Class: AWSCDK::Cognito::CfnUserPoolProps

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
cognito/cfn_user_pool_props.rb

Overview

Properties for defining a CfnUserPool.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(account_recovery_setting: nil, admin_create_user_config: nil, alias_attributes: nil, auto_verified_attributes: nil, deletion_protection: nil, device_configuration: nil, email_authentication_message: nil, email_authentication_subject: nil, email_configuration: nil, email_verification_message: nil, email_verification_subject: nil, enabled_mfas: nil, lambda_config: nil, mfa_configuration: nil, policies: nil, schema: nil, sms_authentication_message: nil, sms_configuration: nil, sms_verification_message: nil, user_attribute_update_settings: nil, username_attributes: nil, username_configuration: nil, user_pool_add_ons: nil, user_pool_name: nil, user_pool_tags: nil, user_pool_tier: nil, verification_message_template: nil, web_authn_factor_configuration: nil, web_authn_relying_party_id: nil, web_authn_user_verification: nil) ⇒ CfnUserPoolProps

Returns a new instance of CfnUserPoolProps.

Parameters:

  • account_recovery_setting (AWSCDK::IResolvable, AWSCDK::Cognito::CfnUserPool::AccountRecoverySettingProperty, nil) (defaults to: nil)

    The available verified method a user can use to recover their password when they call ForgotPassword .

  • admin_create_user_config (AWSCDK::IResolvable, AWSCDK::Cognito::CfnUserPool::AdminCreateUserConfigProperty, nil) (defaults to: nil)

    The settings for administrator creation of users in a user pool.

  • alias_attributes (Array<String>, nil) (defaults to: nil)

    Attributes supported as an alias for this user pool.

  • auto_verified_attributes (Array<String>, nil) (defaults to: nil)

    The attributes that you want your user pool to automatically verify.

  • deletion_protection (String, nil) (defaults to: nil)

    When active, DeletionProtection prevents accidental deletion of your user pool.

  • device_configuration (AWSCDK::IResolvable, AWSCDK::Cognito::CfnUserPool::DeviceConfigurationProperty, nil) (defaults to: nil)

    The device-remembering configuration for a user pool.

  • email_authentication_message (String, nil) (defaults to: nil)
  • email_authentication_subject (String, nil) (defaults to: nil)
  • email_configuration (AWSCDK::IResolvable, AWSCDK::Cognito::CfnUserPool::EmailConfigurationProperty, nil) (defaults to: nil)

    The email configuration of your user pool.

  • email_verification_message (String, nil) (defaults to: nil)

    This parameter is no longer used.

  • email_verification_subject (String, nil) (defaults to: nil)

    This parameter is no longer used.

  • enabled_mfas (Array<String>, nil) (defaults to: nil)

    Set enabled MFA options on a specified user pool.

  • lambda_config (AWSCDK::IResolvable, AWSCDK::Cognito::CfnUserPool::LambdaConfigProperty, nil) (defaults to: nil)

    A collection of user pool Lambda triggers.

  • mfa_configuration (String, nil) (defaults to: nil)

    Displays the state of multi-factor authentication (MFA) as on, off, or optional.

  • policies (AWSCDK::IResolvable, AWSCDK::Cognito::CfnUserPool::PoliciesProperty, nil) (defaults to: nil)

    A list of user pool policies.

  • schema (AWSCDK::IResolvable, Array<AWSCDK::IResolvable, AWSCDK::Cognito::CfnUserPool::SchemaAttributeProperty>, nil) (defaults to: nil)

    An array of attributes for the new user pool.

  • sms_authentication_message (String, nil) (defaults to: nil)

    The contents of the SMS authentication message.

  • sms_configuration (AWSCDK::IResolvable, AWSCDK::Cognito::CfnUserPool::SmsConfigurationProperty, nil) (defaults to: nil)

    The settings for your Amazon Cognito user pool to send SMS messages with Amazon Simple Notification Service.

  • sms_verification_message (String, nil) (defaults to: nil)

    This parameter is no longer used.

