1. Packages
  2. AWS Native
  3. API Docs
  4. cognito
  5. UserPoolRiskConfigurationAttachment

AWS Native is in preview. AWS Classic is fully supported.

AWS Native v0.109.0 published on Wednesday, Jun 26, 2024 by Pulumi

aws-native.cognito.UserPoolRiskConfigurationAttachment

Explore with Pulumi AI

aws-native logo

AWS Native is in preview. AWS Classic is fully supported.

AWS Native v0.109.0 published on Wednesday, Jun 26, 2024 by Pulumi

    Resource Type definition for AWS::Cognito::UserPoolRiskConfigurationAttachment

    Create UserPoolRiskConfigurationAttachment Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new UserPoolRiskConfigurationAttachment(name: string, args: UserPoolRiskConfigurationAttachmentArgs, opts?: CustomResourceOptions);
    @overload
    def UserPoolRiskConfigurationAttachment(resource_name: str,
                                            args: UserPoolRiskConfigurationAttachmentArgs,
                                            opts: Optional[ResourceOptions] = None)
    
    @overload
    def UserPoolRiskConfigurationAttachment(resource_name: str,
                                            opts: Optional[ResourceOptions] = None,
                                            client_id: Optional[str] = None,
                                            user_pool_id: Optional[str] = None,
                                            account_takeover_risk_configuration: Optional[UserPoolRiskConfigurationAttachmentAccountTakeoverRiskConfigurationTypeArgs] = None,
                                            compromised_credentials_risk_configuration: Optional[UserPoolRiskConfigurationAttachmentCompromisedCredentialsRiskConfigurationTypeArgs] = None,
                                            risk_exception_configuration: Optional[UserPoolRiskConfigurationAttachmentRiskExceptionConfigurationTypeArgs] = None)
    func NewUserPoolRiskConfigurationAttachment(ctx *Context, name string, args UserPoolRiskConfigurationAttachmentArgs, opts ...ResourceOption) (*UserPoolRiskConfigurationAttachment, error)
    public UserPoolRiskConfigurationAttachment(string name, UserPoolRiskConfigurationAttachmentArgs args, CustomResourceOptions? opts = null)
    public UserPoolRiskConfigurationAttachment(String name, UserPoolRiskConfigurationAttachmentArgs args)
    public UserPoolRiskConfigurationAttachment(String name, UserPoolRiskConfigurationAttachmentArgs args, CustomResourceOptions options)
    
    type: aws-native:cognito:UserPoolRiskConfigurationAttachment
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args UserPoolRiskConfigurationAttachmentArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args UserPoolRiskConfigurationAttachmentArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args UserPoolRiskConfigurationAttachmentArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args UserPoolRiskConfigurationAttachmentArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args UserPoolRiskConfigurationAttachmentArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    UserPoolRiskConfigurationAttachment Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The UserPoolRiskConfigurationAttachment resource accepts the following input properties:

    ClientId string
    The app client ID. You can specify the risk configuration for a single client (with a specific ClientId) or for all clients (by setting the ClientId to ALL ).
    UserPoolId string
    The user pool ID.
    AccountTakeoverRiskConfiguration Pulumi.AwsNative.Cognito.Inputs.UserPoolRiskConfigurationAttachmentAccountTakeoverRiskConfigurationType
    The account takeover risk configuration object, including the NotifyConfiguration object and Actions to take if there is an account takeover.
    CompromisedCredentialsRiskConfiguration Pulumi.AwsNative.Cognito.Inputs.UserPoolRiskConfigurationAttachmentCompromisedCredentialsRiskConfigurationType
    The compromised credentials risk configuration object, including the EventFilter and the EventAction .
    RiskExceptionConfiguration Pulumi.AwsNative.Cognito.Inputs.UserPoolRiskConfigurationAttachmentRiskExceptionConfigurationType
    The configuration to override the risk decision.
    ClientId string
    The app client ID. You can specify the risk configuration for a single client (with a specific ClientId) or for all clients (by setting the ClientId to ALL ).
    UserPoolId string
    The user pool ID.
    AccountTakeoverRiskConfiguration UserPoolRiskConfigurationAttachmentAccountTakeoverRiskConfigurationTypeArgs
    The account takeover risk configuration object, including the NotifyConfiguration object and Actions to take if there is an account takeover.
    CompromisedCredentialsRiskConfiguration UserPoolRiskConfigurationAttachmentCompromisedCredentialsRiskConfigurationTypeArgs
    The compromised credentials risk configuration object, including the EventFilter and the EventAction .
    RiskExceptionConfiguration UserPoolRiskConfigurationAttachmentRiskExceptionConfigurationTypeArgs
    The configuration to override the risk decision.
    clientId String
    The app client ID. You can specify the risk configuration for a single client (with a specific ClientId) or for all clients (by setting the ClientId to ALL ).
    userPoolId String
    The user pool ID.
    accountTakeoverRiskConfiguration UserPoolRiskConfigurationAttachmentAccountTakeoverRiskConfigurationType
    The account takeover risk configuration object, including the NotifyConfiguration object and Actions to take if there is an account takeover.
    compromisedCredentialsRiskConfiguration UserPoolRiskConfigurationAttachmentCompromisedCredentialsRiskConfigurationType
    The compromised credentials risk configuration object, including the EventFilter and the EventAction .
    riskExceptionConfiguration UserPoolRiskConfigurationAttachmentRiskExceptionConfigurationType
    The configuration to override the risk decision.
    clientId string
    The app client ID. You can specify the risk configuration for a single client (with a specific ClientId) or for all clients (by setting the ClientId to ALL ).
    userPoolId string
    The user pool ID.
    accountTakeoverRiskConfiguration UserPoolRiskConfigurationAttachmentAccountTakeoverRiskConfigurationType
    The account takeover risk configuration object, including the NotifyConfiguration object and Actions to take if there is an account takeover.
    compromisedCredentialsRiskConfiguration UserPoolRiskConfigurationAttachmentCompromisedCredentialsRiskConfigurationType
    The compromised credentials risk configuration object, including the EventFilter and the EventAction .
    riskExceptionConfiguration UserPoolRiskConfigurationAttachmentRiskExceptionConfigurationType
    The configuration to override the risk decision.
    client_id str
    The app client ID. You can specify the risk configuration for a single client (with a specific ClientId) or for all clients (by setting the ClientId to ALL ).
    user_pool_id str
    The user pool ID.
    account_takeover_risk_configuration UserPoolRiskConfigurationAttachmentAccountTakeoverRiskConfigurationTypeArgs
    The account takeover risk configuration object, including the NotifyConfiguration object and Actions to take if there is an account takeover.
    compromised_credentials_risk_configuration UserPoolRiskConfigurationAttachmentCompromisedCredentialsRiskConfigurationTypeArgs
    The compromised credentials risk configuration object, including the EventFilter and the EventAction .
    risk_exception_configuration UserPoolRiskConfigurationAttachmentRiskExceptionConfigurationTypeArgs
    The configuration to override the risk decision.
    clientId String
    The app client ID. You can specify the risk configuration for a single client (with a specific ClientId) or for all clients (by setting the ClientId to ALL ).
    userPoolId String
    The user pool ID.
    accountTakeoverRiskConfiguration Property Map
    The account takeover risk configuration object, including the NotifyConfiguration object and Actions to take if there is an account takeover.
    compromisedCredentialsRiskConfiguration Property Map
    The compromised credentials risk configuration object, including the EventFilter and the EventAction .
    riskExceptionConfiguration Property Map
    The configuration to override the risk decision.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the UserPoolRiskConfigurationAttachment resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Supporting Types

    UserPoolRiskConfigurationAttachmentAccountTakeoverActionType, UserPoolRiskConfigurationAttachmentAccountTakeoverActionTypeArgs

    EventAction string
    The action to take in response to the account takeover action. Valid values are as follows:

    • BLOCK Choosing this action will block the request.
    • MFA_IF_CONFIGURED Present an MFA challenge if user has configured it, else allow the request.
    • MFA_REQUIRED Present an MFA challenge if user has configured it, else block the request.
    • NO_ACTION Allow the user to sign in.
    Notify bool
    Flag specifying whether to send a notification.
    EventAction string
    The action to take in response to the account takeover action. Valid values are as follows:

