CfnUserPoolRiskConfigurationAttachmentPropsMixin

class aws_cdk.mixins_preview.aws_cognito.mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin(props, *, strategy=None)

Bases: Mixin

The AWS::Cognito::UserPoolRiskConfigurationAttachment resource sets the risk configuration that is used for Amazon Cognito advanced security features.

You can specify risk configuration for a single client (with a specific clientId ) or for all clients (by setting the clientId to ALL ). If you specify ALL , the default configuration is used for every client that has had no risk configuration set previously. If you specify risk configuration for a particular client, it no longer falls back to the ALL configuration.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolriskconfigurationattachment.html

CloudformationResource:

AWS::Cognito::UserPoolRiskConfigurationAttachment

Mixin:

true

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview import mixins
from aws_cdk.mixins_preview.aws_cognito import mixins as cognito_mixins

cfn_user_pool_risk_configuration_attachment_props_mixin = cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin(cognito_mixins.CfnUserPoolRiskConfigurationAttachmentMixinProps(
    account_takeover_risk_configuration=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.AccountTakeoverRiskConfigurationTypeProperty(
        actions=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.AccountTakeoverActionsTypeProperty(
            high_action=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.AccountTakeoverActionTypeProperty(
                event_action="eventAction",
                notify=False
            ),
            low_action=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.AccountTakeoverActionTypeProperty(
                event_action="eventAction",
                notify=False
            ),
            medium_action=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.AccountTakeoverActionTypeProperty(
                event_action="eventAction",
                notify=False
            )
        ),
        notify_configuration=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.NotifyConfigurationTypeProperty(
            block_email=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.NotifyEmailTypeProperty(
                html_body="htmlBody",
                subject="subject",
                text_body="textBody"
            ),
            from="from",
            mfa_email=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.NotifyEmailTypeProperty(
                html_body="htmlBody",
                subject="subject",
                text_body="textBody"
            ),
            no_action_email=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.NotifyEmailTypeProperty(
                html_body="htmlBody",
                subject="subject",
                text_body="textBody"
            ),
            reply_to="replyTo",
            source_arn="sourceArn"
        )
    ),
    client_id="clientId",
    compromised_credentials_risk_configuration=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.CompromisedCredentialsRiskConfigurationTypeProperty(
        actions=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.CompromisedCredentialsActionsTypeProperty(
            event_action="eventAction"
        ),
        event_filter=["eventFilter"]
    ),
    risk_exception_configuration=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.RiskExceptionConfigurationTypeProperty(
        blocked_ip_range_list=["blockedIpRangeList"],
        skipped_ip_range_list=["skippedIpRangeList"]
    ),
    user_pool_id="userPoolId"
),
    strategy=mixins.PropertyMergeStrategy.OVERRIDE
)

Create a mixin to apply properties to AWS::Cognito::UserPoolRiskConfigurationAttachment.

Parameters:

• props (Union[CfnUserPoolRiskConfigurationAttachmentMixinProps, Dict[str, Any]]) – L1 properties to apply.

• strategy (Optional[PropertyMergeStrategy]) – (experimental) Strategy for merging nested properties. Default: - PropertyMergeStrategy.MERGE

Methods

apply_to(construct)

Apply the mixin properties to the construct.

Parameters:

construct (IConstruct)

Return type:

IConstruct

supports(construct)

Check if this mixin supports the given construct.

Parameters:

construct (IConstruct)

Return type:

bool

Attributes

CFN_PROPERTY_KEYS = ['accountTakeoverRiskConfiguration', 'clientId', 'compromisedCredentialsRiskConfiguration', 'riskExceptionConfiguration', 'userPoolId']

Static Methods

classmethod is_mixin(x)

(experimental) Checks if x is a Mixin.

Parameters:

x (Any) – Any object.

Return type:

bool

Returns:

true if x is an object created from a class which extends Mixin.