  • user_attribute_update_settings (AWSCDK::IResolvable, AWSCDK::Cognito::CfnUserPool::UserAttributeUpdateSettingsProperty, nil) (defaults to: nil)

    The settings for updates to user attributes.

  • username_attributes (Array<String>, nil) (defaults to: nil)

    Specifies whether a user can use an email address or phone number as a username when they sign up.

  • username_configuration (AWSCDK::IResolvable, AWSCDK::Cognito::CfnUserPool::UsernameConfigurationProperty, nil) (defaults to: nil)

    Sets the case sensitivity option for sign-in usernames.

  • user_pool_add_ons (AWSCDK::IResolvable, AWSCDK::Cognito::CfnUserPool::UserPoolAddOnsProperty, nil) (defaults to: nil)

    Contains settings for activation of threat protection, including the operating mode and additional authentication types.

  • user_pool_name (String, nil) (defaults to: nil)

    A friendly name for your user pool.

  • user_pool_tags (Object, nil) (defaults to: nil)

    The tag keys and values to assign to the user pool.

  • user_pool_tier (String, nil) (defaults to: nil)

    The user pool feature plan , or tier. This parameter determines the eligibility of the user pool for features like managed login, access-token customization, and threat protection. Defaults to ESSENTIALS .

  • verification_message_template (AWSCDK::IResolvable, AWSCDK::Cognito::CfnUserPool::VerificationMessageTemplateProperty, nil) (defaults to: nil)

    The template for the verification message that your user pool delivers to users who set an email address or phone number attribute.

  • web_authn_factor_configuration (String, nil) (defaults to: nil)
  • web_authn_relying_party_id (String, nil) (defaults to: nil)

    Sets or displays the authentication domain, typically your user pool domain, that passkey providers must use as a relying party (RP) in their configuration.

  • web_authn_user_verification (String, nil) (defaults to: nil)

    When required , users can only register and sign in users with passkeys that are capable of user verification . When preferred , your user pool doesn't require the use of authenticators with user verification but encourages it.



39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
# File 'cognito/cfn_user_pool_props.rb', line 39