    • BLOCK Choosing this action will block the request.
    • MFA_IF_CONFIGURED Present an MFA challenge if user has configured it, else allow the request.
    • MFA_REQUIRED Present an MFA challenge if user has configured it, else block the request.
    • NO_ACTION Allow the user to sign in.
    Notify bool
    Flag specifying whether to send a notification.
    eventAction String
    The action to take in response to the account takeover action. Valid values are as follows:

    • BLOCK Choosing this action will block the request.
    • MFA_IF_CONFIGURED Present an MFA challenge if user has configured it, else allow the request.
    • MFA_REQUIRED Present an MFA challenge if user has configured it, else block the request.
    • NO_ACTION Allow the user to sign in.
    notify_ Boolean
    Flag specifying whether to send a notification.
    eventAction string
    The action to take in response to the account takeover action. Valid values are as follows:

    • BLOCK Choosing this action will block the request.
    • MFA_IF_CONFIGURED Present an MFA challenge if user has configured it, else allow the request.
    • MFA_REQUIRED Present an MFA challenge if user has configured it, else block the request.
    • NO_ACTION Allow the user to sign in.
    notify boolean
    Flag specifying whether to send a notification.
    event_action str
    The action to take in response to the account takeover action. Valid values are as follows:

    • BLOCK Choosing this action will block the request.
    • MFA_IF_CONFIGURED Present an MFA challenge if user has configured it, else allow the request.
    • MFA_REQUIRED Present an MFA challenge if user has configured it, else block the request.
    • NO_ACTION Allow the user to sign in.
    notify bool
    Flag specifying whether to send a notification.
    eventAction String
    The action to take in response to the account takeover action. Valid values are as follows:

    • BLOCK Choosing this action will block the request.
    • MFA_IF_CONFIGURED Present an MFA challenge if user has configured it, else allow the request.
    • MFA_REQUIRED Present an MFA challenge if user has configured it, else block the request.
    • NO_ACTION Allow the user to sign in.
    notify Boolean
    Flag specifying whether to send a notification.

    UserPoolRiskConfigurationAttachmentAccountTakeoverActionsType, UserPoolRiskConfigurationAttachmentAccountTakeoverActionsTypeArgs

    highAction Property Map
    Action to take for a high risk.
    lowAction Property Map
    Action to take for a low risk.
    mediumAction Property Map
    Action to take for a medium risk.

    UserPoolRiskConfigurationAttachmentAccountTakeoverRiskConfigurationType, UserPoolRiskConfigurationAttachmentAccountTakeoverRiskConfigurationTypeArgs

    Actions UserPoolRiskConfigurationAttachmentAccountTakeoverActionsType
    Account takeover risk configuration actions.
    NotifyConfiguration UserPoolRiskConfigurationAttachmentNotifyConfigurationType
    The notify configuration used to construct email notifications.
    actions UserPoolRiskConfigurationAttachmentAccountTakeoverActionsType
    Account takeover risk configuration actions.
    notifyConfiguration UserPoolRiskConfigurationAttachmentNotifyConfigurationType
    The notify configuration used to construct email notifications.
    actions UserPoolRiskConfigurationAttachmentAccountTakeoverActionsType
    Account takeover risk configuration actions.
    notifyConfiguration UserPoolRiskConfigurationAttachmentNotifyConfigurationType
    The notify configuration used to construct email notifications.
    actions UserPoolRiskConfigurationAttachmentAccountTakeoverActionsType
    Account takeover risk configuration actions.
    notify_configuration UserPoolRiskConfigurationAttachmentNotifyConfigurationType
    The notify configuration used to construct email notifications.
    actions Property Map
    Account takeover risk configuration actions.
    notifyConfiguration Property Map
    The notify configuration used to construct email notifications.

    UserPoolRiskConfigurationAttachmentCompromisedCredentialsActionsType, UserPoolRiskConfigurationAttachmentCompromisedCredentialsActionsTypeArgs

    EventAction string
    The event action.
    EventAction string
    The event action.
    eventAction String
    The event action.
    eventAction string
    The event action.
    event_action str
    The event action.
    eventAction String
    The event action.

