-
Notifications
You must be signed in to change notification settings - Fork 4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Provide support in CDK for Cognito SAML signing and encryption #29494
Provide support in CDK for Cognito SAML signing and encryption #29494
Comments
Thanks for the feature request - it looks like this is supported in CloudFormation, saw a recent issue in the coverage roadmap repository: aws-cloudformation/cloudformation-coverage-roadmap#1963. Documentation for reference: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolidentityprovider.html#cfn-cognito-userpoolidentityprovider-providerdetails |
Great - I didn't find that documentation when I looked. I'm not too familiar with using the Cfn constructs in CDK and with ProviderDetails being typed as |
…Saml` (#29588) ### Issue # (if applicable) Closes #29494. Closes #29598. #29598 is really close issue and I tried to resolve it in this PR. If it is not good to resolve multiple issues in 1 PR, I would separate this PR. ### Reason for this change [`UserPoolIdentityProviderSaml` can configure `ProviderDetails`](https://docs.aws.amazon.com/ja_jp/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolidentityprovider.html#aws-resource-cognito-userpoolidentityprovider-properties) but there are some items that is not configurable from AWS CDK. - `EncryptedResponses` - `RequestSigningAlgorithm` - `IDPInit` ### Description of changes Add 3 properties to `UserPoolIdentityProviderSamlProps`. - `encryptedResponses` - `requestSigningAlgorithm` - `idpInitiated` ### Description of how you validated changes Added both unit and integ tests. ### Checklist - [x] My code adheres to the [CONTRIBUTING GUIDE](https://github.com/aws/aws-cdk/blob/main/CONTRIBUTING.md) and [DESIGN GUIDELINES](https://github.com/aws/aws-cdk/blob/main/docs/DESIGN_GUIDELINES.md) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
|
Describe the feature
With this announcement Cognito began to support Cognito SAML signing and encryption.
However, this isn't yet available in Cloudformation or CDK
Use Case
UserPoolIdentityProviderSaml
resets the options back to false so we can’t really use the feature without remembering to reset it manually after each deployment.Proposed Solution
Provide flags in
UserPoolIdentityProviderSaml
to enable these featuresOther Information
No response
Acknowledgements
CDK version used
2.132.1
Environment details (OS name and version, etc.)
TypeScript CDK
The text was updated successfully, but these errors were encountered: