Docs Home Pulumi IaC Pulumi ESC Pulumi Insights Pulumi Cloud Packages Tutorials
  1. Packages
  2. AWS Cloud Control
  3. API Docs
  4. cognito
  5. UserPoolRiskConfigurationAttachment

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.26.0 published on Wednesday, Mar 12, 2025 by Pulumi
pulumi/pulumi-aws-native

aws-native.cognito.UserPoolRiskConfigurationAttachment

Explore with Pulumi AI

aws-native logo

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.26.0 published on Wednesday, Mar 12, 2025 by Pulumi
pulumi/pulumi-aws-native

    Resource Type definition for AWS::Cognito::UserPoolRiskConfigurationAttachment

    Create UserPoolRiskConfigurationAttachment Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new UserPoolRiskConfigurationAttachment(name: string, args: UserPoolRiskConfigurationAttachmentArgs, opts?: CustomResourceOptions);
    @overload
def UserPoolRiskConfigurationAttachment(resource_name: str,
                                        args: UserPoolRiskConfigurationAttachmentArgs,
                                        opts: Optional[ResourceOptions] = None)

@overload
def UserPoolRiskConfigurationAttachment(resource_name: str,
                                        opts: Optional[ResourceOptions] = None,
                                        client_id: Optional[str] = None,
                                        user_pool_id: Optional[str] = None,
                                        account_takeover_risk_configuration: Optional[UserPoolRiskConfigurationAttachmentAccountTakeoverRiskConfigurationTypeArgs] = None,
                                        compromised_credentials_risk_configuration: Optional[UserPoolRiskConfigurationAttachmentCompromisedCredentialsRiskConfigurationTypeArgs] = None,
                                        risk_exception_configuration: Optional[UserPoolRiskConfigurationAttachmentRiskExceptionConfigurationTypeArgs] = None)
    func NewUserPoolRiskConfigurationAttachment(ctx *Context, name string, args UserPoolRiskConfigurationAttachmentArgs, opts ...ResourceOption) (*UserPoolRiskConfigurationAttachment, error)
    public UserPoolRiskConfigurationAttachment(string name, UserPoolRiskConfigurationAttachmentArgs args, CustomResourceOptions? opts = null)
    public UserPoolRiskConfigurationAttachment(String name, UserPoolRiskConfigurationAttachmentArgs args)
public UserPoolRiskConfigurationAttachment(String name, UserPoolRiskConfigurationAttachmentArgs args, CustomResourceOptions options)

    type: aws-native:cognito:UserPoolRiskConfigurationAttachment
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

    Parameters

    name string
    The unique name of the resource.
    args UserPoolRiskConfigurationAttachmentArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args UserPoolRiskConfigurationAttachmentArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args UserPoolRiskConfigurationAttachmentArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args UserPoolRiskConfigurationAttachmentArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args UserPoolRiskConfigurationAttachmentArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    UserPoolRiskConfigurationAttachment Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The UserPoolRiskConfigurationAttachment resource accepts the following input properties:

    ClientId string
    The app client where this configuration is applied. When this parameter isn't present, the risk configuration applies to all user pool app clients that don't have client-level settings.
    UserPoolId string
    The ID of the user pool that has the risk configuration applied.
    AccountTakeoverRiskConfiguration Pulumi.AwsNative.Cognito.Inputs.UserPoolRiskConfigurationAttachmentAccountTakeoverRiskConfigurationType
    The settings for automated responses and notification templates for adaptive authentication with threat protection.
    CompromisedCredentialsRiskConfiguration Pulumi.AwsNative.Cognito.Inputs.UserPoolRiskConfigurationAttachmentCompromisedCredentialsRiskConfigurationType
    Settings for compromised-credentials actions and authentication types with threat protection in full-function ENFORCED mode.
    RiskExceptionConfiguration Pulumi.AwsNative.Cognito.Inputs.UserPoolRiskConfigurationAttachmentRiskExceptionConfigurationType
    Exceptions to the risk evaluation configuration, including always-allow and always-block IP address ranges.
    ClientId string
    The app client where this configuration is applied. When this parameter isn't present, the risk configuration applies to all user pool app clients that don't have client-level settings.
    UserPoolId string
    The ID of the user pool that has the risk configuration applied.
    AccountTakeoverRiskConfiguration UserPoolRiskConfigurationAttachmentAccountTakeoverRiskConfigurationTypeArgs
    The settings for automated responses and notification templates for adaptive authentication with threat protection.
    CompromisedCredentialsRiskConfiguration UserPoolRiskConfigurationAttachmentCompromisedCredentialsRiskConfigurationTypeArgs
    Settings for compromised-credentials actions and authentication types with threat protection in full-function ENFORCED mode.
    RiskExceptionConfiguration UserPoolRiskConfigurationAttachmentRiskExceptionConfigurationTypeArgs
    Exceptions to the risk evaluation configuration, including always-allow and always-block IP address ranges.
    clientId String
    The app client where this configuration is applied. When this parameter isn't present, the risk configuration applies to all user pool app clients that don't have client-level settings.
    userPoolId String
    The ID of the user pool that has the risk configuration applied.
    accountTakeoverRiskConfiguration UserPoolRiskConfigurationAttachmentAccountTakeoverRiskConfigurationType
    The settings for automated responses and notification templates for adaptive authentication with threat protection.
    compromisedCredentialsRiskConfiguration UserPoolRiskConfigurationAttachmentCompromisedCredentialsRiskConfigurationType
    Settings for compromised-credentials actions and authentication types with threat protection in full-function ENFORCED mode.
    riskExceptionConfiguration UserPoolRiskConfigurationAttachmentRiskExceptionConfigurationType
    Exceptions to the risk evaluation configuration, including always-allow and always-block IP address ranges.
    clientId string
    The app client where this configuration is applied. When this parameter isn't present, the risk configuration applies to all user pool app clients that don't have client-level settings.
    userPoolId string
    The ID of the user pool that has the risk configuration applied.
    accountTakeoverRiskConfiguration UserPoolRiskConfigurationAttachmentAccountTakeoverRiskConfigurationType
    The settings for automated responses and notification templates for adaptive authentication with threat protection.
    compromisedCredentialsRiskConfiguration UserPoolRiskConfigurationAttachmentCompromisedCredentialsRiskConfigurationType
    Settings for compromised-credentials actions and authentication types with threat protection in full-function ENFORCED mode.
    riskExceptionConfiguration UserPoolRiskConfigurationAttachmentRiskExceptionConfigurationType
    Exceptions to the risk evaluation configuration, including always-allow and always-block IP address ranges.
    client_id str
    The app client where this configuration is applied. When this parameter isn't present, the risk configuration applies to all user pool app clients that don't have client-level settings.
    user_pool_id str
    The ID of the user pool that has the risk configuration applied.
    account_takeover_risk_configuration UserPoolRiskConfigurationAttachmentAccountTakeoverRiskConfigurationTypeArgs
    The settings for automated responses and notification templates for adaptive authentication with threat protection.
    compromised_credentials_risk_configuration UserPoolRiskConfigurationAttachmentCompromisedCredentialsRiskConfigurationTypeArgs
    Settings for compromised-credentials actions and authentication types with threat protection in full-function ENFORCED mode.
    risk_exception_configuration UserPoolRiskConfigurationAttachmentRiskExceptionConfigurationTypeArgs
    Exceptions to the risk evaluation configuration, including always-allow and always-block IP address ranges.
    clientId String
    The app client where this configuration is applied. When this parameter isn't present, the risk configuration applies to all user pool app clients that don't have client-level settings.
    userPoolId String
    The ID of the user pool that has the risk configuration applied.
    accountTakeoverRiskConfiguration Property Map
    The settings for automated responses and notification templates for adaptive authentication with threat protection.
    compromisedCredentialsRiskConfiguration Property Map
    Settings for compromised-credentials actions and authentication types with threat protection in full-function ENFORCED mode.
    riskExceptionConfiguration Property Map
    Exceptions to the risk evaluation configuration, including always-allow and always-block IP address ranges.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the UserPoolRiskConfigurationAttachment resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Supporting Types

    UserPoolRiskConfigurationAttachmentAccountTakeoverActionType, UserPoolRiskConfigurationAttachmentAccountTakeoverActionTypeArgs

    EventAction string
    The action to take for the attempted account takeover action for the associated risk level. Valid values are as follows:

