Once you have registered type handler (see deployment guide), you can use resource in your templates:
Resources: UserPool: Type: "AWS::Cognito::UserPool" Properties: # … Client: Type: "AWS::Cognito::UserPoolClient" Properties: UserPoolId: !Ref "UserPoolId" # … ClientData: Type: "WrzasqPl::Cognito::ClientData" Properties: UserPoolId: !Ref "UserPoolId" ClientId: !Ref "Client" ManagedSecret: Type: "AWS::SecretsManager::Secret" Properties: SecretString: !Sub | { "clientId": "${Client}", "clientSecret": "${ClientData.ClientSecret}" }
This resource type is a data provider - it accesses existing resource to expose its properties in the template.
To create client resource use AWS::Cognito::UserPoolClient
resource.
UserPoolId
(required) - string (physical resource ID)Cognito user pool ID.
ClientId
(required) - string (physical resource ID)Cognito client ID.
ClientSecret
- stringOAuth client secret.