From 086896f4f553608f5f7141f7ec5c2cc072436fd3 Mon Sep 17 00:00:00 2001 From: Marat Salimzianov Date: Thu, 12 Dec 2024 21:35:27 +0100 Subject: [PATCH] feat(cognito): custom identity providers for the user pool client --- infrastructure/parallelcluster-ui.yaml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/infrastructure/parallelcluster-ui.yaml b/infrastructure/parallelcluster-ui.yaml index 11b7b99a..b0e93601 100644 --- a/infrastructure/parallelcluster-ui.yaml +++ b/infrastructure/parallelcluster-ui.yaml @@ -27,6 +27,10 @@ Parameters: Description: UserPoolAuthDomain of a previously deployed PCUI Cognito User Pool. Leave blank to create a new one. Type: String Default: '' + UserPoolClientIdentityProviders: + Description: "Comma separated list of provider names for the identity providers (IdPs) that are supported on this client. The following are supported: COGNITO, Facebook, Google, SignInWithApple, and LoginWithAmazon. You can also specify the names that you configured for the SAML and OIDC IdPs in your user pool, for example MySAMLIdP or MyOIDCIdP." + Type: CommaDelimitedList + Default: 'COGNITO' SNSRole: Description: SNSRole ARN of a previously deployed PCUI Cognito Stack. Leave blank to create a new one. Type: String @@ -101,6 +105,7 @@ Metadata: - UserPoolId - UserPoolAuthDomain - SNSRole + - UserPoolClientIdentityProviders - Label: default: ParallelCluster API Parameters: @@ -416,8 +421,7 @@ Resources: - !Sub - https://${Api}.execute-api.${AWS::Region}.${AWS::URLSuffix}/${Stage}/login - { Api: !Ref ApiGatewayRestApi, Stage: !Ref ApiGatewayRestStage } - SupportedIdentityProviders: - - COGNITO + SupportedIdentityProviders: !Ref UserPoolClientIdentityProviders UserPoolId: !If [ UseExistingCognito, !Ref UserPoolId, !GetAtt [ Cognito, Outputs.UserPoolId ]] PreventUserExistenceErrors: ENABLED RefreshTokenValidity: 7