in each group. If the two groups have different role ARNs, the- cognito:preferred_roleclaim isn't set in users' tokens.- The default - Precedencevalue is null. The maximum- Precedencevalue is- 2^31-1.
- RoleArn string
- The Amazon Resource Name (ARN) for the IAM role that you want to associate with the group. A group role primarily declares a preferred role for the credentials that you get from an identity pool. Amazon Cognito ID tokens have a cognito:preferred_roleclaim that presents the highest-precedence group that a user belongs to. Both ID and access tokens also contain acognito:groupsclaim that list all the groups that a user is a member of.
- userPool StringId 
- The ID of the user pool where you want to create a user group.
- description String
- A description of the group that you're creating.
- groupName String
- A name for the group. This name must be unique in your user pool.
- precedence Integer
- A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower - Precedencevalues take precedence over groups with higher or null- Precedencevalues. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the- cognito:rolesand- cognito:preferred_roleclaims.- Two groups can have the same - Precedencevalue. If this happens, neither group takes precedence over the other. If two groups with the same- Precedencehave the same role ARN, that role is used in the- cognito:preferred_roleclaim in tokens for users in each group. If the two groups have different role ARNs, the- cognito:preferred_roleclaim isn't set in users' tokens.- The default - Precedencevalue is null. The maximum- Precedencevalue is- 2^31-1.
- roleArn String
- The Amazon Resource Name (ARN) for the IAM role that you want to associate with the group. A group role primarily declares a preferred role for the credentials that you get from an identity pool. Amazon Cognito ID tokens have a cognito:preferred_roleclaim that presents the highest-precedence group that a user belongs to. Both ID and access tokens also contain acognito:groupsclaim that list all the groups that a user is a member of.
- userPool stringId 
- The ID of the user pool where you want to create a user group.
- description string
- A description of the group that you're creating.
- groupName string
- A name for the group. This name must be unique in your user pool.
- precedence number
- A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower - Precedencevalues take precedence over groups with higher or null- Precedencevalues. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the- cognito:rolesand- cognito:preferred_roleclaims.- Two groups can have the same - Precedencevalue. If this happens, neither group takes precedence over the other. If two groups with the same- Precedencehave the same role ARN, that role is used in the- cognito:preferred_roleclaim in tokens for users in each group. If the two groups have different role ARNs, the- cognito:preferred_roleclaim isn't set in users' tokens.- The default - Precedencevalue is null. The maximum- Precedencevalue is- 2^31-1.
- roleArn string
- The Amazon Resource Name (ARN) for the IAM role that you want to associate with the group. A group role primarily declares a preferred role for the credentials that you get from an identity pool. Amazon Cognito ID tokens have a cognito:preferred_roleclaim that presents the highest-precedence group that a user belongs to. Both ID and access tokens also contain acognito:groupsclaim that list all the groups that a user is a member of.
- user_pool_ strid 
- The ID of the user pool where you want to create a user group.
- description str
- A description of the group that you're creating.
- group_name str
- A name for the group. This name must be unique in your user pool.
- precedence int
- A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower - Precedencevalues take precedence over groups with higher or null- Precedencevalues. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the- cognito:rolesand- cognito:preferred_roleclaims.- Two groups can have the same - Precedencevalue. If this happens, neither group takes precedence over the other. If two groups with the same- Precedencehave the same role ARN, that role is used in the- cognito:preferred_roleclaim in tokens for users in each group. If the two groups have different role ARNs, the- cognito:preferred_roleclaim isn't set in users' tokens.- The default - Precedencevalue is null. The maximum- Precedencevalue is- 2^31-1.
- role_arn str
- The Amazon Resource Name (ARN) for the IAM role that you want to associate with the group. A group role primarily declares a preferred role for the credentials that you get from an identity pool. Amazon Cognito ID tokens have a cognito:preferred_roleclaim that presents the highest-precedence group that a user belongs to. Both ID and access tokens also contain acognito:groupsclaim that list all the groups that a user is a member of.
- userPool StringId 
- The ID of the user pool where you want to create a user group.
- description String
- A description of the group that you're creating.
- groupName String
- A name for the group. This name must be unique in your user pool.
- precedence Number
- A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower - Precedencevalues take precedence over groups with higher or null- Precedencevalues. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the- cognito:rolesand- cognito:preferred_roleclaims.- Two groups can have the same - Precedencevalue. If this happens, neither group takes precedence over the other. If two groups with the same- Precedencehave the same role ARN, that role is used in the- cognito:preferred_roleclaim in tokens for users in each group. If the two groups have different role ARNs, the- cognito:preferred_roleclaim isn't set in users' tokens.- The default - Precedencevalue is null. The maximum- Precedencevalue is- 2^31-1.
- roleArn String
- The Amazon Resource Name (ARN) for the IAM role that you want to associate with the group. A group role primarily declares a preferred role for the credentials that you get from an identity pool. Amazon Cognito ID tokens have a cognito:preferred_roleclaim that presents the highest-precedence group that a user belongs to. Both ID and access tokens also contain acognito:groupsclaim that list all the groups that a user is a member of.
Outputs
All input properties are implicitly available as output properties. Additionally, the UserPoolGroup resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Package Details
- Repository
- AWS Native pulumi/pulumi-aws-native
- License
- Apache-2.0
We recommend new projects start with resources from the AWS provider.