awscognito

package
v1.148.0-devpreview Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 10, 2022 License: Apache-2.0 Imports: 10 Imported by: 5

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CfnIdentityPoolRoleAttachment_CFN_RESOURCE_TYPE_NAME 

func CfnIdentityPoolRoleAttachment_CFN_RESOURCE_TYPE_NAME() *string

func CfnIdentityPoolRoleAttachment_IsCfnElement 

func CfnIdentityPoolRoleAttachment_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnIdentityPoolRoleAttachment_IsCfnResource 

func CfnIdentityPoolRoleAttachment_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnIdentityPoolRoleAttachment_IsConstruct 

func CfnIdentityPoolRoleAttachment_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnIdentityPool_CFN_RESOURCE_TYPE_NAME 

func CfnIdentityPool_CFN_RESOURCE_TYPE_NAME() *string

func CfnIdentityPool_IsCfnElement 

func CfnIdentityPool_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnIdentityPool_IsCfnResource 

func CfnIdentityPool_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnIdentityPool_IsConstruct 

func CfnIdentityPool_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnUserPoolClient_CFN_RESOURCE_TYPE_NAME 

func CfnUserPoolClient_CFN_RESOURCE_TYPE_NAME() *string

func CfnUserPoolClient_IsCfnElement 

func CfnUserPoolClient_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnUserPoolClient_IsCfnResource 

func CfnUserPoolClient_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnUserPoolClient_IsConstruct 

func CfnUserPoolClient_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnUserPoolDomain_CFN_RESOURCE_TYPE_NAME 

func CfnUserPoolDomain_CFN_RESOURCE_TYPE_NAME() *string

func CfnUserPoolDomain_IsCfnElement 

func CfnUserPoolDomain_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnUserPoolDomain_IsCfnResource 

func CfnUserPoolDomain_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnUserPoolDomain_IsConstruct 

func CfnUserPoolDomain_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnUserPoolGroup_CFN_RESOURCE_TYPE_NAME 

func CfnUserPoolGroup_CFN_RESOURCE_TYPE_NAME() *string

func CfnUserPoolGroup_IsCfnElement 

func CfnUserPoolGroup_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnUserPoolGroup_IsCfnResource 

func CfnUserPoolGroup_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnUserPoolGroup_IsConstruct 

func CfnUserPoolGroup_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnUserPoolIdentityProvider_CFN_RESOURCE_TYPE_NAME 

func CfnUserPoolIdentityProvider_CFN_RESOURCE_TYPE_NAME() *string

func CfnUserPoolIdentityProvider_IsCfnElement 

func CfnUserPoolIdentityProvider_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnUserPoolIdentityProvider_IsCfnResource 

func CfnUserPoolIdentityProvider_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnUserPoolIdentityProvider_IsConstruct 

func CfnUserPoolIdentityProvider_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnUserPoolResourceServer_CFN_RESOURCE_TYPE_NAME 

func CfnUserPoolResourceServer_CFN_RESOURCE_TYPE_NAME() *string

func CfnUserPoolResourceServer_IsCfnElement 

func CfnUserPoolResourceServer_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnUserPoolResourceServer_IsCfnResource 

func CfnUserPoolResourceServer_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnUserPoolResourceServer_IsConstruct 

func CfnUserPoolResourceServer_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnUserPoolRiskConfigurationAttachment_CFN_RESOURCE_TYPE_NAME 

func CfnUserPoolRiskConfigurationAttachment_CFN_RESOURCE_TYPE_NAME() *string

func CfnUserPoolRiskConfigurationAttachment_IsCfnElement 

func CfnUserPoolRiskConfigurationAttachment_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnUserPoolRiskConfigurationAttachment_IsCfnResource 

func CfnUserPoolRiskConfigurationAttachment_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnUserPoolRiskConfigurationAttachment_IsConstruct 

func CfnUserPoolRiskConfigurationAttachment_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnUserPoolUICustomizationAttachment_CFN_RESOURCE_TYPE_NAME 

func CfnUserPoolUICustomizationAttachment_CFN_RESOURCE_TYPE_NAME() *string

func CfnUserPoolUICustomizationAttachment_IsCfnElement 

func CfnUserPoolUICustomizationAttachment_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnUserPoolUICustomizationAttachment_IsCfnResource 

func CfnUserPoolUICustomizationAttachment_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnUserPoolUICustomizationAttachment_IsConstruct 

func CfnUserPoolUICustomizationAttachment_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnUserPoolUserToGroupAttachment_CFN_RESOURCE_TYPE_NAME 

func CfnUserPoolUserToGroupAttachment_CFN_RESOURCE_TYPE_NAME() *string

func CfnUserPoolUserToGroupAttachment_IsCfnElement 

func CfnUserPoolUserToGroupAttachment_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnUserPoolUserToGroupAttachment_IsCfnResource 

func CfnUserPoolUserToGroupAttachment_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnUserPoolUserToGroupAttachment_IsConstruct 

func CfnUserPoolUserToGroupAttachment_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnUserPoolUser_CFN_RESOURCE_TYPE_NAME 

func CfnUserPoolUser_CFN_RESOURCE_TYPE_NAME() *string

func CfnUserPoolUser_IsCfnElement 

func CfnUserPoolUser_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnUserPoolUser_IsCfnResource 

func CfnUserPoolUser_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnUserPoolUser_IsConstruct 

func CfnUserPoolUser_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func CfnUserPool_CFN_RESOURCE_TYPE_NAME 

func CfnUserPool_CFN_RESOURCE_TYPE_NAME() *string

func CfnUserPool_IsCfnElement 

func CfnUserPool_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.

func CfnUserPool_IsCfnResource 

func CfnUserPool_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource. Experimental.

func CfnUserPool_IsConstruct 

func CfnUserPool_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func NewBooleanAttribute_Override 

func NewBooleanAttribute_Override(b BooleanAttribute, props *CustomAttributeProps)

Experimental.

func NewCfnIdentityPoolRoleAttachment_Override 

func NewCfnIdentityPoolRoleAttachment_Override(c CfnIdentityPoolRoleAttachment, scope awscdk.Construct, id *string, props *CfnIdentityPoolRoleAttachmentProps)

Create a new `AWS::Cognito::IdentityPoolRoleAttachment`.

func NewCfnIdentityPool_Override 

func NewCfnIdentityPool_Override(c CfnIdentityPool, scope awscdk.Construct, id *string, props *CfnIdentityPoolProps)

Create a new `AWS::Cognito::IdentityPool`.

func NewCfnUserPoolClient_Override 

func NewCfnUserPoolClient_Override(c CfnUserPoolClient, scope awscdk.Construct, id *string, props *CfnUserPoolClientProps)

Create a new `AWS::Cognito::UserPoolClient`.

func NewCfnUserPoolDomain_Override 

func NewCfnUserPoolDomain_Override(c CfnUserPoolDomain, scope awscdk.Construct, id *string, props *CfnUserPoolDomainProps)

Create a new `AWS::Cognito::UserPoolDomain`.

func NewCfnUserPoolGroup_Override 

func NewCfnUserPoolGroup_Override(c CfnUserPoolGroup, scope awscdk.Construct, id *string, props *CfnUserPoolGroupProps)

Create a new `AWS::Cognito::UserPoolGroup`.

func NewCfnUserPoolIdentityProvider_Override 

func NewCfnUserPoolIdentityProvider_Override(c CfnUserPoolIdentityProvider, scope awscdk.Construct, id *string, props *CfnUserPoolIdentityProviderProps)

Create a new `AWS::Cognito::UserPoolIdentityProvider`.

func NewCfnUserPoolResourceServer_Override 

func NewCfnUserPoolResourceServer_Override(c CfnUserPoolResourceServer, scope awscdk.Construct, id *string, props *CfnUserPoolResourceServerProps)

Create a new `AWS::Cognito::UserPoolResourceServer`.

func NewCfnUserPoolRiskConfigurationAttachment_Override 

func NewCfnUserPoolRiskConfigurationAttachment_Override(c CfnUserPoolRiskConfigurationAttachment, scope awscdk.Construct, id *string, props *CfnUserPoolRiskConfigurationAttachmentProps)

Create a new `AWS::Cognito::UserPoolRiskConfigurationAttachment`.

func NewCfnUserPoolUICustomizationAttachment_Override 

func NewCfnUserPoolUICustomizationAttachment_Override(c CfnUserPoolUICustomizationAttachment, scope awscdk.Construct, id *string, props *CfnUserPoolUICustomizationAttachmentProps)

Create a new `AWS::Cognito::UserPoolUICustomizationAttachment`.

func NewCfnUserPoolUserToGroupAttachment_Override 

func NewCfnUserPoolUserToGroupAttachment_Override(c CfnUserPoolUserToGroupAttachment, scope awscdk.Construct, id *string, props *CfnUserPoolUserToGroupAttachmentProps)

Create a new `AWS::Cognito::UserPoolUserToGroupAttachment`.

func NewCfnUserPoolUser_Override 

func NewCfnUserPoolUser_Override(c CfnUserPoolUser, scope awscdk.Construct, id *string, props *CfnUserPoolUserProps)

Create a new `AWS::Cognito::UserPoolUser`.

func NewCfnUserPool_Override 

func NewCfnUserPool_Override(c CfnUserPool, scope awscdk.Construct, id *string, props *CfnUserPoolProps)

Create a new `AWS::Cognito::UserPool`.

func NewClientAttributes_Override 

func NewClientAttributes_Override(c ClientAttributes)

Creates a ClientAttributes with the specified attributes. Experimental.

func NewDateTimeAttribute_Override 

func NewDateTimeAttribute_Override(d DateTimeAttribute, props *CustomAttributeProps)

Experimental.

func NewNumberAttribute_Override 

func NewNumberAttribute_Override(n NumberAttribute, props *NumberAttributeProps)

Experimental.

func NewResourceServerScope_Override 

func NewResourceServerScope_Override(r ResourceServerScope, props *ResourceServerScopeProps)

Experimental.

func NewStringAttribute_Override 

func NewStringAttribute_Override(s StringAttribute, props *StringAttributeProps)

Experimental.

func NewUserPoolClient_Override 

func NewUserPoolClient_Override(u UserPoolClient, scope constructs.Construct, id *string, props *UserPoolClientProps)

Experimental.

func NewUserPoolDomain_Override 

func NewUserPoolDomain_Override(u UserPoolDomain, scope constructs.Construct, id *string, props *UserPoolDomainProps)

Experimental.

func NewUserPoolEmail_Override 

func NewUserPoolEmail_Override(u UserPoolEmail)

Experimental.

func NewUserPoolIdentityProviderAmazon_Override 

func NewUserPoolIdentityProviderAmazon_Override(u UserPoolIdentityProviderAmazon, scope constructs.Construct, id *string, props *UserPoolIdentityProviderAmazonProps)

Experimental.

func NewUserPoolIdentityProviderApple_Override 

func NewUserPoolIdentityProviderApple_Override(u UserPoolIdentityProviderApple, scope constructs.Construct, id *string, props *UserPoolIdentityProviderAppleProps)

Experimental.

func NewUserPoolIdentityProviderFacebook_Override 

func NewUserPoolIdentityProviderFacebook_Override(u UserPoolIdentityProviderFacebook, scope constructs.Construct, id *string, props *UserPoolIdentityProviderFacebookProps)

Experimental.

func NewUserPoolIdentityProviderGoogle_Override 

func NewUserPoolIdentityProviderGoogle_Override(u UserPoolIdentityProviderGoogle, scope constructs.Construct, id *string, props *UserPoolIdentityProviderGoogleProps)

Experimental.

func NewUserPoolResourceServer_Override 

func NewUserPoolResourceServer_Override(u UserPoolResourceServer, scope constructs.Construct, id *string, props *UserPoolResourceServerProps)

Experimental.

func NewUserPool_Override 

func NewUserPool_Override(u UserPool, scope constructs.Construct, id *string, props *UserPoolProps)

Experimental.

func UserPoolClient_IsConstruct 

func UserPoolClient_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func UserPoolClient_IsResource 

func UserPoolClient_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func UserPoolDomain_IsConstruct 

func UserPoolDomain_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func UserPoolDomain_IsResource 

func UserPoolDomain_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func UserPoolIdentityProviderAmazon_IsConstruct 

func UserPoolIdentityProviderAmazon_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func UserPoolIdentityProviderAmazon_IsResource 

func UserPoolIdentityProviderAmazon_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func UserPoolIdentityProviderApple_IsConstruct 

func UserPoolIdentityProviderApple_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func UserPoolIdentityProviderApple_IsResource 

func UserPoolIdentityProviderApple_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func UserPoolIdentityProviderFacebook_IsConstruct 

func UserPoolIdentityProviderFacebook_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func UserPoolIdentityProviderFacebook_IsResource 

func UserPoolIdentityProviderFacebook_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func UserPoolIdentityProviderGoogle_IsConstruct 

func UserPoolIdentityProviderGoogle_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func UserPoolIdentityProviderGoogle_IsResource 

func UserPoolIdentityProviderGoogle_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func UserPoolResourceServer_IsConstruct 

func UserPoolResourceServer_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func UserPoolResourceServer_IsResource 

func UserPoolResourceServer_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

func UserPool_IsConstruct 

func UserPool_IsConstruct(x interface{}) *bool

Return whether the given object is a Construct. Experimental.

func UserPool_IsResource 

func UserPool_IsResource(construct awscdk.IConstruct) *bool

Check whether the given construct is a Resource. Experimental.

Types

type AccountRecovery 

type AccountRecovery string

How will a user be able to recover their account?

When a user forgets their password, they can have a code sent to their verified email or verified phone to recover their account. You can choose the preferred way to send codes below. We recommend not allowing phone to be used for both password resets and multi-factor authentication (MFA).

TODO: EXAMPLE

See: https://docs.aws.amazon.com/cognito/latest/developerguide/how-to-recover-a-user-account.html

Experimental. 

const (
	AccountRecovery_EMAIL_AND_PHONE_WITHOUT_MFA AccountRecovery = "EMAIL_AND_PHONE_WITHOUT_MFA"
	AccountRecovery_PHONE_WITHOUT_MFA_AND_EMAIL AccountRecovery = "PHONE_WITHOUT_MFA_AND_EMAIL"
	AccountRecovery_EMAIL_ONLY                  AccountRecovery = "EMAIL_ONLY"
	AccountRecovery_PHONE_ONLY_WITHOUT_MFA      AccountRecovery = "PHONE_ONLY_WITHOUT_MFA"
	AccountRecovery_PHONE_AND_EMAIL             AccountRecovery = "PHONE_AND_EMAIL"
	AccountRecovery_NONE                        AccountRecovery = "NONE"
)

type AttributeMapping 

type AttributeMapping struct {
	// The user's postal address is a required attribute.
	// Experimental.
	Address ProviderAttribute `json:"address" yaml:"address"`
	// The user's birthday.
	// Experimental.
	Birthdate ProviderAttribute `json:"birthdate" yaml:"birthdate"`
	// Specify custom attribute mapping here and mapping for any standard attributes not supported yet.
	// Experimental.
	Custom *map[string]ProviderAttribute `json:"custom" yaml:"custom"`
	// The user's e-mail address.
	// Experimental.
	Email ProviderAttribute `json:"email" yaml:"email"`
	// The surname or last name of user.
	// Experimental.
	FamilyName ProviderAttribute `json:"familyName" yaml:"familyName"`
	// The user's full name in displayable form.
	// Experimental.
	Fullname ProviderAttribute `json:"fullname" yaml:"fullname"`
	// The user's gender.
	// Experimental.
	Gender ProviderAttribute `json:"gender" yaml:"gender"`
	// The user's first name or give name.
	// Experimental.
	GivenName ProviderAttribute `json:"givenName" yaml:"givenName"`
	// Time, the user's information was last updated.
	// Experimental.
	LastUpdateTime ProviderAttribute `json:"lastUpdateTime" yaml:"lastUpdateTime"`
	// The user's locale.
	// Experimental.
	Locale ProviderAttribute `json:"locale" yaml:"locale"`
	// The user's middle name.
	// Experimental.
	MiddleName ProviderAttribute `json:"middleName" yaml:"middleName"`
	// The user's nickname or casual name.
	// Experimental.
	Nickname ProviderAttribute `json:"nickname" yaml:"nickname"`
	// The user's telephone number.
	// Experimental.
	PhoneNumber ProviderAttribute `json:"phoneNumber" yaml:"phoneNumber"`
	// The user's preferred username.
	// Experimental.
	PreferredUsername ProviderAttribute `json:"preferredUsername" yaml:"preferredUsername"`
	// The URL to the user's profile page.
	// Experimental.
	ProfilePage ProviderAttribute `json:"profilePage" yaml:"profilePage"`
	// The URL to the user's profile picture.
	// Experimental.
	ProfilePicture ProviderAttribute `json:"profilePicture" yaml:"profilePicture"`
	// The user's time zone.
	// Experimental.
	Timezone ProviderAttribute `json:"timezone" yaml:"timezone"`
	// The URL to the user's web page or blog.
	// Experimental.
	Website ProviderAttribute `json:"website" yaml:"website"`
}

The mapping of user pool attributes to the attributes provided by the identity providers.

TODO: EXAMPLE

Experimental.

type AuthFlow 

type AuthFlow struct {
	// Enable admin based user password authentication flow.
	// Experimental.
	AdminUserPassword *bool `json:"adminUserPassword" yaml:"adminUserPassword"`
	// Enable custom authentication flow.
	// Experimental.
	Custom *bool `json:"custom" yaml:"custom"`
	// Enable auth using username & password.
	// Experimental.
	UserPassword *bool `json:"userPassword" yaml:"userPassword"`
	// Enable SRP based authentication.
	// Experimental.
	UserSrp *bool `json:"userSrp" yaml:"userSrp"`
}

Types of authentication flow.

TODO: EXAMPLE

See: https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-authentication-flow.html

Experimental.

type AutoVerifiedAttrs 

type AutoVerifiedAttrs struct {
	// Whether the email address of the user should be auto verified at sign up.
	//
	// Note: If both `email` and `phone` is set, Cognito only verifies the phone number. To also verify email, see here -
	// https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html
	// Experimental.
	Email *bool `json:"email" yaml:"email"`
	// Whether the phone number of the user should be auto verified at sign up.
	// Experimental.
	Phone *bool `json:"phone" yaml:"phone"`
}

Attributes that can be automatically verified for users in a user pool.

TODO: EXAMPLE

Experimental.

type BooleanAttribute 

type BooleanAttribute interface {
	ICustomAttribute
	Bind() *CustomAttributeConfig
}

The Boolean custom attribute type.

TODO: EXAMPLE

Experimental.

func NewBooleanAttribute 

func NewBooleanAttribute(props *CustomAttributeProps) BooleanAttribute

Experimental.

type CfnIdentityPool 

type CfnIdentityPool interface {
	awscdk.CfnResource
	awscdk.IInspectable
	AllowClassicFlow() interface{}
	SetAllowClassicFlow(val interface{})
	AllowUnauthenticatedIdentities() interface{}
	SetAllowUnauthenticatedIdentities(val interface{})
	AttrName() *string
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CognitoEvents() interface{}
	SetCognitoEvents(val interface{})
	CognitoIdentityProviders() interface{}
	SetCognitoIdentityProviders(val interface{})
	CognitoStreams() interface{}
	SetCognitoStreams(val interface{})
	CreationStack() *[]*string
	DeveloperProviderName() *string
	SetDeveloperProviderName(val *string)
	IdentityPoolName() *string
	SetIdentityPoolName(val *string)
	LogicalId() *string
	Node() awscdk.ConstructNode
	OpenIdConnectProviderArns() *[]*string
	SetOpenIdConnectProviderArns(val *[]*string)
	PushSync() interface{}
	SetPushSync(val interface{})
	Ref() *string
	SamlProviderArns() *[]*string
	SetSamlProviderArns(val *[]*string)
	Stack() awscdk.Stack
	SupportedLoginProviders() interface{}
	SetSupportedLoginProviders(val interface{})
	UpdatedProperites() *map[string]interface{}
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	OverrideLogicalId(newLogicalId *string)
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Cognito::IdentityPool`.

The `AWS::Cognito::IdentityPool` resource creates an Amazon Cognito identity pool.

To avoid deleting the resource accidentally from AWS CloudFormation , use [DeletionPolicy Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html) and the [UpdateReplacePolicy Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) to retain the resource on deletion or replacement.

TODO: EXAMPLE

func NewCfnIdentityPool 

func NewCfnIdentityPool(scope awscdk.Construct, id *string, props *CfnIdentityPoolProps) CfnIdentityPool

Create a new `AWS::Cognito::IdentityPool`.

type CfnIdentityPoolProps 

type CfnIdentityPoolProps struct {
	// Specifies whether the identity pool supports unauthenticated logins.
	AllowUnauthenticatedIdentities interface{} `json:"allowUnauthenticatedIdentities" yaml:"allowUnauthenticatedIdentities"`
	// Enables the Basic (Classic) authentication flow.
	AllowClassicFlow interface{} `json:"allowClassicFlow" yaml:"allowClassicFlow"`
	// The events to configure.
	CognitoEvents interface{} `json:"cognitoEvents" yaml:"cognitoEvents"`
	// The Amazon Cognito user pools and their client IDs.
	CognitoIdentityProviders interface{} `json:"cognitoIdentityProviders" yaml:"cognitoIdentityProviders"`
	// Configuration options for configuring Amazon Cognito streams.
	CognitoStreams interface{} `json:"cognitoStreams" yaml:"cognitoStreams"`
	// The "domain" Amazon Cognito uses when referencing your users.
	//
	// This name acts as a placeholder that allows your backend and the Amazon Cognito service to communicate about the developer provider. For the `DeveloperProviderName` , you can use letters and periods (.), underscores (_), and dashes (-).
	//
	// *Minimum length* : 1
	//
	// *Maximum length* : 100
	DeveloperProviderName *string `json:"developerProviderName" yaml:"developerProviderName"`
	// The name of your Amazon Cognito identity pool.
	//
	// *Minimum length* : 1
	//
	// *Maximum length* : 128
	//
	// *Pattern* : `[\w\s+=,.@-]+`
	IdentityPoolName *string `json:"identityPoolName" yaml:"identityPoolName"`
	// The Amazon Resource Names (ARNs) of the OpenID connect providers.
	OpenIdConnectProviderArns *[]*string `json:"openIdConnectProviderArns" yaml:"openIdConnectProviderArns"`
	// The configuration options to be applied to the identity pool.
	PushSync interface{} `json:"pushSync" yaml:"pushSync"`
	// The Amazon Resource Names (ARNs) of the Security Assertion Markup Language (SAML) providers.
	SamlProviderArns *[]*string `json:"samlProviderArns" yaml:"samlProviderArns"`
	// Key-value pairs that map provider names to provider app IDs.
	SupportedLoginProviders interface{} `json:"supportedLoginProviders" yaml:"supportedLoginProviders"`
}

Properties for defining a `CfnIdentityPool`.

TODO: EXAMPLE

type CfnIdentityPoolRoleAttachment 

type CfnIdentityPoolRoleAttachment interface {
	awscdk.CfnResource
	awscdk.IInspectable
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	IdentityPoolId() *string
	SetIdentityPoolId(val *string)
	LogicalId() *string
	Node() awscdk.ConstructNode
	Ref() *string
	RoleMappings() interface{}
	SetRoleMappings(val interface{})
	Roles() interface{}
	SetRoles(val interface{})
	Stack() awscdk.Stack
	UpdatedProperites() *map[string]interface{}
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	OverrideLogicalId(newLogicalId *string)
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Cognito::IdentityPoolRoleAttachment`.

The `AWS::Cognito::IdentityPoolRoleAttachment` resource manages the role configuration for an Amazon Cognito identity pool.

TODO: EXAMPLE

func NewCfnIdentityPoolRoleAttachment 

func NewCfnIdentityPoolRoleAttachment(scope awscdk.Construct, id *string, props *CfnIdentityPoolRoleAttachmentProps) CfnIdentityPoolRoleAttachment

Create a new `AWS::Cognito::IdentityPoolRoleAttachment`.

type CfnIdentityPoolRoleAttachmentProps 

type CfnIdentityPoolRoleAttachmentProps struct {
	// An identity pool ID in the format `REGION:GUID` .
	IdentityPoolId *string `json:"identityPoolId" yaml:"identityPoolId"`
	// How users for a specific identity provider are mapped to roles.
	//
	// This is a string to the `RoleMapping` object map. The string identifies the identity provider. For example: `graph.facebook.com` or `cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id` .
	//
	// If the `IdentityProvider` field isn't provided in this object, the string is used as the identity provider name.
	//
	// For more information, see the [RoleMapping property](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html) .
	RoleMappings interface{} `json:"roleMappings" yaml:"roleMappings"`
	// The map of the roles associated with this pool.
	//
	// For a given role, the key is either "authenticated" or "unauthenticated". The value is the role ARN.
	Roles interface{} `json:"roles" yaml:"roles"`
}

Properties for defining a `CfnIdentityPoolRoleAttachment`.

TODO: EXAMPLE

type CfnIdentityPoolRoleAttachment_MappingRuleProperty 

type CfnIdentityPoolRoleAttachment_MappingRuleProperty struct {
	// The claim name that must be present in the token.
	//
	// For example: "isAdmin" or "paid".
	Claim *string `json:"claim" yaml:"claim"`
	// The match condition that specifies how closely the claim value in the IdP token must match `Value` .
	//
	// Valid values are: `Equals` , `Contains` , `StartsWith` , and `NotEqual` .
	MatchType *string `json:"matchType" yaml:"matchType"`
	// The Amazon Resource Name (ARN) of the role.
	RoleArn *string `json:"roleArn" yaml:"roleArn"`
	// A brief string that the claim must match.
	//
	// For example, "paid" or "yes".
	Value *string `json:"value" yaml:"value"`
}

Defines how to map a claim to a role ARN.

TODO: EXAMPLE

type CfnIdentityPoolRoleAttachment_RoleMappingProperty 

type CfnIdentityPoolRoleAttachment_RoleMappingProperty struct {
	// The role-mapping type.
	//
	// `Token` uses `cognito:roles` and `cognito:preferred_role` claims from the Amazon Cognito identity provider token to map groups to roles. `Rules` attempts to match claims from the token to map to a role.
	//
	// Valid values are `Token` or `Rules` .
	Type *string `json:"type" yaml:"type"`
	// Specifies the action to be taken if either no rules match the claim value for the Rules type, or there is no `cognito:preferred_role` claim and there are multiple `cognito:roles` matches for the Token type.
	//
	// If you specify Token or Rules as the Type, AmbiguousRoleResolution is required.
	//
	// Valid values are `AuthenticatedRole` or `Deny` .
	AmbiguousRoleResolution *string `json:"ambiguousRoleResolution" yaml:"ambiguousRoleResolution"`
	// Identifier for the identity provider for which the role is mapped.
	//
	// For example: `graph.facebook.com` or `cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id (http://cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id)` . This is the identity provider that is used by the user for authentication.
	//
	// If the identity provider property isn't provided, the key of the entry in the `RoleMappings` map is used as the identity provider.
	IdentityProvider *string `json:"identityProvider" yaml:"identityProvider"`
	// The rules to be used for mapping users to roles.
	//
	// If you specify "Rules" as the role-mapping type, RulesConfiguration is required.
	RulesConfiguration interface{} `json:"rulesConfiguration" yaml:"rulesConfiguration"`
}

`RoleMapping` is a property of the [AWS::Cognito::IdentityPoolRoleAttachment](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypoolroleattachment.html) resource that defines the role-mapping attributes of an Amazon Cognito identity pool.

TODO: EXAMPLE

type CfnIdentityPoolRoleAttachment_RulesConfigurationTypeProperty 

type CfnIdentityPoolRoleAttachment_RulesConfigurationTypeProperty struct {
	// The rules.
	//
	// You can specify up to 25 rules per identity provider.
	Rules interface{} `json:"rules" yaml:"rules"`
}

`RulesConfigurationType` is a subproperty of the [RoleMapping](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html) property that defines the rules to be used for mapping users to roles.

TODO: EXAMPLE

type CfnIdentityPool_CognitoIdentityProviderProperty 

type CfnIdentityPool_CognitoIdentityProviderProperty struct {
	// The client ID for the Amazon Cognito user pool.
	ClientId *string `json:"clientId" yaml:"clientId"`
	// The provider name for an Amazon Cognito user pool.
	//
	// For example: `cognito-idp.us-east-2.amazonaws.com/us-east-2_123456789` .
	ProviderName *string `json:"providerName" yaml:"providerName"`
	// TRUE if server-side token validation is enabled for the identity provider’s token.
	//
	// After you set the `ServerSideTokenCheck` to TRUE for an identity pool, that identity pool checks with the integrated user pools to make sure the user has not been globally signed out or deleted before the identity pool provides an OIDC token or AWS credentials for the user.
	//
	// If the user is signed out or deleted, the identity pool returns a 400 Not Authorized error.
	ServerSideTokenCheck interface{} `json:"serverSideTokenCheck" yaml:"serverSideTokenCheck"`
}

`CognitoIdentityProvider` is a property of the [AWS::Cognito::IdentityPool](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypool.html) resource that represents an Amazon Cognito user pool and its client ID.

TODO: EXAMPLE

type CfnIdentityPool_CognitoStreamsProperty 

type CfnIdentityPool_CognitoStreamsProperty struct {
	// The Amazon Resource Name (ARN) of the role Amazon Cognito can assume to publish to the stream.
	//
	// This role must grant access to Amazon Cognito (cognito-sync) to invoke `PutRecord` on your Amazon Cognito stream.
	RoleArn *string `json:"roleArn" yaml:"roleArn"`
	// Status of the Amazon Cognito streams.
	//
	// Valid values are: `ENABLED` or `DISABLED` .
	StreamingStatus *string `json:"streamingStatus" yaml:"streamingStatus"`
	// The name of the Amazon Cognito stream to receive updates.
	//
	// This stream must be in the developer's account and in the same Region as the identity pool.
	StreamName *string `json:"streamName" yaml:"streamName"`
}

`CognitoStreams` is a property of the [AWS::Cognito::IdentityPool](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypool.html) resource that defines configuration options for Amazon Cognito streams.

TODO: EXAMPLE

type CfnIdentityPool_PushSyncProperty 

type CfnIdentityPool_PushSyncProperty struct {
	// The ARNs of the Amazon SNS platform applications that could be used by clients.
	ApplicationArns *[]*string `json:"applicationArns" yaml:"applicationArns"`
	// An IAM role configured to allow Amazon Cognito to call Amazon SNS on behalf of the developer.
	RoleArn *string `json:"roleArn" yaml:"roleArn"`
}

`PushSync` is a property of the [AWS::Cognito::IdentityPool](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypool.html) resource that defines the configuration options to be applied to an Amazon Cognito identity pool.

TODO: EXAMPLE

type CfnUserPool 

type CfnUserPool interface {
	awscdk.CfnResource
	awscdk.IInspectable
	AccountRecoverySetting() interface{}
	SetAccountRecoverySetting(val interface{})
	AdminCreateUserConfig() interface{}
	SetAdminCreateUserConfig(val interface{})
	AliasAttributes() *[]*string
	SetAliasAttributes(val *[]*string)
	AttrArn() *string
	AttrProviderName() *string
	AttrProviderUrl() *string
	AutoVerifiedAttributes() *[]*string
	SetAutoVerifiedAttributes(val *[]*string)
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	DeviceConfiguration() interface{}
	SetDeviceConfiguration(val interface{})
	EmailConfiguration() interface{}
	SetEmailConfiguration(val interface{})
	EmailVerificationMessage() *string
	SetEmailVerificationMessage(val *string)
	EmailVerificationSubject() *string
	SetEmailVerificationSubject(val *string)
	EnabledMfas() *[]*string
	SetEnabledMfas(val *[]*string)
	LambdaConfig() interface{}
	SetLambdaConfig(val interface{})
	LogicalId() *string
	MfaConfiguration() *string
	SetMfaConfiguration(val *string)
	Node() awscdk.ConstructNode
	Policies() interface{}
	SetPolicies(val interface{})
	Ref() *string
	Schema() interface{}
	SetSchema(val interface{})
	SmsAuthenticationMessage() *string
	SetSmsAuthenticationMessage(val *string)
	SmsConfiguration() interface{}
	SetSmsConfiguration(val interface{})
	SmsVerificationMessage() *string
	SetSmsVerificationMessage(val *string)
	Stack() awscdk.Stack
	Tags() awscdk.TagManager
	UpdatedProperites() *map[string]interface{}
	UsernameAttributes() *[]*string
	SetUsernameAttributes(val *[]*string)
	UsernameConfiguration() interface{}
	SetUsernameConfiguration(val interface{})
	UserPoolAddOns() interface{}
	SetUserPoolAddOns(val interface{})
	UserPoolName() *string
	SetUserPoolName(val *string)
	VerificationMessageTemplate() interface{}
	SetVerificationMessageTemplate(val interface{})
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	OverrideLogicalId(newLogicalId *string)
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Cognito::UserPool`.

The `AWS::Cognito::UserPool` resource creates an Amazon Cognito user pool. For more information on working with Amazon Cognito user pools, see [Amazon Cognito User Pools](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools.html) and [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) .

TODO: EXAMPLE

func NewCfnUserPool 

func NewCfnUserPool(scope awscdk.Construct, id *string, props *CfnUserPoolProps) CfnUserPool

Create a new `AWS::Cognito::UserPool`.

type CfnUserPoolClient 

type CfnUserPoolClient interface {
	awscdk.CfnResource
	awscdk.IInspectable
	AccessTokenValidity() *float64
	SetAccessTokenValidity(val *float64)
	AllowedOAuthFlows() *[]*string
	SetAllowedOAuthFlows(val *[]*string)
	AllowedOAuthFlowsUserPoolClient() interface{}
	SetAllowedOAuthFlowsUserPoolClient(val interface{})
	AllowedOAuthScopes() *[]*string
	SetAllowedOAuthScopes(val *[]*string)
	AnalyticsConfiguration() interface{}
	SetAnalyticsConfiguration(val interface{})
	AttrClientSecret() *string
	AttrName() *string
	CallbackUrLs() *[]*string
	SetCallbackUrLs(val *[]*string)
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	ClientName() *string
	SetClientName(val *string)
	CreationStack() *[]*string
	DefaultRedirectUri() *string
	SetDefaultRedirectUri(val *string)
	EnableTokenRevocation() interface{}
	SetEnableTokenRevocation(val interface{})
	ExplicitAuthFlows() *[]*string
	SetExplicitAuthFlows(val *[]*string)
	GenerateSecret() interface{}
	SetGenerateSecret(val interface{})
	IdTokenValidity() *float64
	SetIdTokenValidity(val *float64)
	LogicalId() *string
	LogoutUrLs() *[]*string
	SetLogoutUrLs(val *[]*string)
	Node() awscdk.ConstructNode
	PreventUserExistenceErrors() *string
	SetPreventUserExistenceErrors(val *string)
	ReadAttributes() *[]*string
	SetReadAttributes(val *[]*string)
	Ref() *string
	RefreshTokenValidity() *float64
	SetRefreshTokenValidity(val *float64)
	Stack() awscdk.Stack
	SupportedIdentityProviders() *[]*string
	SetSupportedIdentityProviders(val *[]*string)
	TokenValidityUnits() interface{}
	SetTokenValidityUnits(val interface{})
	UpdatedProperites() *map[string]interface{}
	UserPoolId() *string
	SetUserPoolId(val *string)
	WriteAttributes() *[]*string
	SetWriteAttributes(val *[]*string)
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	OverrideLogicalId(newLogicalId *string)
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Cognito::UserPoolClient`.

The `AWS::Cognito::UserPoolClient` resource specifies an Amazon Cognito user pool client.

TODO: EXAMPLE

func NewCfnUserPoolClient 

func NewCfnUserPoolClient(scope awscdk.Construct, id *string, props *CfnUserPoolClientProps) CfnUserPoolClient

Create a new `AWS::Cognito::UserPoolClient`.

type CfnUserPoolClientProps 

type CfnUserPoolClientProps struct {
	// The user pool ID for the user pool where you want to create a user pool client.
	UserPoolId *string `json:"userPoolId" yaml:"userPoolId"`
	// The time limit, after which the access token is no longer valid and cannot be used.
	AccessTokenValidity *float64 `json:"accessTokenValidity" yaml:"accessTokenValidity"`
	// The allowed OAuth flows.
	//
	// Set to `code` to initiate a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the token endpoint.
	//
	// Set to `implicit` to specify that the client should get the access token (and, optionally, ID token, based on scopes) directly.
	//
	// Set to `client_credentials` to specify that the client should get the access token (and, optionally, ID token, based on scopes) from the token endpoint using a combination of client and client_secret.
	AllowedOAuthFlows *[]*string `json:"allowedOAuthFlows" yaml:"allowedOAuthFlows"`
	// Set to true if the client is allowed to follow the OAuth protocol when interacting with Amazon Cognito user pools.
	AllowedOAuthFlowsUserPoolClient interface{} `json:"allowedOAuthFlowsUserPoolClient" yaml:"allowedOAuthFlowsUserPoolClient"`
	// The allowed OAuth scopes.
	//
	// Possible values provided by OAuth are: `phone` , `email` , `openid` , and `profile` . Possible values provided by AWS are: `aws.cognito.signin.user.admin` . Custom scopes created in Resource Servers are also supported.
	AllowedOAuthScopes *[]*string `json:"allowedOAuthScopes" yaml:"allowedOAuthScopes"`
	// The Amazon Pinpoint analytics configuration for collecting metrics for this user pool.
	//
	// > In AWS Regions where Amazon Pinpoint isn't available, User Pools only supports sending events to Amazon Pinpoint projects in AWS Region us-east-1. In Regions where is available, User Pools will support sending events to Amazon Pinpoint projects within that same Region.
	AnalyticsConfiguration interface{} `json:"analyticsConfiguration" yaml:"analyticsConfiguration"`
	// A list of allowed redirect (callback) URLs for the identity providers.
	//
	// A redirect URI must:
	//
	// - Be an absolute URI.
	// - Be registered with the authorization server.
	// - Not include a fragment component.
	//
	// See [OAuth 2.0 - Redirection Endpoint](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6749#section-3.1.2) .
	//
	// Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.
	//
	// App callback URLs such as myapp://example are also supported.
	CallbackUrLs *[]*string `json:"callbackUrLs" yaml:"callbackUrLs"`
	// The client name for the user pool client you would like to create.
	ClientName *string `json:"clientName" yaml:"clientName"`
	// The default redirect URI. Must be in the `CallbackURLs` list.
	//
	// A redirect URI must:
	//
	// - Be an absolute URI.
	// - Be registered with the authorization server.
	// - Not include a fragment component.
	//
	// See [OAuth 2.0 - Redirection Endpoint](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6749#section-3.1.2) .
	//
	// Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only.
	//
	// App callback URLs such as myapp://example are also supported.
	DefaultRedirectUri *string `json:"defaultRedirectUri" yaml:"defaultRedirectUri"`
	// Activates or deactivates token revocation. For more information about revoking tokens, see [RevokeToken](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_RevokeToken.html) .
	//
	// If you don't include this parameter, token revocation is automatically activated for the new user pool client.
	EnableTokenRevocation interface{} `json:"enableTokenRevocation" yaml:"enableTokenRevocation"`
	// The authentication flows that are supported by the user pool clients.
	//
	// Flow names without the `ALLOW_` prefix are no longer supported, in favor of new names with the `ALLOW_` prefix. Note that values with `ALLOW_` prefix must be used only along with the `ALLOW_` prefix.
	//
	// Valid values include:
	//
	// - `ALLOW_ADMIN_USER_PASSWORD_AUTH` : Enable admin based user password authentication flow `ADMIN_USER_PASSWORD_AUTH` . This setting replaces the `ADMIN_NO_SRP_AUTH` setting. With this authentication flow, Amazon Cognito receives the password in the request instead of using the Secure Remote Password (SRP) protocol to verify passwords.
	// - `ALLOW_CUSTOM_AUTH` : Enable AWS Lambda trigger based authentication.
	// - `ALLOW_USER_PASSWORD_AUTH` : Enable user password-based authentication. In this flow, Amazon Cognito receives the password in the request instead of using the SRP protocol to verify passwords.
	// - `ALLOW_USER_SRP_AUTH` : Enable SRP-based authentication.
	// - `ALLOW_REFRESH_TOKEN_AUTH` : Enable authflow to refresh tokens.
	ExplicitAuthFlows *[]*string `json:"explicitAuthFlows" yaml:"explicitAuthFlows"`
	// Boolean to specify whether you want to generate a secret for the user pool client being created.
	GenerateSecret interface{} `json:"generateSecret" yaml:"generateSecret"`
	// The time limit, after which the ID token is no longer valid and cannot be used.
	IdTokenValidity *float64 `json:"idTokenValidity" yaml:"idTokenValidity"`
	// A list of allowed logout URLs for the identity providers.
	LogoutUrLs *[]*string `json:"logoutUrLs" yaml:"logoutUrLs"`
	// Use this setting to choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool.
	//
	// When set to `ENABLED` and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to `LEGACY` , those APIs will return a `UserNotFoundException` exception if the user does not exist in the user pool.
	PreventUserExistenceErrors *string `json:"preventUserExistenceErrors" yaml:"preventUserExistenceErrors"`
	// The read attributes.
	ReadAttributes *[]*string `json:"readAttributes" yaml:"readAttributes"`
	// The time limit, in days, after which the refresh token is no longer valid and can't be used.
	RefreshTokenValidity *float64 `json:"refreshTokenValidity" yaml:"refreshTokenValidity"`
	// A list of provider names for the identity providers that are supported on this client.
	//
	// The following are supported: `COGNITO` , `Facebook` , `SignInWithApple` , `Google` and `LoginWithAmazon` .
	SupportedIdentityProviders *[]*string `json:"supportedIdentityProviders" yaml:"supportedIdentityProviders"`
	// The units in which the validity times are represented in.
	//
	// Default for RefreshToken is days, and default for ID and access tokens are hours.
	TokenValidityUnits interface{} `json:"tokenValidityUnits" yaml:"tokenValidityUnits"`
	// The user pool attributes that the app client can write to.
	//
	// If your app client allows users to sign in through an identity provider, this array must include all attributes that are mapped to identity provider attributes. Amazon Cognito updates mapped attributes when users sign in to your application through an identity provider. If your app client lacks write access to a mapped attribute, Amazon Cognito throws an error when it tries to update the attribute. For more information, see [Specifying Identity Provider Attribute Mappings for Your User Pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html) .
	WriteAttributes *[]*string `json:"writeAttributes" yaml:"writeAttributes"`
}

Properties for defining a `CfnUserPoolClient`.

TODO: EXAMPLE

type CfnUserPoolClient_AnalyticsConfigurationProperty 

type CfnUserPoolClient_AnalyticsConfigurationProperty struct {
	// The Amazon Resource Name (ARN) of an Amazon Pinpoint project.
	//
	// You can use the Amazon Pinpoint project for integration with the chosen user pool client. Amazon Cognito publishes events to the Amazon Pinpoint project that the app ARN declares.
	ApplicationArn *string `json:"applicationArn" yaml:"applicationArn"`
	// The application ID for an Amazon Pinpoint application.
	ApplicationId *string `json:"applicationId" yaml:"applicationId"`
	// The external ID.
	ExternalId *string `json:"externalId" yaml:"externalId"`
	// The ARN of an AWS Identity and Access Management role that authorizes Amazon Cognito to publish events to Amazon Pinpoint analytics.
	RoleArn *string `json:"roleArn" yaml:"roleArn"`
	// If `UserDataShared` is `true` , Amazon Cognito will include user data in the events it publishes to Amazon Pinpoint analytics.
	UserDataShared interface{} `json:"userDataShared" yaml:"userDataShared"`
}

The Amazon Pinpoint analytics configuration for collecting metrics for a user pool.

> In Regions where Pinpoint isn't available, User Pools only supports sending events to Amazon Pinpoint projects in us-east-1. In Regions where Pinpoint is available, User Pools will support sending events to Amazon Pinpoint projects within that same Region.

TODO: EXAMPLE

type CfnUserPoolClient_TokenValidityUnitsProperty 

type CfnUserPoolClient_TokenValidityUnitsProperty struct {
	// A time unit in “seconds”, “minutes”, “hours” or “days” for the value in AccessTokenValidity, defaults to hours.
	AccessToken *string `json:"accessToken" yaml:"accessToken"`
	// A time unit in “seconds”, “minutes”, “hours” or “days” for the value in IdTokenValidity, defaults to hours.
	IdToken *string `json:"idToken" yaml:"idToken"`
	// A time unit in “seconds”, “minutes”, “hours” or “days” for the value in RefreshTokenValidity, defaults to days.
	RefreshToken *string `json:"refreshToken" yaml:"refreshToken"`
}

The units in which the validity times are represented in.

Default for RefreshToken is days, and default for ID and access tokens are hours.

TODO: EXAMPLE

type CfnUserPoolDomain 

type CfnUserPoolDomain interface {
	awscdk.CfnResource
	awscdk.IInspectable
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	CustomDomainConfig() interface{}
	SetCustomDomainConfig(val interface{})
	Domain() *string
	SetDomain(val *string)
	LogicalId() *string
	Node() awscdk.ConstructNode
	Ref() *string
	Stack() awscdk.Stack
	UpdatedProperites() *map[string]interface{}
	UserPoolId() *string
	SetUserPoolId(val *string)
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	OverrideLogicalId(newLogicalId *string)
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Cognito::UserPoolDomain`.

The AWS::Cognito::UserPoolDomain resource creates a new domain for a user pool.

TODO: EXAMPLE

func NewCfnUserPoolDomain 

func NewCfnUserPoolDomain(scope awscdk.Construct, id *string, props *CfnUserPoolDomainProps) CfnUserPoolDomain

Create a new `AWS::Cognito::UserPoolDomain`.

type CfnUserPoolDomainProps 

type CfnUserPoolDomainProps struct {
	// The domain name for the domain that hosts the sign-up and sign-in pages for your application.
	//
	// For example: `auth.example.com` . If you're using a prefix domain, this field denotes the first part of the domain before `.auth.[region].amazoncognito.com` .
	//
	// This string can include only lowercase letters, numbers, and hyphens. Don't use a hyphen for the first or last character. Use periods to separate subdomain names.
	Domain *string `json:"domain" yaml:"domain"`
	// The user pool ID for the user pool where you want to associate a user pool domain.
	UserPoolId *string `json:"userPoolId" yaml:"userPoolId"`
	// The configuration for a custom domain that hosts the sign-up and sign-in pages for your application.
	//
	// Use this object to specify an SSL certificate that is managed by ACM.
	CustomDomainConfig interface{} `json:"customDomainConfig" yaml:"customDomainConfig"`
}

Properties for defining a `CfnUserPoolDomain`.

TODO: EXAMPLE

type CfnUserPoolDomain_CustomDomainConfigTypeProperty 

type CfnUserPoolDomain_CustomDomainConfigTypeProperty struct {
	// The Amazon Resource Name (ARN) of an AWS Certificate Manager SSL certificate.
	//
	// You use this certificate for the subdomain of your custom domain.
	CertificateArn *string `json:"certificateArn" yaml:"certificateArn"`
}

The configuration for a custom domain that hosts the sign-up and sign-in webpages for your application.

TODO: EXAMPLE

type CfnUserPoolGroup 

type CfnUserPoolGroup interface {
	awscdk.CfnResource
	awscdk.IInspectable
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	Description() *string
	SetDescription(val *string)
	GroupName() *string
	SetGroupName(val *string)
	LogicalId() *string
	Node() awscdk.ConstructNode
	Precedence() *float64
	SetPrecedence(val *float64)
	Ref() *string
	RoleArn() *string
	SetRoleArn(val *string)
	Stack() awscdk.Stack
	UpdatedProperites() *map[string]interface{}
	UserPoolId() *string
	SetUserPoolId(val *string)
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	OverrideLogicalId(newLogicalId *string)
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Cognito::UserPoolGroup`.

Specifies a new group in the identified user pool.

Calling this action requires developer credentials.

TODO: EXAMPLE

func NewCfnUserPoolGroup 

func NewCfnUserPoolGroup(scope awscdk.Construct, id *string, props *CfnUserPoolGroupProps) CfnUserPoolGroup

Create a new `AWS::Cognito::UserPoolGroup`.

type CfnUserPoolGroupProps 

type CfnUserPoolGroupProps struct {
	// The user pool ID for the user pool.
	UserPoolId *string `json:"userPoolId" yaml:"userPoolId"`
	// A string containing the description of the group.
	Description *string `json:"description" yaml:"description"`
	// The name of the group.
	//
	// Must be unique.
	GroupName *string `json:"groupName" yaml:"groupName"`
	// A non-negative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool.
	//
	// Zero is the highest precedence value. Groups with lower `Precedence` values take precedence over groups with higher ornull `Precedence` values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN is given in the user's tokens for the `cognito:roles` and `cognito:preferred_role` claims.
	//
	// Two groups can have the same `Precedence` value. If this happens, neither group takes precedence over the other. If two groups with the same `Precedence` have the same role ARN, that role is used in the `cognito:preferred_role` claim in tokens for users in each group. If the two groups have different role ARNs, the `cognito:preferred_role` claim isn't set in users' tokens.
	//
	// The default `Precedence` value is null.
	Precedence *float64 `json:"precedence" yaml:"precedence"`
	// The role Amazon Resource Name (ARN) for the group.
	RoleArn *string `json:"roleArn" yaml:"roleArn"`
}

Properties for defining a `CfnUserPoolGroup`.

TODO: EXAMPLE

type CfnUserPoolIdentityProvider 

type CfnUserPoolIdentityProvider interface {
	awscdk.CfnResource
	awscdk.IInspectable
	AttributeMapping() interface{}
	SetAttributeMapping(val interface{})
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	IdpIdentifiers() *[]*string
	SetIdpIdentifiers(val *[]*string)
	LogicalId() *string
	Node() awscdk.ConstructNode
	ProviderDetails() interface{}
	SetProviderDetails(val interface{})
	ProviderName() *string
	SetProviderName(val *string)
	ProviderType() *string
	SetProviderType(val *string)
	Ref() *string
	Stack() awscdk.Stack
	UpdatedProperites() *map[string]interface{}
	UserPoolId() *string
	SetUserPoolId(val *string)
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	OverrideLogicalId(newLogicalId *string)
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Cognito::UserPoolIdentityProvider`.

The `AWS::Cognito::UserPoolIdentityProvider` resource creates an identity provider for a user pool.