    • BLOCK : Block the request.
    • MFA_IF_CONFIGURED : Present an MFA challenge if possible. MFA is possible if the user pool has active MFA methods that the user can set up. For example, if the user pool only supports SMS message MFA but the user doesn't have a phone number attribute, MFA setup isn't possible. If MFA setup isn't possible, allow the request.
    • MFA_REQUIRED : Present an MFA challenge if possible. Block the request if a user hasn't set up MFA. To sign in with required MFA, users must have an email address or phone number attribute, or a registered TOTP factor.
    • NO_ACTION : Take no action. Permit sign-in.
    Notify bool
    Determines whether Amazon Cognito sends a user a notification message when your user pools assesses a user's session at the associated risk level.
    EventAction string
    The action to take for the attempted account takeover action for the associated risk level. Valid values are as follows:

    • BLOCK : Block the request.
    • MFA_IF_CONFIGURED : Present an MFA challenge if possible. MFA is possible if the user pool has active MFA methods that the user can set up. For example, if the user pool only supports SMS message MFA but the user doesn't have a phone number attribute, MFA setup isn't possible. If MFA setup isn't possible, allow the request.
    • MFA_REQUIRED : Present an MFA challenge if possible. Block the request if a user hasn't set up MFA. To sign in with required MFA, users must have an email address or phone number attribute, or a registered TOTP factor.
    • NO_ACTION : Take no action. Permit sign-in.
    Notify bool
    Determines whether Amazon Cognito sends a user a notification message when your user pools assesses a user's session at the associated risk level.
    eventAction String
    The action to take for the attempted account takeover action for the associated risk level. Valid values are as follows:

    • BLOCK : Block the request.
    • MFA_IF_CONFIGURED : Present an MFA challenge if possible. MFA is possible if the user pool has active MFA methods that the user can set up. For example, if the user pool only supports SMS message MFA but the user doesn't have a phone number attribute, MFA setup isn't possible. If MFA setup isn't possible, allow the request.
    • MFA_REQUIRED : Present an MFA challenge if possible. Block the request if a user hasn't set up MFA. To sign in with required MFA, users must have an email address or phone number attribute, or a registered TOTP factor.
    • NO_ACTION : Take no action. Permit sign-in.
    notify_ Boolean
    Determines whether Amazon Cognito sends a user a notification message when your user pools assesses a user's session at the associated risk level.
    eventAction string
    The action to take for the attempted account takeover action for the associated risk level. Valid values are as follows:

    • BLOCK : Block the request.
    • MFA_IF_CONFIGURED : Present an MFA challenge if possible. MFA is possible if the user pool has active MFA methods that the user can set up. For example, if the user pool only supports SMS message MFA but the user doesn't have a phone number attribute, MFA setup isn't possible. If MFA setup isn't possible, allow the request.
    • MFA_REQUIRED : Present an MFA challenge if possible. Block the request if a user hasn't set up MFA. To sign in with required MFA, users must have an email address or phone number attribute, or a registered TOTP factor.
    • NO_ACTION : Take no action. Permit sign-in.
    notify boolean
    Determines whether Amazon Cognito sends a user a notification message when your user pools assesses a user's session at the associated risk level.
    event_action str
    The action to take for the attempted account takeover action for the associated risk level. Valid values are as follows:

    • BLOCK : Block the request.
    • MFA_IF_CONFIGURED : Present an MFA challenge if possible. MFA is possible if the user pool has active MFA methods that the user can set up. For example, if the user pool only supports SMS message MFA but the user doesn't have a phone number attribute, MFA setup isn't possible. If MFA setup isn't possible, allow the request.
    • MFA_REQUIRED : Present an MFA challenge if possible. Block the request if a user hasn't set up MFA. To sign in with required MFA, users must have an email address or phone number attribute, or a registered TOTP factor.
    • NO_ACTION : Take no action. Permit sign-in.
    notify bool
    Determines whether Amazon Cognito sends a user a notification message when your user pools assesses a user's session at the associated risk level.
    eventAction String
    The action to take for the attempted account takeover action for the associated risk level. Valid values are as follows:

    • BLOCK : Block the request.
    • MFA_IF_CONFIGURED : Present an MFA challenge if possible. MFA is possible if the user pool has active MFA methods that the user can set up. For example, if the user pool only supports SMS message MFA but the user doesn't have a phone number attribute, MFA setup isn't possible. If MFA setup isn't possible, allow the request.
    • MFA_REQUIRED : Present an MFA challenge if possible. Block the request if a user hasn't set up MFA. To sign in with required MFA, users must have an email address or phone number attribute, or a registered TOTP factor.
    • NO_ACTION : Take no action. Permit sign-in.
    notify Boolean
    Determines whether Amazon Cognito sends a user a notification message when your user pools assesses a user's session at the associated risk level.

    UserPoolRiskConfigurationAttachmentAccountTakeoverActionsType, UserPoolRiskConfigurationAttachmentAccountTakeoverActionsTypeArgs

    HighAction Pulumi.AwsNative.Cognito.Inputs.UserPoolRiskConfigurationAttachmentAccountTakeoverActionType
    The action that you assign to a high-risk assessment by threat protection.
    LowAction Pulumi.AwsNative.Cognito.Inputs.UserPoolRiskConfigurationAttachmentAccountTakeoverActionType
    The action that you assign to a low-risk assessment by threat protection.
    MediumAction Pulumi.AwsNative.Cognito.Inputs.UserPoolRiskConfigurationAttachmentAccountTakeoverActionType
    The action that you assign to a medium-risk assessment by threat protection.
    HighAction UserPoolRiskConfigurationAttachmentAccountTakeoverActionType
    The action that you assign to a high-risk assessment by threat protection.
    LowAction UserPoolRiskConfigurationAttachmentAccountTakeoverActionType
    The action that you assign to a low-risk assessment by threat protection.
    MediumAction UserPoolRiskConfigurationAttachmentAccountTakeoverActionType
    The action that you assign to a medium-risk assessment by threat protection.
    highAction UserPoolRiskConfigurationAttachmentAccountTakeoverActionType
    The action that you assign to a high-risk assessment by threat protection.
    lowAction UserPoolRiskConfigurationAttachmentAccountTakeoverActionType
    The action that you assign to a low-risk assessment by threat protection.
    mediumAction UserPoolRiskConfigurationAttachmentAccountTakeoverActionType
    The action that you assign to a medium-risk assessment by threat protection.
    highAction UserPoolRiskConfigurationAttachmentAccountTakeoverActionType
    The action that you assign to a high-risk assessment by threat protection.
    lowAction UserPoolRiskConfigurationAttachmentAccountTakeoverActionType
    The action that you assign to a low-risk assessment by threat protection.
    mediumAction UserPoolRiskConfigurationAttachmentAccountTakeoverActionType
    The action that you assign to a medium-risk assessment by threat protection.
    high_action UserPoolRiskConfigurationAttachmentAccountTakeoverActionType
    The action that you assign to a high-risk assessment by threat protection.
    low_action UserPoolRiskConfigurationAttachmentAccountTakeoverActionType
    The action that you assign to a low-risk assessment by threat protection.
    medium_action UserPoolRiskConfigurationAttachmentAccountTakeoverActionType
    The action that you assign to a medium-risk assessment by threat protection.
    highAction Property Map
    The action that you assign to a high-risk assessment by threat protection.
    lowAction Property Map
    The action that you assign to a low-risk assessment by threat protection.
    mediumAction Property Map
    The action that you assign to a medium-risk assessment by threat protection.

    UserPoolRiskConfigurationAttachmentAccountTakeoverRiskConfigurationType, UserPoolRiskConfigurationAttachmentAccountTakeoverRiskConfigurationTypeArgs