Stability:

experimental

AccountTakeoverActionTypeProperty

class CfnUserPoolRiskConfigurationAttachmentPropsMixin.AccountTakeoverActionTypeProperty(*, event_action=None, notify=None)

Bases: object

The automated response to a risk level for adaptive authentication in full-function, or ENFORCED , mode.

You can assign an action to each risk level that advanced security features evaluates.

Parameters:

• event_action (Optional[str]) – The action to take for the attempted account takeover action for the associated risk level. Valid values are as follows: - BLOCK : Block the request. - MFA_IF_CONFIGURED : Present an MFA challenge if possible. MFA is possible if the user pool has active MFA methods that the user can set up. For example, if the user pool only supports SMS message MFA but the user doesn’t have a phone number attribute, MFA setup isn’t possible. If MFA setup isn’t possible, allow the request. - MFA_REQUIRED : Present an MFA challenge if possible. Block the request if a user hasn’t set up MFA. To sign in with required MFA, users must have an email address or phone number attribute, or a registered TOTP factor. - NO_ACTION : Take no action. Permit sign-in.

• notify (Union[bool, IResolvable, None]) – Determines whether Amazon Cognito sends a user a notification message when your user pools assesses a user’s session at the associated risk level.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-accounttakeoveractiontype.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_cognito import mixins as cognito_mixins

account_takeover_action_type_property = cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.AccountTakeoverActionTypeProperty(
    event_action="eventAction",
    notify=False
)

Attributes

event_action

The action to take for the attempted account takeover action for the associated risk level.

Valid values are as follows:

• BLOCK : Block the request.

• MFA_IF_CONFIGURED : Present an MFA challenge if possible. MFA is possible if the user pool has active MFA methods that the user can set up. For example, if the user pool only supports SMS message MFA but the user doesn’t have a phone number attribute, MFA setup isn’t possible. If MFA setup isn’t possible, allow the request.

• MFA_REQUIRED : Present an MFA challenge if possible. Block the request if a user hasn’t set up MFA. To sign in with required MFA, users must have an email address or phone number attribute, or a registered TOTP factor.

• NO_ACTION : Take no action. Permit sign-in.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-accounttakeoveractiontype.html#cfn-cognito-userpoolriskconfigurationattachment-accounttakeoveractiontype-eventaction

notify

Determines whether Amazon Cognito sends a user a notification message when your user pools assesses a user’s session at the associated risk level.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-accounttakeoveractiontype.html#cfn-cognito-userpoolriskconfigurationattachment-accounttakeoveractiontype-notify

AccountTakeoverActionsTypeProperty

class CfnUserPoolRiskConfigurationAttachmentPropsMixin.AccountTakeoverActionsTypeProperty(*, high_action=None, low_action=None, medium_action=None)

Bases: object

A list of account-takeover actions for each level of risk that Amazon Cognito might assess with advanced security features.

Parameters:

• high_action (Union[IResolvable, AccountTakeoverActionTypeProperty, Dict[str, Any], None]) – The action that you assign to a high-risk assessment by threat protection.

• low_action (Union[IResolvable, AccountTakeoverActionTypeProperty, Dict[str, Any], None]) – The action that you assign to a low-risk assessment by threat protection.

• medium_action (Union[IResolvable, AccountTakeoverActionTypeProperty, Dict[str, Any], None]) – The action that you assign to a medium-risk assessment by threat protection.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-accounttakeoveractionstype.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_cognito import mixins as cognito_mixins

account_takeover_actions_type_property = cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.AccountTakeoverActionsTypeProperty(
    high_action=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.AccountTakeoverActionTypeProperty(
        event_action="eventAction",
        notify=False
    ),
    low_action=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.AccountTakeoverActionTypeProperty(
        event_action="eventAction",
        notify=False
    ),
    medium_action=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.AccountTakeoverActionTypeProperty(
        event_action="eventAction",
        notify=False
    )
)

