How to set dynamic RoleMappings key for IndentityPoolRoleAttachment in CloudFormation
I am creating a stack to initialize the installation Cognito
. As part of this, I have set up user groups with associated roles. I need to set a parameter Choose role from token
allowing ids to use roles from the group (s) they are assigned to.
This is done through an object RoleMappings
within an object IndentityPoolRoleAttachment
. This mapping object is a map string -> object
where the string represents the identity provider. In my case, this is:
cognito-idp.${some-region}.amazonaws.com/${some-userpool-id}:${some-pool-client-id}
Obviously this should be dynamically built based on the values ββon the stack, but I haven't found a way to make it syntactically correct. Using Ref
and Fn::Sub
results in syntax errors. I've tried in yaml and json syntax.
Am I missing something obvious?
source to share
No one has answered this question yet
See similar questions:
or similar: