AWS CLI Command Reference

[ aws . amplifybackend ]

create-backend-auth

Description

Creates a new backend authentication resource.

See also: AWS API Documentation

See ‘aws help’ for descriptions of global parameters.

Synopsis

  create-backend-auth
--app-id <value>
--backend-environment-name <value>
--resource-config <value>
--resource-name <value>
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]

Options

--app-id (string)

The app ID.

--backend-environment-name (string)

The name of the backend environment.

--resource-config (structure)

The resource configuration for this request object.

AuthResources -> (string)

Defines whether you want to configure only authentication or both authentication and authorization settings.

IdentityPoolConfigs -> (structure)

Describes the authorization configuration for the Amazon Cognito identity pool, provisioned as a part of your auth resource in the Amplify project.

IdentityPoolName -> (string)

Name of the Amazon Cognito identity pool used for authorization.

UnauthenticatedLogin -> (boolean)

Set to true or false based on whether you want to enable guest authorization to your Amplify app.

Service -> (string)

Defines the service name to use when configuring an authentication resource in your Amplify project.

UserPoolConfigs -> (structure)

Describes authentication configuration for the Amazon Cognito user pool, provisioned as a part of your auth resource in the Amplify project.

ForgotPassword -> (structure)

Describes the forgotten password policy for your Amazon Cognito user pool, configured as a part of your Amplify project.

DeliveryMethod -> (string)

Describes which mode to use (either SMS or email) to deliver messages to app users who want to recover their password.

EmailSettings -> (structure)

The configuration for the email sent when an app user forgets their password.

EmailMessage -> (string)

The body of the email.

EmailSubject -> (string)

The subject of the email.

SmsSettings -> (structure)

The configuration for the SMS message sent when an app user forgets their password.

SmsMessage -> (string)

The body of the SMS message.

Mfa -> (structure)

Describes whether to apply multi-factor authentication policies for your Amazon Cognito user pool configured as a part of your Amplify project.

MFAMode -> (string)

Describes whether MFA should be [ON, OFF, or OPTIONAL] for authentication in your Amplify project.

Settings -> (structure)

Describes the configuration settings and methods for your Amplify app users to use MFA.

MfaTypes -> (list)

The supported MFA types.

(string)

SmsMessage -> (string)

The body of the SMS message.

OAuth -> (structure)

Describes the OAuth policy and rules for your Amazon Cognito user pool, configured as a part of your Amplify project.

DomainPrefix -> (string)

The domain prefix for your Amplify app.

OAuthGrantType -> (string)

The OAuth grant type that you use to allow app users to authenticate from your Amplify app.

OAuthScopes -> (list)

List of OAuth-related flows used to allow your app users to authenticate from your Amplify app.

(string)

RedirectSignInURIs -> (list)

The redirected URI for signing in to your Amplify app.

(string)

RedirectSignOutURIs -> (list)

Redirect URLs that OAuth uses when a user signs out of an Amplify app.

(string)

SocialProviderSettings -> (structure)

The settings for using social providers to access your Amplify app.

Facebook -> (structure)

Describes third-party social federation configurations for allowing your app users to sign in using OAuth.

ClientId -> (string)

Describes the client_id, which can be obtained from the third-party social federation provider.

ClientSecret -> (string)

Describes the client_secret, which can be obtained from third-party social federation providers.

Google -> (structure)

Describes third-party social federation configurations for allowing your app users to sign in using OAuth.

ClientId -> (string)

Describes the client_id, which can be obtained from the third-party social federation provider.

ClientSecret -> (string)

Describes the client_secret, which can be obtained from third-party social federation providers.

LoginWithAmazon -> (structure)

Describes third-party social federation configurations for allowing your app users to sign in using OAuth.

ClientId -> (string)

Describes the client_id, which can be obtained from the third-party social federation provider.

ClientSecret -> (string)

Describes the client_secret, which can be obtained from third-party social federation providers.

SignInWithApple -> (structure)

Describes Apple social federation configurations for allowing your app users to sign in using OAuth.

ClientId -> (string)

Describes the client_id (also called Services ID) that comes from Apple.

KeyId -> (string)

Describes the key_id that comes from Apple.

PrivateKey -> (string)

Describes the private_key that comes from Apple.

TeamId -> (string)

Describes the team_id that comes from Apple.

PasswordPolicy -> (structure)

Describes the password policy for your Amazon Cognito user pool, configured as a part of your Amplify project.

AdditionalConstraints -> (list)

Additional constraints for the password used to access the backend of your Amplify project.

(string)

MinimumLength -> (double)

The minimum length of the password used to access the backend of your Amplify project.

RequiredSignUpAttributes -> (list)

The required attributes to sign up new users in the user pool.

(string)

SignInMethod -> (string)

Describes the sign-in methods that your Amplify app users use to log in using the Amazon Cognito user pool, configured as a part of your Amplify project.

UserPoolName -> (string)

The Amazon Cognito user pool name.

JSON Syntax:

{
  "AuthResources": "USER_POOL_ONLY"|"IDENTITY_POOL_AND_USER_POOL",
  "IdentityPoolConfigs": {
    "IdentityPoolName": "string",
    "UnauthenticatedLogin": true|false
  },
  "Service": "COGNITO",
  "UserPoolConfigs": {
    "ForgotPassword": {
      "DeliveryMethod": "EMAIL"|"SMS",
      "EmailSettings": {
        "EmailMessage": "string",
        "EmailSubject": "string"
      },
      "SmsSettings": {
        "SmsMessage": "string"
      }
    },
    "Mfa": {
      "MFAMode": "ON"|"OFF"|"OPTIONAL",
      "Settings": {
        "MfaTypes": ["SMS"|"TOTP", ...],
        "SmsMessage": "string"
      }
    },
    "OAuth": {
      "DomainPrefix": "string",
      "OAuthGrantType": "CODE"|"IMPLICIT",
      "OAuthScopes": ["PHONE"|"EMAIL"|"OPENID"|"PROFILE"|"AWS_COGNITO_SIGNIN_USER_ADMIN", ...],
      "RedirectSignInURIs": ["string", ...],
      "RedirectSignOutURIs": ["string", ...],
      "SocialProviderSettings": {
        "Facebook": {
          "ClientId": "string",
          "ClientSecret": "string"
        },
        "Google": {
          "ClientId": "string",
          "ClientSecret": "string"
        },
        "LoginWithAmazon": {
          "ClientId": "string",
          "ClientSecret": "string"
        },
        "SignInWithApple": {
          "ClientId": "string",
          "KeyId": "string",
          "PrivateKey": "string",
          "TeamId": "string"
        }
      }
    },
    "PasswordPolicy": {
      "AdditionalConstraints": ["REQUIRE_DIGIT"|"REQUIRE_LOWERCASE"|"REQUIRE_SYMBOL"|"REQUIRE_UPPERCASE", ...],
      "MinimumLength": double
    },
    "RequiredSignUpAttributes": ["ADDRESS"|"BIRTHDATE"|"EMAIL"|"FAMILY_NAME"|"GENDER"|"GIVEN_NAME"|"LOCALE"|"MIDDLE_NAME"|"NAME"|"NICKNAME"|"PHONE_NUMBER"|"PICTURE"|"PREFERRED_USERNAME"|"PROFILE"|"UPDATED_AT"|"WEBSITE"|"ZONE_INFO", ...],
    "SignInMethod": "EMAIL"|"EMAIL_AND_PHONE_NUMBER"|"PHONE_NUMBER"|"USERNAME",
    "UserPoolName": "string"
  }
}

--resource-name (string)

The name of this resource.

--cli-input-json | --cli-input-yaml (string) Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. Similarly, if provided yaml-input it will print a sample input YAML that can be used with --cli-input-yaml. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

See ‘aws help’ for descriptions of global parameters.

Output

AppId -> (string)

The app ID.

BackendEnvironmentName -> (string)

The name of the backend environment.

Error -> (string)

If the request fails, this error is returned.

JobId -> (string)

The ID for the job.

Operation -> (string)

The name of the operation.

Status -> (string)

The current status of the request.

© Copyright 2018, Amazon Web Services. Created using Sphinx.