Cannot set a property of cognito userpool client via cloudformation

Question

I am trying to run congnito via cloudformation and everything works but there is section in cognito as follows:

As you see there is section \"Enable identity pr

Answer 1

As other answers stated, there is now a way to setup a UserPoolClient using CloudFormation however I arrived to this question looking for specific examples because I was struggle with some parameters. I want to put it here the example just in case someone is also looking for an example.

In my example I've also included a federated logon with google to make it more complete. If you don't want to login with google just remove it from SupportedIdentityProviders.

Template below:

AWSTemplateFormatVersion: 2010-09-09
Parameters: 
  envParameter: 
    Type: String
    Default: dev
    AllowedValues: [ dev, staging, prod ]
    Description: Suffix to be added for names.
Resources:
  myUserPool:
    DependsOn: [ cognitoSMSRole ]
    Type: AWS::Cognito::UserPool
    Properties:
      AccountRecoverySetting:
        RecoveryMechanisms: 
          - Name: verified_email
            Priority: 1
          - Name: verified_phone_number
            Priority: 2
      AdminCreateUserConfig: 
          AllowAdminCreateUserOnly: False
      AutoVerifiedAttributes: 
        - phone_number
      EnabledMfas: 
        - SMS_MFA
      MfaConfiguration: OPTIONAL
      Policies: 
        PasswordPolicy: 
          MinimumLength: 8
          RequireLowercase: True
          RequireNumbers: True
          RequireSymbols: True
          RequireUppercase: True
          TemporaryPasswordValidityDays: 7
      Schema: 
        - AttributeDataType: String
          DeveloperOnlyAttribute: False
          Mutable: False
          Name: name
          Required: True
        - AttributeDataType: String
          DeveloperOnlyAttribute: False
          Mutable: False
          Name: last_name
          Required: False
      SmsConfiguration:
          ExternalId: !Sub cognito-sms-role-${envParameter}
          SnsCallerArn: !GetAtt cognitoSMSRole.Arn
      UsernameAttributes: 
        - phone_number
      UsernameConfiguration: 
        CaseSensitive: False
      UserPoolName: !Sub UserPool-${envParameter}

  cognitoSMSRole:
    Type: "AWS::IAM::Role"
    Properties:
      AssumeRolePolicyDocument: 
        Version: "2012-10-17"
        Statement:
          - Effect: "Allow"
            Principal: 
              Service: 
                - "cognito-idp.amazonaws.com"
            Action: 
              - "sts:AssumeRole"
      Policies:
        - PolicyName: "CognitoSNSPolicy"
          PolicyDocument: 
            Version: "2012-10-17"
            Statement: 
              - Effect: "Allow"
                Action: "sns:publish"
                Resource: "*"

  cognitoClient:
    DependsOn: [ myUserPool, googleProvider ]
    Type: AWS::Cognito::UserPoolClient
    Properties: 
      AllowedOAuthFlows: 
        - code
        - implicit
      AllowedOAuthFlowsUserPoolClient: True
      AllowedOAuthScopes: 
        - email
        - openid
        - profile
      CallbackURLs: 
        - http://google.co.uk
      ClientName: !Sub cognito-appid-${envParameter}
      GenerateSecret: False
      LogoutURLs: 
        - http://google.co.uk
      PreventUserExistenceErrors: ENABLED 
      RefreshTokenValidity: 1
      SupportedIdentityProviders: 
        - COGNITO
        - Google
      UserPoolId: !Ref myUserPool
  googleProvider:
    DependsOn: [ myUserPool ]
    Type: AWS::Cognito::UserPoolIdentityProvider
    Properties: 
      AttributeMapping:
        name: emailAddress
        sub: Username
      ProviderDetails: 
        client_id: client_id.apps.googleusercontent.com
        client_secret: this_is_the_client_secret
        authorize_scopes: email openid profile
      ProviderName: Google
      ProviderType: Google
      UserPoolId: !Ref myUserPool


Outputs:
 userPool:
    Description: "User pool ID"
    Value: !Ref myUserPool
 identityPool:
    Description: "Identity pool ID"
    Value: !Ref cognitoClient