interface CfnUserPoolRiskConfigurationAttachmentProps

Language	Type name
.NET	`Amazon.CDK.AWS.Cognito.CfnUserPoolRiskConfigurationAttachmentProps`
Go	`github.com/aws/aws-cdk-go/awscdk/v2/awscognito#CfnUserPoolRiskConfigurationAttachmentProps`
Java	`software.amazon.awscdk.services.cognito.CfnUserPoolRiskConfigurationAttachmentProps`
Python	`aws_cdk.aws_cognito.CfnUserPoolRiskConfigurationAttachmentProps`
TypeScript	`aws-cdk-lib` » `aws_cognito` » `CfnUserPoolRiskConfigurationAttachmentProps`

Properties for defining a CfnUserPoolRiskConfigurationAttachment.

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_cognito as cognito } from 'aws-cdk-lib';
const cfnUserPoolRiskConfigurationAttachmentProps: cognito.CfnUserPoolRiskConfigurationAttachmentProps = {
  clientId: 'clientId',
  userPoolId: 'userPoolId',

  // the properties below are optional
  accountTakeoverRiskConfiguration: {
    actions: {
      highAction: {
        eventAction: 'eventAction',
        notify: false,
      },
      lowAction: {
        eventAction: 'eventAction',
        notify: false,
      },
      mediumAction: {
        eventAction: 'eventAction',
        notify: false,
      },
    },

    // the properties below are optional
    notifyConfiguration: {
      sourceArn: 'sourceArn',

      // the properties below are optional
      blockEmail: {
        subject: 'subject',

        // the properties below are optional
        htmlBody: 'htmlBody',
        textBody: 'textBody',
      },
      from: 'from',
      mfaEmail: {
        subject: 'subject',

        // the properties below are optional
        htmlBody: 'htmlBody',
        textBody: 'textBody',
      },
      noActionEmail: {
        subject: 'subject',

        // the properties below are optional
        htmlBody: 'htmlBody',
        textBody: 'textBody',
      },
      replyTo: 'replyTo',
    },
  },
  compromisedCredentialsRiskConfiguration: {
    actions: {
      eventAction: 'eventAction',
    },

    // the properties below are optional
    eventFilter: ['eventFilter'],
  },
  riskExceptionConfiguration: {
    blockedIpRangeList: ['blockedIpRangeList'],
    skippedIpRangeList: ['skippedIpRangeList'],
  },
};

Properties

Name	Type	Description
clientId	`string`	The app client where this configuration is applied.
userPoolId	`string`	The ID of the user pool that has the risk configuration applied.
accountTakeoverRiskConfiguration?	`IResolvable` `\|` `AccountTakeoverRiskConfigurationTypeProperty`	The settings for automated responses and notification templates for adaptive authentication with threat protection.
compromisedCredentialsRiskConfiguration?	`IResolvable` `\|` `CompromisedCredentialsRiskConfigurationTypeProperty`	Settings for compromised-credentials actions and authentication types with threat protection in full-function `ENFORCED` mode.
riskExceptionConfiguration?	`IResolvable` `\|` `RiskExceptionConfigurationTypeProperty`	Exceptions to the risk evaluation configuration, including always-allow and always-block IP address ranges.

clientId

Type: string

The app client where this configuration is applied.

When this parameter isn't present, the risk configuration applies to all user pool app clients that don't have client-level settings.

userPoolId

Type: string

The ID of the user pool that has the risk configuration applied.

accountTakeoverRiskConfiguration?

Type: IResolvable | AccountTakeoverRiskConfigurationTypeProperty (optional)

The settings for automated responses and notification templates for adaptive authentication with threat protection.

compromisedCredentialsRiskConfiguration?

Type: IResolvable | CompromisedCredentialsRiskConfigurationTypeProperty (optional)

Settings for compromised-credentials actions and authentication types with threat protection in full-function ENFORCED mode.

riskExceptionConfiguration?

Type: IResolvable | RiskExceptionConfigurationTypeProperty (optional)

Exceptions to the risk evaluation configuration, including always-allow and always-block IP address ranges.