[ aws . amplifybackend ]
Creates a new backend authentication resource.
See also: AWS API Documentation
See ‘aws help’ for descriptions of global parameters.
create-backend-auth
--app-id <value>
--backend-environment-name <value>
--resource-config <value>
--resource-name <value>
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
--app-id
(string)
The app ID.
--backend-environment-name
(string)
The name of the backend environment.
--resource-config
(structure)
The resource configuration for this request object.
AuthResources -> (string)
Defines whether you want to configure only authentication or both authentication and authorization settings.
IdentityPoolConfigs -> (structure)
Describes the authorization configuration for the Amazon Cognito identity pool, provisioned as a part of the auth resource in your Amplify project.
IdentityPoolName -> (string)
Name of the identity pool used for authorization.
UnauthenticatedLogin -> (boolean)
Set to true or false based on whether you want to enable guest authorization to your Amplify app.
Service -> (string)
Defines the service name to use when configuring an authentication resource in your Amplify project.
UserPoolConfigs -> (structure)
Describes the authentication configuration for the Amazon Cognito user pool, provisioned as a part of the auth resource in your Amplify project.
ForgotPassword -> (structure)
Describes the forgotten password policy for your Amazon Cognito user pool, configured as a part of your Amplify project.
DeliveryMethod -> (string)
Describes which method to use (either SMS or email) to deliver messages to app users that want to recover their password.
EmailSettings -> (structure)
The configuration for the email sent when an app user forgets their password.
EmailMessage -> (string)
The body of the email.
EmailSubject -> (string)
The subject of the email.
SmsSettings -> (structure)
The configuration for the SMS message sent when an app user forgets their password.
SmsMessage -> (string)
The body of the SMS message.
Mfa -> (structure)
Describes whether to apply multi-factor authentication (MFA) policies for your Amazon Cognito user pool that’s configured as a part of your Amplify project.
MFAMode -> (string)
Describes whether MFA should be [ON, OFF, or OPTIONAL] for authentication in your Amplify project.
Settings -> (structure)
Describes the configuration settings and methods for your Amplify app users to use MFA.
MfaTypes -> (list)
The supported MFA types.
(string)
SmsMessage -> (string)
The body of the SMS message.
OAuth -> (structure)
Describes the OAuth policy and rules for your Amazon Cognito user pool, configured as a part of your Amplify project.
DomainPrefix -> (string)
The domain prefix for your Amplify app.
OAuthGrantType -> (string)
The OAuth grant type that you use to allow app users to authenticate from your Amplify app.
OAuthScopes -> (list)
List of OAuth-related flows that allow your app users to authenticate from your Amplify app.
(string)
RedirectSignInURIs -> (list)
The redirected URI for signing in to your Amplify app.
(string)
RedirectSignOutURIs -> (list)
Redirect URLs that OAuth uses when a user signs out of an Amplify app.
(string)
SocialProviderSettings -> (structure)
The settings for using social identity providers for access to your Amplify app.
Facebook -> (structure)
Describes third-party social federation configurations for allowing your app users to sign in using OAuth.
ClientId -> (string)
Describes the client_id that can be obtained from the third-party social federation provider.
ClientSecret -> (string)
Describes the client_secret that can be obtained from third-party social federation providers.
Google -> (structure)
Describes third-party social federation configurations for allowing your app users to sign in using OAuth.
ClientId -> (string)
Describes the client_id that can be obtained from the third-party social federation provider.
ClientSecret -> (string)
Describes the client_secret that can be obtained from third-party social federation providers.
LoginWithAmazon -> (structure)
Describes third-party social federation configurations for allowing your app users to sign in using OAuth.
ClientId -> (string)
Describes the client_id that can be obtained from the third-party social federation provider.
ClientSecret -> (string)
Describes the client_secret that can be obtained from third-party social federation providers.
PasswordPolicy -> (structure)
Describes the password policy for your Amazon Cognito user pool, configured as a part of your Amplify project.
AdditionalConstraints -> (list)
Additional constraints for the password used to access the backend of your Amplify project.
(string)
MinimumLength -> (double)
The minimum length of the password used to access the backend of your Amplify project.
RequiredSignUpAttributes -> (list)
The required attributes to sign up new users in the Amazon Cognito user pool.
(string)
SignInMethod -> (string)
Describes the sign-in methods that your Amplify app users to log in using the Amazon Cognito user pool that’s configured as a part of your Amplify project.
UserPoolName -> (string)
The Amazon Cognito user pool name.
JSON Syntax:
{
"AuthResources": "USER_POOL_ONLY"|"IDENTITY_POOL_AND_USER_POOL",
"IdentityPoolConfigs": {
"IdentityPoolName": "string",
"UnauthenticatedLogin": true|false
},
"Service": "COGNITO",
"UserPoolConfigs": {
"ForgotPassword": {
"DeliveryMethod": "EMAIL"|"SMS",
"EmailSettings": {
"EmailMessage": "string",
"EmailSubject": "string"
},
"SmsSettings": {
"SmsMessage": "string"
}
},
"Mfa": {
"MFAMode": "ON"|"OFF"|"OPTIONAL",
"Settings": {
"MfaTypes": ["SMS"|"TOTP", ...],
"SmsMessage": "string"
}
},
"OAuth": {
"DomainPrefix": "string",
"OAuthGrantType": "CODE"|"IMPLICIT",
"OAuthScopes": ["PHONE"|"EMAIL"|"OPENID"|"PROFILE"|"AWS_COGNITO_SIGNIN_USER_ADMIN", ...],
"RedirectSignInURIs": ["string", ...],
"RedirectSignOutURIs": ["string", ...],
"SocialProviderSettings": {
"Facebook": {
"ClientId": "string",
"ClientSecret": "string"
},
"Google": {
"ClientId": "string",
"ClientSecret": "string"
},
"LoginWithAmazon": {
"ClientId": "string",
"ClientSecret": "string"
}
}
},
"PasswordPolicy": {
"AdditionalConstraints": ["REQUIRE_DIGIT"|"REQUIRE_LOWERCASE"|"REQUIRE_SYMBOL"|"REQUIRE_UPPERCASE", ...],
"MinimumLength": double
},
"RequiredSignUpAttributes": ["ADDRESS"|"BIRTHDATE"|"EMAIL"|"FAMILY_NAME"|"GENDER"|"GIVEN_NAME"|"LOCALE"|"MIDDLE_NAME"|"NAME"|"NICKNAME"|"PHONE_NUMBER"|"PICTURE"|"PREFERRED_USERNAME"|"PROFILE"|"UPDATED_AT"|"WEBSITE"|"ZONE_INFO", ...],
"SignInMethod": "EMAIL"|"EMAIL_AND_PHONE_NUMBER"|"PHONE_NUMBER"|"USERNAME",
"UserPoolName": "string"
}
}
--resource-name
(string)
The name of this resource.
--cli-input-json
| --cli-input-yaml
(string)
Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton
. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml
.
--generate-cli-skeleton
(string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input
, prints a sample input JSON that can be used as an argument for --cli-input-json
. Similarly, if provided yaml-input
it will print a sample input YAML that can be used with --cli-input-yaml
. If provided with the value output
, it validates the command inputs and returns a sample output JSON for that command.
See ‘aws help’ for descriptions of global parameters.
AppId -> (string)
The app ID.
BackendEnvironmentName -> (string)
The name of the backend environment.
Error -> (string)
If the request failed, this is the returned error.
JobId -> (string)
The ID for the job.
Operation -> (string)
The name of the operation.
Status -> (string)
The current status of the request.