Class: AWSCDK::Cognito::CfnUserPoolRiskConfigurationAttachment::AccountTakeoverActionTypeProperty

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
cognito/cfn_user_pool_risk_configuration_attachment.rb

Overview

The automated response to a risk level for adaptive authentication in full-function, or ENFORCED , mode.

You can assign an action to each risk level that advanced security features evaluates.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(event_action:, notify:) ⇒ AccountTakeoverActionTypeProperty

Returns a new instance of AccountTakeoverActionTypeProperty.

Parameters:

  • event_action (String)

    The action to take for the attempted account takeover action for the associated risk level.

  • notify (Boolean, AWSCDK::IResolvable)

    Determines whether Amazon Cognito sends a user a notification message when your user pools assesses a user's session at the associated risk level.



552
553
554
555
556
557
# File 'cognito/cfn_user_pool_risk_configuration_attachment.rb', line 552

def initialize(event_action:, notify:)
  @event_action = event_action
  Jsii::Type.check_type(@event_action, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "eventAction")
  @notify = notify
  Jsii::Type.check_type(@notify, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoiYm9vbGVhbiJ9LHsiZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifV19fQ==")), "notify")
end

Instance Attribute Details

#event_actionString (readonly)

The action to take for the attempted account takeover action for the associated risk level.

Valid values are as follows:

  • BLOCK : Block the request.
  • MFA_IF_CONFIGURED : Present an MFA challenge if possible. MFA is possible if the user pool has active MFA methods that the user can set up. For example, if the user pool only supports SMS message MFA but the user doesn't have a phone number attribute, MFA setup isn't possible. If MFA setup isn't possible, allow the request.
  • MFA_REQUIRED : Present an MFA challenge if possible. Block the request if a user hasn't set up MFA. To sign in with required MFA, users must have an email address or phone number attribute, or a registered TOTP factor.
  • NO_ACTION : Take no action. Permit sign-in.


570
571
572
# File 'cognito/cfn_user_pool_risk_configuration_attachment.rb', line 570

def event_action
  @event_action
end

#notifyBoolean, AWSCDK::IResolvable (readonly)

Determines whether Amazon Cognito sends a user a notification message when your user pools assesses a user's session at the associated risk level.



575
576
577
# File 'cognito/cfn_user_pool_risk_configuration_attachment.rb', line 575

def notify
  @notify
end

Class Method Details

.jsii_propertiesObject



577
578
579
580
581
582
# File 'cognito/cfn_user_pool_risk_configuration_attachment.rb', line 577

def self.jsii_properties
  {
    :event_action => "eventAction",
    :notify => "notify",
  }
end

Instance Method Details

#to_jsiiObject



584
585
586
587
588
589
590
591
# File 'cognito/cfn_user_pool_risk_configuration_attachment.rb', line 584

def to_jsii
  result = {}
  result.merge!({
    "eventAction" => @event_action,
    "notify" => @notify,
  })
  result.compact
end