CfnUserPoolRiskConfigurationAttachmentProps

class aws_cdk.aws_cognito.CfnUserPoolRiskConfigurationAttachmentProps(*, client_id, user_pool_id, account_takeover_risk_configuration=None, compromised_credentials_risk_configuration=None, risk_exception_configuration=None)

Bases: object

Properties for defining a CfnUserPoolRiskConfigurationAttachment.

Parameters:

  • client_id (str) – The app client where this configuration is applied. When this parameter isn’t present, the risk configuration applies to all user pool app clients that don’t have client-level settings.

  • user_pool_id (str) – The ID of the user pool that has the risk configuration applied.

  • account_takeover_risk_configuration (Union[IResolvable, AccountTakeoverRiskConfigurationTypeProperty, Dict[str, Any], None]) – The settings for automated responses and notification templates for adaptive authentication with advanced security features.

  • compromised_credentials_risk_configuration (Union[IResolvable, CompromisedCredentialsRiskConfigurationTypeProperty, Dict[str, Any], None]) – Settings for compromised-credentials actions and authentication types with advanced security features in full-function ENFORCED mode.

  • risk_exception_configuration (Union[IResolvable, RiskExceptionConfigurationTypeProperty, Dict[str, Any], None]) – Exceptions to the risk evaluation configuration, including always-allow and always-block IP address ranges.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolriskconfigurationattachment.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk import aws_cognito as cognito

cfn_user_pool_risk_configuration_attachment_props = cognito.CfnUserPoolRiskConfigurationAttachmentProps(
    client_id="clientId",
    user_pool_id="userPoolId",

    # the properties below are optional
    account_takeover_risk_configuration=cognito.CfnUserPoolRiskConfigurationAttachment.AccountTakeoverRiskConfigurationTypeProperty(
        actions=cognito.CfnUserPoolRiskConfigurationAttachment.AccountTakeoverActionsTypeProperty(
            high_action=cognito.CfnUserPoolRiskConfigurationAttachment.AccountTakeoverActionTypeProperty(
                event_action="eventAction",
                notify=False
            ),
            low_action=cognito.CfnUserPoolRiskConfigurationAttachment.AccountTakeoverActionTypeProperty(
                event_action="eventAction",
                notify=False
            ),
            medium_action=cognito.CfnUserPoolRiskConfigurationAttachment.AccountTakeoverActionTypeProperty(
                event_action="eventAction",
                notify=False
            )
        ),

        # the properties below are optional
        notify_configuration=cognito.CfnUserPoolRiskConfigurationAttachment.NotifyConfigurationTypeProperty(
            source_arn="sourceArn",

            # the properties below are optional
            block_email=cognito.CfnUserPoolRiskConfigurationAttachment.NotifyEmailTypeProperty(
                subject="subject",

                # the properties below are optional
                html_body="htmlBody",
                text_body="textBody"
            ),
            from="from",
            mfa_email=cognito.CfnUserPoolRiskConfigurationAttachment.NotifyEmailTypeProperty(
                subject="subject",

                # the properties below are optional
                html_body="htmlBody",
                text_body="textBody"
            ),
            no_action_email=cognito.CfnUserPoolRiskConfigurationAttachment.NotifyEmailTypeProperty(
                subject="subject",

                # the properties below are optional
                html_body="htmlBody",
                text_body="textBody"
            ),
            reply_to="replyTo"
        )
    ),
    compromised_credentials_risk_configuration=cognito.CfnUserPoolRiskConfigurationAttachment.CompromisedCredentialsRiskConfigurationTypeProperty(
        actions=cognito.CfnUserPoolRiskConfigurationAttachment.CompromisedCredentialsActionsTypeProperty(
            event_action="eventAction"
        ),

        # the properties below are optional
        event_filter=["eventFilter"]
    ),
    risk_exception_configuration=cognito.CfnUserPoolRiskConfigurationAttachment.RiskExceptionConfigurationTypeProperty(
        blocked_ip_range_list=["blockedIpRangeList"],
        skipped_ip_range_list=["skippedIpRangeList"]
    )
)

Attributes

account_takeover_risk_configuration

The settings for automated responses and notification templates for adaptive authentication with advanced security features.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolriskconfigurationattachment.html#cfn-cognito-userpoolriskconfigurationattachment-accounttakeoverriskconfiguration

client_id

The app client where this configuration is applied.

When this parameter isn’t present, the risk configuration applies to all user pool app clients that don’t have client-level settings.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolriskconfigurationattachment.html#cfn-cognito-userpoolriskconfigurationattachment-clientid

compromised_credentials_risk_configuration

Settings for compromised-credentials actions and authentication types with advanced security features in full-function ENFORCED mode.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolriskconfigurationattachment.html#cfn-cognito-userpoolriskconfigurationattachment-compromisedcredentialsriskconfiguration

risk_exception_configuration

Exceptions to the risk evaluation configuration, including always-allow and always-block IP address ranges.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolriskconfigurationattachment.html#cfn-cognito-userpoolriskconfigurationattachment-riskexceptionconfiguration

user_pool_id

The ID of the user pool that has the risk configuration applied.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolriskconfigurationattachment.html#cfn-cognito-userpoolriskconfigurationattachment-userpoolid