Attributes

high_action

The action that you assign to a high-risk assessment by threat protection.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-accounttakeoveractionstype.html#cfn-cognito-userpoolriskconfigurationattachment-accounttakeoveractionstype-highaction

low_action

The action that you assign to a low-risk assessment by threat protection.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-accounttakeoveractionstype.html#cfn-cognito-userpoolriskconfigurationattachment-accounttakeoveractionstype-lowaction

medium_action

The action that you assign to a medium-risk assessment by threat protection.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-accounttakeoveractionstype.html#cfn-cognito-userpoolriskconfigurationattachment-accounttakeoveractionstype-mediumaction

AccountTakeoverRiskConfigurationTypeProperty

class CfnUserPoolRiskConfigurationAttachmentPropsMixin.AccountTakeoverRiskConfigurationTypeProperty(*, actions=None, notify_configuration=None)

Bases: object

The settings for automated responses and notification templates for adaptive authentication with advanced security features.

Parameters:

• actions (Union[IResolvable, AccountTakeoverActionsTypeProperty, Dict[str, Any], None]) – A list of account-takeover actions for each level of risk that Amazon Cognito might assess with threat protection.

• notify_configuration (Union[IResolvable, NotifyConfigurationTypeProperty, Dict[str, Any], None]) – The settings for composing and sending an email message when threat protection assesses a risk level with adaptive authentication. When you choose to notify users in AccountTakeoverRiskConfiguration , Amazon Cognito sends an email message using the method and template that you set with this data type.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-accounttakeoverriskconfigurationtype.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_cognito import mixins as cognito_mixins

account_takeover_risk_configuration_type_property = cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.AccountTakeoverRiskConfigurationTypeProperty(
    actions=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.AccountTakeoverActionsTypeProperty(
        high_action=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.AccountTakeoverActionTypeProperty(
            event_action="eventAction",
            notify=False
        ),
        low_action=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.AccountTakeoverActionTypeProperty(
            event_action="eventAction",
            notify=False
        ),
        medium_action=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.AccountTakeoverActionTypeProperty(
            event_action="eventAction",
            notify=False
        )
    ),
    notify_configuration=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.NotifyConfigurationTypeProperty(
        block_email=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.NotifyEmailTypeProperty(
            html_body="htmlBody",
            subject="subject",
            text_body="textBody"
        ),
        from="from",
        mfa_email=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.NotifyEmailTypeProperty(
            html_body="htmlBody",
            subject="subject",
            text_body="textBody"
        ),
        no_action_email=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.NotifyEmailTypeProperty(
            html_body="htmlBody",
            subject="subject",
            text_body="textBody"
        ),
        reply_to="replyTo",
        source_arn="sourceArn"
    )
)

Attributes

actions

A list of account-takeover actions for each level of risk that Amazon Cognito might assess with threat protection.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-accounttakeoverriskconfigurationtype.html#cfn-cognito-userpoolriskconfigurationattachment-accounttakeoverriskconfigurationtype-actions

notify_configuration

The settings for composing and sending an email message when threat protection assesses a risk level with adaptive authentication.

When you choose to notify users in AccountTakeoverRiskConfiguration , Amazon Cognito sends an email message using the method and template that you set with this data type.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-accounttakeoverriskconfigurationtype.html#cfn-cognito-userpoolriskconfigurationattachment-accounttakeoverriskconfigurationtype-notifyconfiguration

CompromisedCredentialsActionsTypeProperty

class CfnUserPoolRiskConfigurationAttachmentPropsMixin.CompromisedCredentialsActionsTypeProperty(*, event_action=None)

Bases: object

Settings for user pool actions when Amazon Cognito detects compromised credentials with advanced security features in full-function ENFORCED mode.