    Actions Pulumi.AwsNative.Cognito.Inputs.UserPoolRiskConfigurationAttachmentAccountTakeoverActionsType
    A list of account-takeover actions for each level of risk that Amazon Cognito might assess with threat protection.
    NotifyConfiguration Pulumi.AwsNative.Cognito.Inputs.UserPoolRiskConfigurationAttachmentNotifyConfigurationType
    The settings for composing and sending an email message when threat protection assesses a risk level with adaptive authentication. When you choose to notify users in AccountTakeoverRiskConfiguration , Amazon Cognito sends an email message using the method and template that you set with this data type.
    Actions UserPoolRiskConfigurationAttachmentAccountTakeoverActionsType
    A list of account-takeover actions for each level of risk that Amazon Cognito might assess with threat protection.
    NotifyConfiguration UserPoolRiskConfigurationAttachmentNotifyConfigurationType
    The settings for composing and sending an email message when threat protection assesses a risk level with adaptive authentication. When you choose to notify users in AccountTakeoverRiskConfiguration , Amazon Cognito sends an email message using the method and template that you set with this data type.
    actions UserPoolRiskConfigurationAttachmentAccountTakeoverActionsType
    A list of account-takeover actions for each level of risk that Amazon Cognito might assess with threat protection.
    notifyConfiguration UserPoolRiskConfigurationAttachmentNotifyConfigurationType
    The settings for composing and sending an email message when threat protection assesses a risk level with adaptive authentication. When you choose to notify users in AccountTakeoverRiskConfiguration , Amazon Cognito sends an email message using the method and template that you set with this data type.
    actions UserPoolRiskConfigurationAttachmentAccountTakeoverActionsType
    A list of account-takeover actions for each level of risk that Amazon Cognito might assess with threat protection.
    notifyConfiguration UserPoolRiskConfigurationAttachmentNotifyConfigurationType
    The settings for composing and sending an email message when threat protection assesses a risk level with adaptive authentication. When you choose to notify users in AccountTakeoverRiskConfiguration , Amazon Cognito sends an email message using the method and template that you set with this data type.
    actions UserPoolRiskConfigurationAttachmentAccountTakeoverActionsType
    A list of account-takeover actions for each level of risk that Amazon Cognito might assess with threat protection.
    notify_configuration UserPoolRiskConfigurationAttachmentNotifyConfigurationType
    The settings for composing and sending an email message when threat protection assesses a risk level with adaptive authentication. When you choose to notify users in AccountTakeoverRiskConfiguration , Amazon Cognito sends an email message using the method and template that you set with this data type.
    actions Property Map
    A list of account-takeover actions for each level of risk that Amazon Cognito might assess with threat protection.
    notifyConfiguration Property Map
    The settings for composing and sending an email message when threat protection assesses a risk level with adaptive authentication. When you choose to notify users in AccountTakeoverRiskConfiguration , Amazon Cognito sends an email message using the method and template that you set with this data type.

    UserPoolRiskConfigurationAttachmentCompromisedCredentialsActionsType, UserPoolRiskConfigurationAttachmentCompromisedCredentialsActionsTypeArgs

    EventAction string
    The action that Amazon Cognito takes when it detects compromised credentials.
    EventAction string
    The action that Amazon Cognito takes when it detects compromised credentials.
    eventAction String
    The action that Amazon Cognito takes when it detects compromised credentials.
    eventAction string
    The action that Amazon Cognito takes when it detects compromised credentials.
    event_action str
    The action that Amazon Cognito takes when it detects compromised credentials.
    eventAction String
    The action that Amazon Cognito takes when it detects compromised credentials.

    UserPoolRiskConfigurationAttachmentCompromisedCredentialsRiskConfigurationType, UserPoolRiskConfigurationAttachmentCompromisedCredentialsRiskConfigurationTypeArgs

    Actions Pulumi.AwsNative.Cognito.Inputs.UserPoolRiskConfigurationAttachmentCompromisedCredentialsActionsType
    Settings for the actions that you want your user pool to take when Amazon Cognito detects compromised credentials.
    EventFilter List<string>
    Settings for the sign-in activity where you want to configure compromised-credentials actions. Defaults to all events.
    Actions UserPoolRiskConfigurationAttachmentCompromisedCredentialsActionsType
    Settings for the actions that you want your user pool to take when Amazon Cognito detects compromised credentials.
    EventFilter []string
    Settings for the sign-in activity where you want to configure compromised-credentials actions. Defaults to all events.
    actions UserPoolRiskConfigurationAttachmentCompromisedCredentialsActionsType
    Settings for the actions that you want your user pool to take when Amazon Cognito detects compromised credentials.
    eventFilter List<String>
    Settings for the sign-in activity where you want to configure compromised-credentials actions. Defaults to all events.
    actions UserPoolRiskConfigurationAttachmentCompromisedCredentialsActionsType
    Settings for the actions that you want your user pool to take when Amazon Cognito detects compromised credentials.
    eventFilter string[]
    Settings for the sign-in activity where you want to configure compromised-credentials actions. Defaults to all events.
    actions UserPoolRiskConfigurationAttachmentCompromisedCredentialsActionsType
    Settings for the actions that you want your user pool to take when Amazon Cognito detects compromised credentials.
    event_filter Sequence[str]
    Settings for the sign-in activity where you want to configure compromised-credentials actions. Defaults to all events.
    actions Property Map
    Settings for the actions that you want your user pool to take when Amazon Cognito detects compromised credentials.
    eventFilter List<String>
    Settings for the sign-in activity where you want to configure compromised-credentials actions. Defaults to all events.

