AWS::Cognito::UserPool AdminCreateUserConfig - AWS CloudFormation

AWS::Cognito::UserPool AdminCreateUserConfig

The settings for administrator creation of users in a user pool. Contains settings for allowing user sign-up, customizing invitation messages to new users, and the amount of time before temporary passwords expire.

This data type is a request and response parameter of CreateUserPool and UpdateUserPool, and a response parameter of DescribeUserPool.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

Properties

AllowAdminCreateUserOnly

The setting for allowing self-service sign-up. When true, only administrators can create new user profiles. When false, users can register themselves and create a new user profile with the SignUp operation.

Required: No

Type: Boolean

Update requires: No interruption

InviteMessageTemplate

The template for the welcome message to new users. This template must include the {####} temporary password placeholder if you are creating users with passwords. If your users don't have passwords, you can omit the placeholder.

See also Customizing User Invitation Messages.

Required: No

Type: InviteMessageTemplate

Update requires: No interruption

UnusedAccountValidityDays

This parameter is no longer in use. Configure the duration of temporary passwords with the TemporaryPasswordValidityDays parameter of PasswordPolicyType. For older user pools that have a UnusedAccountValidityDays configuration, that value is effective until you set a value for TemporaryPasswordValidityDays.

The password expiration limit in days for administrator-created users. When this time expires, the user can't sign in with their temporary password. To reset the account after that time limit, you must call AdminCreateUser again, specifying RESEND for the MessageAction parameter.

The default value for this parameter is 7.

Required: No

Type: Integer

Minimum: 0

Maximum: 365

Update requires: No interruption