Parameters:

event_action (Optional[str]) – The action that Amazon Cognito takes when it detects compromised credentials.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-compromisedcredentialsactionstype.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_cognito import mixins as cognito_mixins

compromised_credentials_actions_type_property = cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.CompromisedCredentialsActionsTypeProperty(
    event_action="eventAction"
)

Attributes

event_action

The action that Amazon Cognito takes when it detects compromised credentials.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-compromisedcredentialsactionstype.html#cfn-cognito-userpoolriskconfigurationattachment-compromisedcredentialsactionstype-eventaction

CompromisedCredentialsRiskConfigurationTypeProperty

class CfnUserPoolRiskConfigurationAttachmentPropsMixin.CompromisedCredentialsRiskConfigurationTypeProperty(*, actions=None, event_filter=None)

Bases: object

Settings for compromised-credentials actions and authentication-event sources with advanced security features in full-function ENFORCED mode.

Parameters:

• actions (Union[IResolvable, CompromisedCredentialsActionsTypeProperty, Dict[str, Any], None]) – Settings for the actions that you want your user pool to take when Amazon Cognito detects compromised credentials.

• event_filter (Optional[Sequence[str]]) – Settings for the sign-in activity where you want to configure compromised-credentials actions. Defaults to all events.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-compromisedcredentialsriskconfigurationtype.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_cognito import mixins as cognito_mixins

compromised_credentials_risk_configuration_type_property = cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.CompromisedCredentialsRiskConfigurationTypeProperty(
    actions=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.CompromisedCredentialsActionsTypeProperty(
        event_action="eventAction"
    ),
    event_filter=["eventFilter"]
)

Attributes

actions

Settings for the actions that you want your user pool to take when Amazon Cognito detects compromised credentials.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-compromisedcredentialsriskconfigurationtype.html#cfn-cognito-userpoolriskconfigurationattachment-compromisedcredentialsriskconfigurationtype-actions

event_filter

Settings for the sign-in activity where you want to configure compromised-credentials actions.

Defaults to all events.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-compromisedcredentialsriskconfigurationtype.html#cfn-cognito-userpoolriskconfigurationattachment-compromisedcredentialsriskconfigurationtype-eventfilter

NotifyConfigurationTypeProperty

class CfnUserPoolRiskConfigurationAttachmentPropsMixin.NotifyConfigurationTypeProperty(*, block_email=None, from_=None, mfa_email=None, no_action_email=None, reply_to=None, source_arn=None)

Bases: object

The configuration for Amazon SES email messages that advanced security features sends to a user when your adaptive authentication automated response has a Notify action.

Parameters:

• block_email (Union[IResolvable, NotifyEmailTypeProperty, Dict[str, Any], None]) – The template for the email message that your user pool sends when a detected risk event is blocked.

• from – The email address that sends the email message. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.

• mfa_email (Union[IResolvable, NotifyEmailTypeProperty, Dict[str, Any], None]) – The template for the email message that your user pool sends when MFA is challenged in response to a detected risk.

• no_action_email (Union[IResolvable, NotifyEmailTypeProperty, Dict[str, Any], None]) – The template for the email message that your user pool sends when no action is taken in response to a detected risk.

• reply_to (Optional[str]) – The reply-to email address of an email template. Can be an email address in the format admin@example.com or Administrator <admin@example.com> .

• source_arn (Optional[str]) – The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the From parameter.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_cognito import mixins as cognito_mixins

notify_configuration_type_property = cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.NotifyConfigurationTypeProperty(
    block_email=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.NotifyEmailTypeProperty(
        html_body="htmlBody",
        subject="subject",
        text_body="textBody"
    ),
    from="from",
    mfa_email=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.NotifyEmailTypeProperty(
        html_body="htmlBody",
        subject="subject",
        text_body="textBody"
    ),
    no_action_email=cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.NotifyEmailTypeProperty(
        html_body="htmlBody",
        subject="subject",
        text_body="textBody"
    ),
    reply_to="replyTo",
    source_arn="sourceArn"
)

Attributes

block_email

The template for the email message that your user pool sends when a detected risk event is blocked.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype.html#cfn-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype-blockemail

from_

The email address that sends the email message.