    UserPoolRiskConfigurationAttachmentNotifyConfigurationType, UserPoolRiskConfigurationAttachmentNotifyConfigurationTypeArgs

    SourceArn string
    The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the From parameter.
    BlockEmail Pulumi.AwsNative.Cognito.Inputs.UserPoolRiskConfigurationAttachmentNotifyEmailType
    The template for the email message that your user pool sends when a detected risk event is blocked.
    From string
    The email address that sends the email message. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.
    MfaEmail Pulumi.AwsNative.Cognito.Inputs.UserPoolRiskConfigurationAttachmentNotifyEmailType
    The template for the email message that your user pool sends when MFA is challenged in response to a detected risk.
    NoActionEmail Pulumi.AwsNative.Cognito.Inputs.UserPoolRiskConfigurationAttachmentNotifyEmailType
    The template for the email message that your user pool sends when no action is taken in response to a detected risk.
    ReplyTo string
    The reply-to email address of an email template.
    SourceArn string
    The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the From parameter.
    BlockEmail UserPoolRiskConfigurationAttachmentNotifyEmailType
    The template for the email message that your user pool sends when a detected risk event is blocked.
    From string
    The email address that sends the email message. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.
    MfaEmail UserPoolRiskConfigurationAttachmentNotifyEmailType
    The template for the email message that your user pool sends when MFA is challenged in response to a detected risk.
    NoActionEmail UserPoolRiskConfigurationAttachmentNotifyEmailType
    The template for the email message that your user pool sends when no action is taken in response to a detected risk.
    ReplyTo string
    The reply-to email address of an email template.
    sourceArn String
    The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the From parameter.
    blockEmail UserPoolRiskConfigurationAttachmentNotifyEmailType
    The template for the email message that your user pool sends when a detected risk event is blocked.
    from String
    The email address that sends the email message. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.
    mfaEmail UserPoolRiskConfigurationAttachmentNotifyEmailType
    The template for the email message that your user pool sends when MFA is challenged in response to a detected risk.
    noActionEmail UserPoolRiskConfigurationAttachmentNotifyEmailType
    The template for the email message that your user pool sends when no action is taken in response to a detected risk.
    replyTo String
    The reply-to email address of an email template.
    sourceArn string
    The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the From parameter.
    blockEmail UserPoolRiskConfigurationAttachmentNotifyEmailType
    The template for the email message that your user pool sends when a detected risk event is blocked.
    from string
    The email address that sends the email message. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.
    mfaEmail UserPoolRiskConfigurationAttachmentNotifyEmailType
    The template for the email message that your user pool sends when MFA is challenged in response to a detected risk.
    noActionEmail UserPoolRiskConfigurationAttachmentNotifyEmailType
    The template for the email message that your user pool sends when no action is taken in response to a detected risk.
    replyTo string
    The reply-to email address of an email template.
    source_arn str
    The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the From parameter.
    block_email UserPoolRiskConfigurationAttachmentNotifyEmailType
    The template for the email message that your user pool sends when a detected risk event is blocked.
    from_ str
    The email address that sends the email message. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.
    mfa_email UserPoolRiskConfigurationAttachmentNotifyEmailType
    The template for the email message that your user pool sends when MFA is challenged in response to a detected risk.
    no_action_email UserPoolRiskConfigurationAttachmentNotifyEmailType
    The template for the email message that your user pool sends when no action is taken in response to a detected risk.
    reply_to str
    The reply-to email address of an email template.
    sourceArn String
    The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the From parameter.
    blockEmail Property Map
    The template for the email message that your user pool sends when a detected risk event is blocked.
    from String
    The email address that sends the email message. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.
    mfaEmail Property Map
    The template for the email message that your user pool sends when MFA is challenged in response to a detected risk.
    noActionEmail Property Map
    The template for the email message that your user pool sends when no action is taken in response to a detected risk.
    replyTo String
    The reply-to email address of an email template.

