cognitoidentityprovider_set_risk_configuration: Configures actions on detected risks

Description Usage Arguments Details Request syntax

View source: R/cognitoidentityprovider_operations.R

Description

Configures actions on detected risks. To delete the risk configuration for UserPoolId or ClientId, pass null values for all four configuration types.

Usage

1
2
3
cognitoidentityprovider_set_risk_configuration(UserPoolId, ClientId,
  CompromisedCredentialsRiskConfiguration,
  AccountTakeoverRiskConfiguration, RiskExceptionConfiguration)

Arguments

UserPoolId

[required] The user pool ID.

ClientId

The app client ID. If ClientId is null, then the risk configuration is mapped to userPoolId. When the client ID is null, the same risk configuration is applied to all the clients in the userPool.

Otherwise, ClientId is mapped to the client. When the client ID is not null, the user pool configuration is overridden and the risk configuration for the client is used instead.

CompromisedCredentialsRiskConfiguration

The compromised credentials risk configuration.

AccountTakeoverRiskConfiguration

The account takeover risk configuration.

RiskExceptionConfiguration

The configuration to override the risk decision.

Details

To enable Amazon Cognito advanced security features, update the user pool to include the UserPoolAddOns keyAdvancedSecurityMode.

See .

Request syntax

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
svc$set_risk_configuration(
  UserPoolId = "string",
  ClientId = "string",
  CompromisedCredentialsRiskConfiguration = list(
    EventFilter = list(
      "SIGN_IN"|"PASSWORD_CHANGE"|"SIGN_UP"
    ),
    Actions = list(
      EventAction = "BLOCK"|"NO_ACTION"
    )
  ),
  AccountTakeoverRiskConfiguration = list(
    NotifyConfiguration = list(
      From = "string",
      ReplyTo = "string",
      SourceArn = "string",
      BlockEmail = list(
        Subject = "string",
        HtmlBody = "string",
        TextBody = "string"
      ),
      NoActionEmail = list(
        Subject = "string",
        HtmlBody = "string",
        TextBody = "string"
      ),
      MfaEmail = list(
        Subject = "string",
        HtmlBody = "string",
        TextBody = "string"
      )
    ),
    Actions = list(
      LowAction = list(
        Notify = TRUE|FALSE,
        EventAction = "BLOCK"|"MFA_IF_CONFIGURED"|"MFA_REQUIRED"|"NO_ACTION"
      ),
      MediumAction = list(
        Notify = TRUE|FALSE,
        EventAction = "BLOCK"|"MFA_IF_CONFIGURED"|"MFA_REQUIRED"|"NO_ACTION"
      ),
      HighAction = list(
        Notify = TRUE|FALSE,
        EventAction = "BLOCK"|"MFA_IF_CONFIGURED"|"MFA_REQUIRED"|"NO_ACTION"
      )
    )
  ),
  RiskExceptionConfiguration = list(
    BlockedIPRangeList = list(
      "string"
    ),
    SkippedIPRangeList = list(
      "string"
    )
  )
)

paws.security.identity documentation built on Oct. 30, 2019, 11:26 a.m.