The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype.html#cfn-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype-from

mfa_email

The template for the email message that your user pool sends when MFA is challenged in response to a detected risk.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype.html#cfn-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype-mfaemail

no_action_email

The template for the email message that your user pool sends when no action is taken in response to a detected risk.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype.html#cfn-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype-noactionemail

reply_to

The reply-to email address of an email template.

Can be an email address in the format admin@example.com or Administrator <admin@example.com> .

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype.html#cfn-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype-replyto

source_arn

The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy.

This identity permits Amazon Cognito to send for the email address specified in the From parameter.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype.html#cfn-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype-sourcearn

NotifyEmailTypeProperty

class CfnUserPoolRiskConfigurationAttachmentPropsMixin.NotifyEmailTypeProperty(*, html_body=None, subject=None, text_body=None)

Bases: object

The template for email messages that advanced security features sends to a user when your threat protection automated response has a Notify action.

Parameters:

• html_body (Optional[str]) – The body of an email notification formatted in HTML. Choose an HtmlBody or a TextBody to send an HTML-formatted or plaintext message, respectively.

• subject (Optional[str]) – The subject of the threat protection email notification.

• text_body (Optional[str]) – The body of an email notification formatted in plaintext. Choose an HtmlBody or a TextBody to send an HTML-formatted or plaintext message, respectively.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-notifyemailtype.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_cognito import mixins as cognito_mixins

notify_email_type_property = cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.NotifyEmailTypeProperty(
    html_body="htmlBody",
    subject="subject",
    text_body="textBody"
)

Attributes

html_body

The body of an email notification formatted in HTML.

Choose an HtmlBody or a TextBody to send an HTML-formatted or plaintext message, respectively.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-notifyemailtype.html#cfn-cognito-userpoolriskconfigurationattachment-notifyemailtype-htmlbody

subject

The subject of the threat protection email notification.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-notifyemailtype.html#cfn-cognito-userpoolriskconfigurationattachment-notifyemailtype-subject

text_body

The body of an email notification formatted in plaintext.

Choose an HtmlBody or a TextBody to send an HTML-formatted or plaintext message, respectively.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-notifyemailtype.html#cfn-cognito-userpoolriskconfigurationattachment-notifyemailtype-textbody

RiskExceptionConfigurationTypeProperty

class CfnUserPoolRiskConfigurationAttachmentPropsMixin.RiskExceptionConfigurationTypeProperty(*, blocked_ip_range_list=None, skipped_ip_range_list=None)

Bases: object

Exceptions to the risk evaluation configuration, including always-allow and always-block IP address ranges.

Parameters:

• blocked_ip_range_list (Optional[Sequence[str]]) – An always-block IP address list. Overrides the risk decision and always blocks authentication requests. This parameter is displayed and set in CIDR notation.

• skipped_ip_range_list (Optional[Sequence[str]]) – An always-allow IP address list. Risk detection isn’t performed on the IP addresses in this range list. This parameter is displayed and set in CIDR notation.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-riskexceptionconfigurationtype.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk.mixins_preview.aws_cognito import mixins as cognito_mixins

risk_exception_configuration_type_property = cognito_mixins.CfnUserPoolRiskConfigurationAttachmentPropsMixin.RiskExceptionConfigurationTypeProperty(
    blocked_ip_range_list=["blockedIpRangeList"],
    skipped_ip_range_list=["skippedIpRangeList"]
)

Attributes

blocked_ip_range_list

An always-block IP address list.

Overrides the risk decision and always blocks authentication requests. This parameter is displayed and set in CIDR notation.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-riskexceptionconfigurationtype.html#cfn-cognito-userpoolriskconfigurationattachment-riskexceptionconfigurationtype-blockediprangelist

skipped_ip_range_list

An always-allow IP address list.

Risk detection isn’t performed on the IP addresses in this range list. This parameter is displayed and set in CIDR notation.

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-riskexceptionconfigurationtype.html#cfn-cognito-userpoolriskconfigurationattachment-riskexceptionconfigurationtype-skippediprangelist