    UserPoolRiskConfigurationAttachmentNotifyEmailType, UserPoolRiskConfigurationAttachmentNotifyEmailTypeArgs

    Subject string
    The subject of the threat protection email notification.
    HtmlBody string
    The body of an email notification formatted in HTML. Choose an HtmlBody or a TextBody to send an HTML-formatted or plaintext message, respectively.
    TextBody string
    The body of an email notification formatted in plaintext. Choose an HtmlBody or a TextBody to send an HTML-formatted or plaintext message, respectively.
    Subject string
    The subject of the threat protection email notification.
    HtmlBody string
    The body of an email notification formatted in HTML. Choose an HtmlBody or a TextBody to send an HTML-formatted or plaintext message, respectively.
    TextBody string
    The body of an email notification formatted in plaintext. Choose an HtmlBody or a TextBody to send an HTML-formatted or plaintext message, respectively.
    subject String
    The subject of the threat protection email notification.
    htmlBody String
    The body of an email notification formatted in HTML. Choose an HtmlBody or a TextBody to send an HTML-formatted or plaintext message, respectively.
    textBody String
    The body of an email notification formatted in plaintext. Choose an HtmlBody or a TextBody to send an HTML-formatted or plaintext message, respectively.
    subject string
    The subject of the threat protection email notification.
    htmlBody string
    The body of an email notification formatted in HTML. Choose an HtmlBody or a TextBody to send an HTML-formatted or plaintext message, respectively.
    textBody string
    The body of an email notification formatted in plaintext. Choose an HtmlBody or a TextBody to send an HTML-formatted or plaintext message, respectively.
    subject str
    The subject of the threat protection email notification.
    html_body str
    The body of an email notification formatted in HTML. Choose an HtmlBody or a TextBody to send an HTML-formatted or plaintext message, respectively.
    text_body str
    The body of an email notification formatted in plaintext. Choose an HtmlBody or a TextBody to send an HTML-formatted or plaintext message, respectively.
    subject String
    The subject of the threat protection email notification.
    htmlBody String
    The body of an email notification formatted in HTML. Choose an HtmlBody or a TextBody to send an HTML-formatted or plaintext message, respectively.
    textBody String
    The body of an email notification formatted in plaintext. Choose an HtmlBody or a TextBody to send an HTML-formatted or plaintext message, respectively.

    UserPoolRiskConfigurationAttachmentRiskExceptionConfigurationType, UserPoolRiskConfigurationAttachmentRiskExceptionConfigurationTypeArgs

    BlockedIpRangeList List<string>
    An always-block IP address list. Overrides the risk decision and always blocks authentication requests. This parameter is displayed and set in CIDR notation.
    SkippedIpRangeList List<string>
    An always-allow IP address list. Risk detection isn't performed on the IP addresses in this range list. This parameter is displayed and set in CIDR notation.
    BlockedIpRangeList []string
    An always-block IP address list. Overrides the risk decision and always blocks authentication requests. This parameter is displayed and set in CIDR notation.
    SkippedIpRangeList []string
    An always-allow IP address list. Risk detection isn't performed on the IP addresses in this range list. This parameter is displayed and set in CIDR notation.
    blockedIpRangeList List<String>
    An always-block IP address list. Overrides the risk decision and always blocks authentication requests. This parameter is displayed and set in CIDR notation.
    skippedIpRangeList List<String>
    An always-allow IP address list. Risk detection isn't performed on the IP addresses in this range list. This parameter is displayed and set in CIDR notation.
    blockedIpRangeList string[]
    An always-block IP address list. Overrides the risk decision and always blocks authentication requests. This parameter is displayed and set in CIDR notation.
    skippedIpRangeList string[]
    An always-allow IP address list. Risk detection isn't performed on the IP addresses in this range list. This parameter is displayed and set in CIDR notation.
    blocked_ip_range_list Sequence[str]
    An always-block IP address list. Overrides the risk decision and always blocks authentication requests. This parameter is displayed and set in CIDR notation.
    skipped_ip_range_list Sequence[str]
    An always-allow IP address list. Risk detection isn't performed on the IP addresses in this range list. This parameter is displayed and set in CIDR notation.
    blockedIpRangeList List<String>
    An always-block IP address list. Overrides the risk decision and always blocks authentication requests. This parameter is displayed and set in CIDR notation.
    skippedIpRangeList List<String>
    An always-allow IP address list. Risk detection isn't performed on the IP addresses in this range list. This parameter is displayed and set in CIDR notation.

    Package Details

    Repository
    AWS Native pulumi/pulumi-aws-native
    License
    Apache-2.0
    aws-native logo

    We recommend new projects start with resources from the AWS provider.

    AWS Cloud Control v1.26.0 published on Wednesday, Mar 12, 2025 by Pulumi
    pulumi/pulumi-aws-native