def initialize(account_recovery_setting: nil, admin_create_user_config: nil, alias_attributes: nil, auto_verified_attributes: nil, deletion_protection: nil, device_configuration: nil, email_authentication_message: nil, email_authentication_subject: nil, email_configuration: nil, email_verification_message: nil, email_verification_subject: nil, enabled_mfas: nil, lambda_config: nil, mfa_configuration: nil, policies: nil, schema: nil, sms_authentication_message: nil, sms_configuration: nil, sms_verification_message: nil, user_attribute_update_settings: nil, username_attributes: nil, username_configuration: nil, user_pool_add_ons: nil, user_pool_name: nil, user_pool_tags: nil, user_pool_tier: nil, verification_message_template: nil, web_authn_factor_configuration: nil, web_authn_relying_party_id: nil, web_authn_user_verification: nil)
  @account_recovery_setting = .is_a?(Hash) ? ::AWSCDK::Cognito::CfnUserPool::AccountRecoverySettingProperty.new(**.transform_keys(&:to_sym)) : 
  Jsii::Type.check_type(@account_recovery_setting, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c19jb2duaXRvLkNmblVzZXJQb29sLkFjY291bnRSZWNvdmVyeVNldHRpbmdQcm9wZXJ0eSJ9XX19")), "accountRecoverySetting") unless @account_recovery_setting.nil?
  @admin_create_user_config = admin_create_user_config.is_a?(Hash) ? ::AWSCDK::Cognito::CfnUserPool::AdminCreateUserConfigProperty.new(**admin_create_user_config.transform_keys(&:to_sym)) : admin_create_user_config
  Jsii::Type.check_type(@admin_create_user_config, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c19jb2duaXRvLkNmblVzZXJQb29sLkFkbWluQ3JlYXRlVXNlckNvbmZpZ1Byb3BlcnR5In1dfX0=")), "adminCreateUserConfig") unless @admin_create_user_config.nil?
  @alias_attributes = alias_attributes
  Jsii::Type.check_type(@alias_attributes, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "aliasAttributes") unless @alias_attributes.nil?
  @auto_verified_attributes = auto_verified_attributes
  Jsii::Type.check_type(@auto_verified_attributes, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "autoVerifiedAttributes") unless @auto_verified_attributes.nil?
  @deletion_protection = deletion_protection
  Jsii::Type.check_type(@deletion_protection, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "deletionProtection") unless @deletion_protection.nil?
  @device_configuration = device_configuration.is_a?(Hash) ? ::AWSCDK::Cognito::CfnUserPool::DeviceConfigurationProperty.new(**device_configuration.transform_keys(&:to_sym)) : device_configuration
  Jsii::Type.check_type(@device_configuration, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c19jb2duaXRvLkNmblVzZXJQb29sLkRldmljZUNvbmZpZ3VyYXRpb25Qcm9wZXJ0eSJ9XX19")), "deviceConfiguration") unless @device_configuration.nil?
  @email_authentication_message = email_authentication_message
  Jsii::Type.check_type(@email_authentication_message, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "emailAuthenticationMessage") unless @email_authentication_message.nil?
  @email_authentication_subject = email_authentication_subject
  Jsii::Type.check_type(@email_authentication_subject, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "emailAuthenticationSubject") unless @email_authentication_subject.nil?
  @email_configuration = email_configuration.is_a?(Hash) ? ::AWSCDK::Cognito::CfnUserPool::EmailConfigurationProperty.new(**email_configuration.transform_keys(&:to_sym)) : email_configuration
  Jsii::Type.check_type(@email_configuration, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c19jb2duaXRvLkNmblVzZXJQb29sLkVtYWlsQ29uZmlndXJhdGlvblByb3BlcnR5In1dfX0=")), "emailConfiguration") unless @email_configuration.nil?
  @email_verification_message = email_verification_message
  Jsii::Type.check_type(@email_verification_message, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "emailVerificationMessage") unless @email_verification_message.nil?
  @email_verification_subject = email_verification_subject
  Jsii::Type.check_type(@email_verification_subject, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "emailVerificationSubject") unless @email_verification_subject.nil?
  @enabled_mfas = enabled_mfas
  Jsii::Type.check_type(@enabled_mfas, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "enabledMfas") unless @enabled_mfas.nil?
  @lambda_config = lambda_config.is_a?(Hash) ? ::AWSCDK::Cognito::CfnUserPool::LambdaConfigProperty.new(**lambda_config.transform_keys(&:to_sym)) : lambda_config
  Jsii::Type.check_type(@lambda_config, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c19jb2duaXRvLkNmblVzZXJQb29sLkxhbWJkYUNvbmZpZ1Byb3BlcnR5In1dfX0=")), "lambdaConfig") unless @lambda_config.nil?
  @mfa_configuration = mfa_configuration
  Jsii::Type.check_type(@mfa_configuration, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "mfaConfiguration") unless @mfa_configuration.nil?
  @policies = policies.is_a?(Hash) ? ::AWSCDK::Cognito::CfnUserPool::PoliciesProperty.new(**policies.transform_keys(&:to_sym)) : policies
  Jsii::Type.check_type(@policies, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c19jb2duaXRvLkNmblVzZXJQb29sLlBvbGljaWVzUHJvcGVydHkifV19fQ==")), "policies") unless @policies.nil?
  @schema = schema
  Jsii::Type.check_type(@schema, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImNvbGxlY3Rpb24iOnsiZWxlbWVudHR5cGUiOnsidW5pb24iOnsidHlwZXMiOlt7ImZxbiI6ImF3cy1jZGstbGliLklSZXNvbHZhYmxlIn0seyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfY29nbml0by5DZm5Vc2VyUG9vbC5TY2hlbWFBdHRyaWJ1dGVQcm9wZXJ0eSJ9XX19LCJraW5kIjoiYXJyYXkifX1dfX0=")), "schema") unless @schema.nil?
  @sms_authentication_message = sms_authentication_message
  Jsii::Type.check_type(@sms_authentication_message, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "smsAuthenticationMessage") unless @sms_authentication_message.nil?
  @sms_configuration = sms_configuration.is_a?(Hash) ? ::AWSCDK::Cognito::CfnUserPool::SmsConfigurationProperty.new(**sms_configuration.transform_keys(&:to_sym)) : sms_configuration
  Jsii::Type.check_type(@sms_configuration, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c19jb2duaXRvLkNmblVzZXJQb29sLlNtc0NvbmZpZ3VyYXRpb25Qcm9wZXJ0eSJ9XX19")), "smsConfiguration") unless @sms_configuration.nil?
  @sms_verification_message = sms_verification_message
  Jsii::Type.check_type(@sms_verification_message, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "smsVerificationMessage") unless @sms_verification_message.nil?
  @user_attribute_update_settings = user_attribute_update_settings.is_a?(Hash) ? ::AWSCDK::Cognito::CfnUserPool::UserAttributeUpdateSettingsProperty.new(**user_attribute_update_settings.transform_keys(&:to_sym)) : user_attribute_update_settings
  Jsii::Type.check_type(@user_attribute_update_settings, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c19jb2duaXRvLkNmblVzZXJQb29sLlVzZXJBdHRyaWJ1dGVVcGRhdGVTZXR0aW5nc1Byb3BlcnR5In1dfX0=")), "userAttributeUpdateSettings") unless @user_attribute_update_settings.nil?
  @username_attributes = username_attributes
  Jsii::Type.check_type(@username_attributes, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "usernameAttributes") unless @username_attributes.nil?
  @username_configuration = username_configuration.is_a?(Hash) ? ::AWSCDK::Cognito::CfnUserPool::UsernameConfigurationProperty.new(**username_configuration.transform_keys(&:to_sym)) : username_configuration
  Jsii::Type.check_type(@username_configuration, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c19jb2duaXRvLkNmblVzZXJQb29sLlVzZXJuYW1lQ29uZmlndXJhdGlvblByb3BlcnR5In1dfX0=")), "usernameConfiguration") unless @username_configuration.nil?
  @user_pool_add_ons = user_pool_add_ons.is_a?(Hash) ? ::AWSCDK::Cognito::CfnUserPool::UserPoolAddOnsProperty.new(**user_pool_add_ons.transform_keys(&:to_sym)) : user_pool_add_ons
  Jsii::Type.check_type(@user_pool_add_ons, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c19jb2duaXRvLkNmblVzZXJQb29sLlVzZXJQb29sQWRkT25zUHJvcGVydHkifV19fQ==")), "userPoolAddOns") unless @user_pool_add_ons.nil?
  @user_pool_name = user_pool_name
  Jsii::Type.check_type(@user_pool_name, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "userPoolName") unless @user_pool_name.nil?
  @user_pool_tags = user_pool_tags
  Jsii::Type.check_type(@user_pool_tags, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJhbnkifQ==")), "userPoolTags") unless @user_pool_tags.nil?
  @user_pool_tier = user_pool_tier
  Jsii::Type.check_type(@user_pool_tier, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "userPoolTier") unless @user_pool_tier.nil?
  @verification_message_template = verification_message_template.is_a?(Hash) ? ::AWSCDK::Cognito::CfnUserPool::VerificationMessageTemplateProperty.new(**verification_message_template.transform_keys(&:to_sym)) : verification_message_template
  Jsii::Type.check_type(@verification_message_template, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c19jb2duaXRvLkNmblVzZXJQb29sLlZlcmlmaWNhdGlvbk1lc3NhZ2VUZW1wbGF0ZVByb3BlcnR5In1dfX0=")), "verificationMessageTemplate") unless @verification_message_template.nil?
  @web_authn_factor_configuration = web_authn_factor_configuration
  Jsii::Type.check_type(@web_authn_factor_configuration, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "webAuthnFactorConfiguration") unless @web_authn_factor_configuration.nil?
  @web_authn_relying_party_id = web_authn_relying_party_id
  Jsii::Type.check_type(@web_authn_relying_party_id, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "webAuthnRelyingPartyId") unless @web_authn_relying_party_id.nil?
  @web_authn_user_verification = web_authn_user_verification
  Jsii::Type.check_type(@web_authn_user_verification, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "webAuthnUserVerification") unless @web_authn_user_verification.nil?
end

Instance Attribute Details

#account_recovery_settingAWSCDK::IResolvable, ... (readonly)

The available verified method a user can use to recover their password when they call ForgotPassword .

You can use this setting to define a preferred method when a user has more than one method available. With this setting, SMS doesn't qualify for a valid password recovery mechanism if the user also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method where SMS is preferred through email.



108
109
110
# File 'cognito/cfn_user_pool_props.rb', line 108

def 
  @account_recovery_setting
end

#admin_create_user_configAWSCDK::IResolvable, ... (readonly)

The settings for administrator creation of users in a user pool.

Contains settings for allowing user sign-up, customizing invitation messages to new users, and the amount of time before temporary passwords expire.



115
116
117
# File 'cognito/cfn_user_pool_props.rb', line 115

def admin_create_user_config
  @admin_create_user_config
end

#alias_attributesArray<String>? (readonly)

Attributes supported as an alias for this user pool.

For more information about alias attributes, see Customizing sign-in attributes .



122
123
124
# File 'cognito/cfn_user_pool_props.rb', line 122

def alias_attributes
  @alias_attributes
end

#auto_verified_attributesArray<String>? (readonly)

The attributes that you want your user pool to automatically verify.

For more information, see Verifying contact information at sign-up .



129
130
131
# File 'cognito/cfn_user_pool_props.rb', line 129

def auto_verified_attributes
  @auto_verified_attributes
end

#deletion_protectionString? (readonly)

When active, DeletionProtection prevents accidental deletion of your user pool.

Before you can delete a user pool that you have protected against deletion, you must deactivate this feature.

When you try to delete a protected user pool in a DeleteUserPool API request, Amazon Cognito returns an InvalidParameterException error. To delete a protected user pool, send a new DeleteUserPool request after you deactivate deletion protection in an UpdateUserPool API request.



139
140
141
# File 'cognito/cfn_user_pool_props.rb', line 139

def deletion_protection
  @deletion_protection
end

#device_configurationAWSCDK::IResolvable, ... (readonly)

The device-remembering configuration for a user pool.

Device remembering or device tracking is a "Remember me on this device" option for user pools that perform authentication with the device key of a trusted device in the back end, instead of a user-provided MFA code. For more information about device authentication, see Working with user devices in your user pool . A null value indicates that you have deactivated device remembering in your user pool.

When you provide a value for any DeviceConfiguration field, you activate the Amazon Cognito device-remembering feature. For more information, see Working with devices .



148
149
150
# File 'cognito/cfn_user_pool_props.rb', line 148

def device_configuration
  @device_configuration
end

#email_authentication_messageString? (readonly)



151
152
153
# File 'cognito/cfn_user_pool_props.rb', line 151

def email_authentication_message
  @email_authentication_message
end

#email_authentication_subjectString? (readonly)



154
155
156
# File 'cognito/cfn_user_pool_props.rb', line 154

def email_authentication_subject
  @email_authentication_subject
end

#email_configurationAWSCDK::IResolvable, ... (readonly)

The email configuration of your user pool.

The email configuration type sets your preferred sending method, AWS Region, and sender for messages from your user pool.



161
162
163
# File 'cognito/cfn_user_pool_props.rb', line 161

def email_configuration
  @email_configuration
end

#email_verification_messageString? (readonly)

This parameter is no longer used.

See VerificationMessageTemplateType .



168
169
170
# File 'cognito/cfn_user_pool_props.rb', line 168

def email_verification_message
  @email_verification_message
end

#email_verification_subjectString? (readonly)

This parameter is no longer used.

See VerificationMessageTemplateType .



175
176
177
# File 'cognito/cfn_user_pool_props.rb', line 175

def email_verification_subject
  @email_verification_subject
end

#enabled_mfasArray<String>? (readonly)

Set enabled MFA options on a specified user pool.

To disable all MFAs after it has been enabled, set MfaConfiguration to OFF and remove EnabledMfas. MFAs can only be all disabled if MfaConfiguration is OFF . After you enable SMS_MFA , you can only disable it by setting MfaConfiguration to OFF . Can be one of the following values:

  • SMS_MFA - Enables MFA with SMS for the user pool. To select this option, you must also provide values for SmsConfiguration .
  • SOFTWARE_TOKEN_MFA - Enables software token MFA for the user pool.
  • EMAIL_OTP - Enables MFA with email for the user pool. To select this option, you must provide values for EmailConfiguration and within those, set EmailSendingAccount to DEVELOPER .

Allowed values: SMS_MFA | SOFTWARE_TOKEN_MFA | EMAIL_OTP



188
189
190
# File 'cognito/cfn_user_pool_props.rb', line 188

def enabled_mfas
  @enabled_mfas
end

#lambda_configAWSCDK::IResolvable, ... (readonly)

A collection of user pool Lambda triggers.

Amazon Cognito invokes triggers at several possible stages of authentication operations. Triggers can modify the outcome of the operations that invoked them.



195
196
197
# File 'cognito/cfn_user_pool_props.rb', line 195

def lambda_config
  @lambda_config
end

#mfa_configurationString? (readonly)

Displays the state of multi-factor authentication (MFA) as on, off, or optional.

When ON , all users must set up MFA before they can sign in. When OPTIONAL , your application must make a client-side determination of whether a user wants to register an MFA device. For user pools with adaptive authentication with threat protection, choose OPTIONAL .

When MfaConfiguration is OPTIONAL , managed login doesn't automatically prompt users to set up MFA. Amazon Cognito generates MFA prompts in API responses and in managed login for users who have chosen and configured a preferred MFA factor.



204
205
206
# File 'cognito/cfn_user_pool_props.rb', line 204

def mfa_configuration
  @mfa_configuration
end

#policiesAWSCDK::IResolvable, ... (readonly)

A list of user pool policies.

Contains the policy that sets password-complexity requirements.



211
212
213
# File 'cognito/cfn_user_pool_props.rb', line 211

def policies
  @policies
end

#schemaAWSCDK::IResolvable, ... (readonly)

An array of attributes for the new user pool.

You can add custom attributes and modify the properties of default attributes. The specifications in this parameter set the required attributes in your user pool. For more information, see Working with user attributes .



218
219
220
# File 'cognito/cfn_user_pool_props.rb', line 218

def schema
  @schema
end

#sms_authentication_messageString? (readonly)

The contents of the SMS authentication message.



223
224
225
# File 'cognito/cfn_user_pool_props.rb', line 223

def sms_authentication_message
  @sms_authentication_message
end

#sms_configurationAWSCDK::IResolvable, ... (readonly)

The settings for your Amazon Cognito user pool to send SMS messages with Amazon Simple Notification Service.

To send SMS messages with Amazon SNS in the AWS Region that you want, the Amazon Cognito user pool uses an AWS Identity and Access Management (IAM) role in your AWS account . For more information see SMS message settings .



230
231
232
# File 'cognito/cfn_user_pool_props.rb', line 230

def sms_configuration
  @sms_configuration
end

#sms_verification_messageString? (readonly)

This parameter is no longer used.

See VerificationMessageTemplateType .



237
238
239
# File 'cognito/cfn_user_pool_props.rb', line 237

def sms_verification_message
  @sms_verification_message
end

#user_attribute_update_settingsAWSCDK::IResolvable, ... (readonly)

The settings for updates to user attributes.

These settings include the property AttributesRequireVerificationBeforeUpdate , a user-pool setting that tells Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. For more information, see Verifying updates to email addresses and phone numbers .



246
247
248
# File 'cognito/cfn_user_pool_props.rb', line 246

def user_attribute_update_settings
  @user_attribute_update_settings
end

#user_pool_add_onsAWSCDK::IResolvable, ... (readonly)

Contains settings for activation of threat protection, including the operating mode and additional authentication types.

To log user security information but take no action, set to AUDIT . To configure automatic security responses to potentially unwanted traffic to your user pool, set to ENFORCED .

For more information, see Adding advanced security to a user pool . To activate this setting, your user pool must be on the Plus tier .



271
272
273
# File 'cognito/cfn_user_pool_props.rb', line 271

def user_pool_add_ons
  @user_pool_add_ons
end

#user_pool_nameString? (readonly)

A friendly name for your user pool.



276
277
278
# File 'cognito/cfn_user_pool_props.rb', line 276

def user_pool_name
  @user_pool_name
end

#user_pool_tagsObject? (readonly)

The tag keys and values to assign to the user pool.

A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.



283
284
285
# File 'cognito/cfn_user_pool_props.rb', line 283

def user_pool_tags
  @user_pool_tags
end

#user_pool_tierString? (readonly)

The user pool feature plan , or tier. This parameter determines the eligibility of the user pool for features like managed login, access-token customization, and threat protection. Defaults to ESSENTIALS .



288
289
290
# File 'cognito/cfn_user_pool_props.rb', line 288

def user_pool_tier
  @user_pool_tier
end

#username_attributesArray<String>? (readonly)

Specifies whether a user can use an email address or phone number as a username when they sign up.



251
252
253
# File 'cognito/cfn_user_pool_props.rb', line 251

def username_attributes
  @username_attributes
end

#username_configurationAWSCDK::IResolvable, ... (readonly)

Sets the case sensitivity option for sign-in usernames.

When CaseSensitive is false (case insensitive), users can sign in with any combination of capital and lowercase letters. For example, username , USERNAME , or UserName , or for email, email@example.com or EMaiL@eXamplE.Com . For most use cases, set case sensitivity to false as a best practice. When usernames and email addresses are case insensitive, Amazon Cognito treats any variation in case as the same user, and prevents a case variation from being assigned to the same attribute for a different user.

When CaseSensitive is true (case sensitive), Amazon Cognito interprets USERNAME and UserName as distinct users.

This configuration is immutable after you set it.



262
263
264
# File 'cognito/cfn_user_pool_props.rb', line 262

def username_configuration
  @username_configuration
end

#verification_message_templateAWSCDK::IResolvable, ... (readonly)

The template for the verification message that your user pool delivers to users who set an email address or phone number attribute.

Set the email message type that corresponds to your DefaultEmailOption selection. For CONFIRM_WITH_LINK , specify an EmailMessageByLink and leave EmailMessage blank. For CONFIRM_WITH_CODE , specify an EmailMessage and leave EmailMessageByLink blank. When you supply both parameters with either choice, Amazon Cognito returns an error.



295
296
297
# File 'cognito/cfn_user_pool_props.rb', line 295

def verification_message_template
  @verification_message_template
end

#web_authn_factor_configurationString? (readonly)



298
299
300
# File 'cognito/cfn_user_pool_props.rb', line 298

def web_authn_factor_configuration
  @web_authn_factor_configuration
end

#web_authn_relying_party_idString? (readonly)

Sets or displays the authentication domain, typically your user pool domain, that passkey providers must use as a relying party (RP) in their configuration.

Under the following conditions, the passkey relying party ID must be the fully-qualified domain name of your custom domain:

  • The user pool is configured for passkey authentication.
  • The user pool has a custom domain, whether or not it also has a prefix domain.
  • Your application performs authentication with managed login or the classic hosted UI.