    UserPoolRiskConfigurationAttachmentCompromisedCredentialsRiskConfigurationType, UserPoolRiskConfigurationAttachmentCompromisedCredentialsRiskConfigurationTypeArgs

    Actions Pulumi.AwsNative.Cognito.Inputs.UserPoolRiskConfigurationAttachmentCompromisedCredentialsActionsType
    The compromised credentials risk configuration actions.
    EventFilter List<string>
    Perform the action for these events. The default is to perform all events if no event filter is specified.
    Actions UserPoolRiskConfigurationAttachmentCompromisedCredentialsActionsType
    The compromised credentials risk configuration actions.
    EventFilter []string
    Perform the action for these events. The default is to perform all events if no event filter is specified.
    actions UserPoolRiskConfigurationAttachmentCompromisedCredentialsActionsType
    The compromised credentials risk configuration actions.
    eventFilter List<String>
    Perform the action for these events. The default is to perform all events if no event filter is specified.
    actions UserPoolRiskConfigurationAttachmentCompromisedCredentialsActionsType
    The compromised credentials risk configuration actions.
    eventFilter string[]
    Perform the action for these events. The default is to perform all events if no event filter is specified.
    actions UserPoolRiskConfigurationAttachmentCompromisedCredentialsActionsType
    The compromised credentials risk configuration actions.
    event_filter Sequence[str]
    Perform the action for these events. The default is to perform all events if no event filter is specified.
    actions Property Map
    The compromised credentials risk configuration actions.
    eventFilter List<String>
    Perform the action for these events. The default is to perform all events if no event filter is specified.

    UserPoolRiskConfigurationAttachmentNotifyConfigurationType, UserPoolRiskConfigurationAttachmentNotifyConfigurationTypeArgs

    SourceArn string
    The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the From parameter.
    BlockEmail Pulumi.AwsNative.Cognito.Inputs.UserPoolRiskConfigurationAttachmentNotifyEmailType
    Email template used when a detected risk event is blocked.
    From string
    The email address that is sending the email. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.
    MfaEmail Pulumi.AwsNative.Cognito.Inputs.UserPoolRiskConfigurationAttachmentNotifyEmailType
    The multi-factor authentication (MFA) email template used when MFA is challenged as part of a detected risk.
    NoActionEmail Pulumi.AwsNative.Cognito.Inputs.UserPoolRiskConfigurationAttachmentNotifyEmailType
    The email template used when a detected risk event is allowed.
    ReplyTo string
    The destination to which the receiver of an email should reply to.
    SourceArn string
    The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the From parameter.
    BlockEmail UserPoolRiskConfigurationAttachmentNotifyEmailType
    Email template used when a detected risk event is blocked.
    From string
    The email address that is sending the email. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.
    MfaEmail UserPoolRiskConfigurationAttachmentNotifyEmailType
    The multi-factor authentication (MFA) email template used when MFA is challenged as part of a detected risk.
    NoActionEmail UserPoolRiskConfigurationAttachmentNotifyEmailType
    The email template used when a detected risk event is allowed.
    ReplyTo string
    The destination to which the receiver of an email should reply to.
    sourceArn String
    The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the From parameter.
    blockEmail UserPoolRiskConfigurationAttachmentNotifyEmailType
    Email template used when a detected risk event is blocked.
    from String
    The email address that is sending the email. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.
    mfaEmail UserPoolRiskConfigurationAttachmentNotifyEmailType
    The multi-factor authentication (MFA) email template used when MFA is challenged as part of a detected risk.
    noActionEmail UserPoolRiskConfigurationAttachmentNotifyEmailType
    The email template used when a detected risk event is allowed.
    replyTo String
    The destination to which the receiver of an email should reply to.
    sourceArn string
    The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the From parameter.
    blockEmail UserPoolRiskConfigurationAttachmentNotifyEmailType
    Email template used when a detected risk event is blocked.
    from string
    The email address that is sending the email. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.
    mfaEmail UserPoolRiskConfigurationAttachmentNotifyEmailType
    The multi-factor authentication (MFA) email template used when MFA is challenged as part of a detected risk.
    noActionEmail UserPoolRiskConfigurationAttachmentNotifyEmailType
    The email template used when a detected risk event is allowed.
    replyTo string
    The destination to which the receiver of an email should reply to.
    source_arn str
    The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the From parameter.
    block_email UserPoolRiskConfigurationAttachmentNotifyEmailType
    Email template used when a detected risk event is blocked.
    from_ str
    The email address that is sending the email. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.
    mfa_email UserPoolRiskConfigurationAttachmentNotifyEmailType
    The multi-factor authentication (MFA) email template used when MFA is challenged as part of a detected risk.
    no_action_email UserPoolRiskConfigurationAttachmentNotifyEmailType
    The email template used when a detected risk event is allowed.
    reply_to str
    The destination to which the receiver of an email should reply to.
    sourceArn String
    The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the From parameter.
    blockEmail Property Map
    Email template used when a detected risk event is blocked.
    from String
    The email address that is sending the email. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.
    mfaEmail Property Map
    The multi-factor authentication (MFA) email template used when MFA is challenged as part of a detected risk.
    noActionEmail Property Map
    The email template used when a detected risk event is allowed.
    replyTo String
    The destination to which the receiver of an email should reply to.

    UserPoolRiskConfigurationAttachmentNotifyEmailType, UserPoolRiskConfigurationAttachmentNotifyEmailTypeArgs

    Subject string
    The email subject.
    HtmlBody string
    The email HTML body.
    TextBody string
    The email text body.
    Subject string
    The email subject.
    HtmlBody string
    The email HTML body.
    TextBody string
    The email text body.
    subject String
    The email subject.
    htmlBody String
    The email HTML body.
    textBody String
    The email text body.
    subject string
    The email subject.
    htmlBody string
    The email HTML body.
    textBody string
    The email text body.
    subject str
    The email subject.
    html_body str
    The email HTML body.
    text_body str
    The email text body.
    subject String
    The email subject.
    htmlBody String
    The email HTML body.
    textBody String
    The email text body.

    UserPoolRiskConfigurationAttachmentRiskExceptionConfigurationType, UserPoolRiskConfigurationAttachmentRiskExceptionConfigurationTypeArgs

    BlockedIpRangeList List<string>
    Overrides the risk decision to always block the pre-authentication requests. The IP range is in CIDR notation, a compact representation of an IP address and its routing prefix.
    SkippedIpRangeList List<string>
    Risk detection isn't performed on the IP addresses in this range list. The IP range is in CIDR notation.
    BlockedIpRangeList []string
    Overrides the risk decision to always block the pre-authentication requests. The IP range is in CIDR notation, a compact representation of an IP address and its routing prefix.
    SkippedIpRangeList []string
    Risk detection isn't performed on the IP addresses in this range list. The IP range is in CIDR notation.
    blockedIpRangeList List<String>
    Overrides the risk decision to always block the pre-authentication requests. The IP range is in CIDR notation, a compact representation of an IP address and its routing prefix.
    skippedIpRangeList List<String>
    Risk detection isn't performed on the IP addresses in this range list. The IP range is in CIDR notation.
    blockedIpRangeList string[]
    Overrides the risk decision to always block the pre-authentication requests. The IP range is in CIDR notation, a compact representation of an IP address and its routing prefix.
    skippedIpRangeList string[]
    Risk detection isn't performed on the IP addresses in this range list. The IP range is in CIDR notation.
    blocked_ip_range_list Sequence[str]
    Overrides the risk decision to always block the pre-authentication requests. The IP range is in CIDR notation, a compact representation of an IP address and its routing prefix.
    skipped_ip_range_list Sequence[str]
    Risk detection isn't performed on the IP addresses in this range list. The IP range is in CIDR notation.
    blockedIpRangeList List<String>
    Overrides the risk decision to always block the pre-authentication requests. The IP range is in CIDR notation, a compact representation of an IP address and its routing prefix.
    skippedIpRangeList List<String>
    Risk detection isn't performed on the IP addresses in this range list. The IP range is in CIDR notation.

    Package Details

    Repository
    AWS Native pulumi/pulumi-aws-native
    License
    Apache-2.0
    aws-native logo

    AWS Native is in preview. AWS Classic is fully supported.

    AWS Native v0.109.0 published on Wednesday, Jun 26, 2024 by Pulumi