309
310
311
# File 'cognito/cfn_user_pool_props.rb', line 309

def web_authn_relying_party_id
  @web_authn_relying_party_id
end

#web_authn_user_verificationString? (readonly)

When required , users can only register and sign in users with passkeys that are capable of user verification . When preferred , your user pool doesn't require the use of authenticators with user verification but encourages it.



314
315
316
# File 'cognito/cfn_user_pool_props.rb', line 314

def web_authn_user_verification
  @web_authn_user_verification
end

Class Method Details

.jsii_propertiesObject



316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
# File 'cognito/cfn_user_pool_props.rb', line 316

def self.jsii_properties
  {
    :account_recovery_setting => "accountRecoverySetting",
    :admin_create_user_config => "adminCreateUserConfig",
    :alias_attributes => "aliasAttributes",
    :auto_verified_attributes => "autoVerifiedAttributes",
    :deletion_protection => "deletionProtection",
    :device_configuration => "deviceConfiguration",
    :email_authentication_message => "emailAuthenticationMessage",
    :email_authentication_subject => "emailAuthenticationSubject",
    :email_configuration => "emailConfiguration",
    :email_verification_message => "emailVerificationMessage",
    :email_verification_subject => "emailVerificationSubject",
    :enabled_mfas => "enabledMfas",
    :lambda_config => "lambdaConfig",
    :mfa_configuration => "mfaConfiguration",
    :policies => "policies",
    :schema => "schema",
    :sms_authentication_message => "smsAuthenticationMessage",
    :sms_configuration => "smsConfiguration",
    :sms_verification_message => "smsVerificationMessage",
    :user_attribute_update_settings => "userAttributeUpdateSettings",
    :username_attributes => "usernameAttributes",
    :username_configuration => "usernameConfiguration",
    :user_pool_add_ons => "userPoolAddOns",
    :user_pool_name => "userPoolName",
    :user_pool_tags => "userPoolTags",
    :user_pool_tier => "userPoolTier",
    :verification_message_template => "verificationMessageTemplate",
    :web_authn_factor_configuration => "webAuthnFactorConfiguration",
    :web_authn_relying_party_id => "webAuthnRelyingPartyId",
    :web_authn_user_verification => "webAuthnUserVerification",
  }
end

Instance Method Details

#to_jsiiObject



351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
# File 'cognito/cfn_user_pool_props.rb', line 351

def to_jsii
  result = {}
  result.merge!({
    "accountRecoverySetting" => @account_recovery_setting,
    "adminCreateUserConfig" => @admin_create_user_config,
    "aliasAttributes" => @alias_attributes,
    "autoVerifiedAttributes" => @auto_verified_attributes,
    "deletionProtection" => @deletion_protection,
    "deviceConfiguration" => @device_configuration,
    "emailAuthenticationMessage" => @email_authentication_message,
    "emailAuthenticationSubject" => @email_authentication_subject,
    "emailConfiguration" => @email_configuration,
    "emailVerificationMessage" => @email_verification_message,
    "emailVerificationSubject" => @email_verification_subject,
    "enabledMfas" => @enabled_mfas,
    "lambdaConfig" => @lambda_config,
    "mfaConfiguration" => @mfa_configuration,
    "policies" => @policies,
    "schema" => @schema,
    "smsAuthenticationMessage" => @sms_authentication_message,
    "smsConfiguration" => @sms_configuration,
    "smsVerificationMessage" => @sms_verification_message,
    "userAttributeUpdateSettings" => @user_attribute_update_settings,
    "usernameAttributes" => @username_attributes,
    "usernameConfiguration" => @username_configuration,
    "userPoolAddOns" => @user_pool_add_ons,
    "userPoolName" => @user_pool_name,
    "userPoolTags" => @user_pool_tags,
    "userPoolTier" => @user_pool_tier,
    "verificationMessageTemplate" => @verification_message_template,
    "webAuthnFactorConfiguration" => @web_authn_factor_configuration,
    "webAuthnRelyingPartyId" => @web_authn_relying_party_id,
    "webAuthnUserVerification" => @web_authn_user_verification,
  })
  result.compact
end