TODO: EXAMPLE

func NewCfnUserPoolIdentityProvider 

func NewCfnUserPoolIdentityProvider(scope awscdk.Construct, id *string, props *CfnUserPoolIdentityProviderProps) CfnUserPoolIdentityProvider

Create a new `AWS::Cognito::UserPoolIdentityProvider`.

type CfnUserPoolIdentityProviderProps 

type CfnUserPoolIdentityProviderProps struct {
	// The identity provider name.
	ProviderName *string `json:"providerName" yaml:"providerName"`
	// The identity provider type.
	ProviderType *string `json:"providerType" yaml:"providerType"`
	// The user pool ID.
	UserPoolId *string `json:"userPoolId" yaml:"userPoolId"`
	// A mapping of identity provider attributes to standard and custom user pool attributes.
	AttributeMapping interface{} `json:"attributeMapping" yaml:"attributeMapping"`
	// A list of identity provider identifiers.
	IdpIdentifiers *[]*string `json:"idpIdentifiers" yaml:"idpIdentifiers"`
	// The identity provider details. The following list describes the provider detail keys for each identity provider type.
	//
	// - For Google and Login with Amazon:
	//
	// - client_id
	// - client_secret
	// - authorize_scopes
	// - For Facebook:
	//
	// - client_id
	// - client_secret
	// - authorize_scopes
	// - api_version
	// - For Sign in with Apple:
	//
	// - client_id
	// - team_id
	// - key_id
	// - private_key
	// - authorize_scopes
	// - For OpenID Connect (OIDC) providers:
	//
	// - client_id
	// - client_secret
	// - attributes_request_method
	// - oidc_issuer
	// - authorize_scopes
	// - authorize_url *if not available from discovery URL specified by oidc_issuer key*
	// - token_url *if not available from discovery URL specified by oidc_issuer key*
	// - attributes_url *if not available from discovery URL specified by oidc_issuer key*
	// - jwks_uri *if not available from discovery URL specified by oidc_issuer key*
	// - attributes_url_add_attributes *a read-only property that is set automatically*
	// - For SAML providers:
	//
	// - MetadataFile OR MetadataURL
	// - IDPSignout (optional)
	ProviderDetails interface{} `json:"providerDetails" yaml:"providerDetails"`
}

Properties for defining a `CfnUserPoolIdentityProvider`.

TODO: EXAMPLE

type CfnUserPoolProps 

type CfnUserPoolProps struct {
	// Use this setting to define which verified available method a user can use to recover their password when they call `ForgotPassword` .
	//
	// It allows you to define a preferred method when a user has more than one method available. With this setting, SMS does not qualify for a valid password recovery mechanism if the user also has SMS MFA enabled. In the absence of this setting, Cognito uses the legacy behavior to determine the recovery method where SMS is preferred over email.
	AccountRecoverySetting interface{} `json:"accountRecoverySetting" yaml:"accountRecoverySetting"`
	// The configuration for creating a new user profile.
	AdminCreateUserConfig interface{} `json:"adminCreateUserConfig" yaml:"adminCreateUserConfig"`
	// Attributes supported as an alias for this user pool. Possible values: *phone_number* , *email* , or *preferred_username* .
	//
	// > This user pool property cannot be updated.
	AliasAttributes *[]*string `json:"aliasAttributes" yaml:"aliasAttributes"`
	// The attributes to be auto-verified.
	//
	// Possible values: *email* , *phone_number* .
	AutoVerifiedAttributes *[]*string `json:"autoVerifiedAttributes" yaml:"autoVerifiedAttributes"`
	// The device configuration.
	DeviceConfiguration interface{} `json:"deviceConfiguration" yaml:"deviceConfiguration"`
	// The email configuration.
	EmailConfiguration interface{} `json:"emailConfiguration" yaml:"emailConfiguration"`
	// A string representing the email verification message.
	//
	// EmailVerificationMessage is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.
	EmailVerificationMessage *string `json:"emailVerificationMessage" yaml:"emailVerificationMessage"`
	// A string representing the email verification subject.
	//
	// EmailVerificationSubject is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.
	EmailVerificationSubject *string `json:"emailVerificationSubject" yaml:"emailVerificationSubject"`
	// Enables MFA on a specified user pool.
	//
	// To disable all MFAs after it has been enabled, set MfaConfiguration to “OFF” and remove EnabledMfas. MFAs can only be all disabled if MfaConfiguration is OFF. Once SMS_MFA is enabled, SMS_MFA can only be disabled by setting MfaConfiguration to “OFF”. Can be one of the following values:
	//
	// - `SMS_MFA` - Enables SMS MFA for the user pool. SMS_MFA can only be enabled if SMS configuration is provided.
	// - `SOFTWARE_TOKEN_MFA` - Enables software token MFA for the user pool.
	//
	// Allowed values: `SMS_MFA` | `SOFTWARE_TOKEN_MFA`
	EnabledMfas *[]*string `json:"enabledMfas" yaml:"enabledMfas"`
	// The Lambda trigger configuration information for the new user pool.
	//
	// > In a push model, event sources (such as Amazon S3 and custom applications) need permission to invoke a function. So you must make an extra call to add permission for these event sources to invoke your Lambda function.
	// >
	// > For more information on using the Lambda API to add permission, see [AddPermission](https://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html) .
	// >
	// > For adding permission using the AWS CLI , see [add-permission](https://docs.aws.amazon.com/cli/latest/reference/lambda/add-permission.html) .
	LambdaConfig interface{} `json:"lambdaConfig" yaml:"lambdaConfig"`
	// The multi-factor (MFA) configuration. Valid values include:.
	//
	// - `OFF` MFA won't be used for any users.
	// - `ON` MFA is required for all users to sign in.
	// - `OPTIONAL` MFA will be required only for individual users who have an MFA factor activated.
	MfaConfiguration *string `json:"mfaConfiguration" yaml:"mfaConfiguration"`
	// The policy associated with a user pool.
	Policies interface{} `json:"policies" yaml:"policies"`
	// The schema attributes for the new user pool. These attributes can be standard or custom attributes.
	//
	// > During a user pool update, you can add new schema attributes but you cannot modify or delete an existing schema attribute.
	Schema interface{} `json:"schema" yaml:"schema"`
	// A string representing the SMS authentication message.
	SmsAuthenticationMessage *string `json:"smsAuthenticationMessage" yaml:"smsAuthenticationMessage"`
	// The SMS configuration.
	SmsConfiguration interface{} `json:"smsConfiguration" yaml:"smsConfiguration"`
	// A string representing the SMS verification message.
	SmsVerificationMessage *string `json:"smsVerificationMessage" yaml:"smsVerificationMessage"`
	// Determines whether email addresses or phone numbers can be specified as user names when a user signs up.
	//
	// Possible values: `phone_number` or `email` .
	//
	// This user pool property cannot be updated.
	UsernameAttributes *[]*string `json:"usernameAttributes" yaml:"usernameAttributes"`
	// You can choose to set case sensitivity on the username input for the selected sign-in option.
	//
	// For example, when this is set to `False` , users will be able to sign in using either "username" or "Username". This configuration is immutable once it has been set.
	UsernameConfiguration interface{} `json:"usernameConfiguration" yaml:"usernameConfiguration"`
	// Enables advanced security risk detection.
	//
	// Set the key `AdvancedSecurityMode` to the value "AUDIT".
	UserPoolAddOns interface{} `json:"userPoolAddOns" yaml:"userPoolAddOns"`
	// A string used to name the user pool.
	UserPoolName *string `json:"userPoolName" yaml:"userPoolName"`
	// The tag keys and values to assign to the user pool.
	//
	// A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria.
	UserPoolTags interface{} `json:"userPoolTags" yaml:"userPoolTags"`
	// The template for the verification message that the user sees when the app requests permission to access the user's information.
	VerificationMessageTemplate interface{} `json:"verificationMessageTemplate" yaml:"verificationMessageTemplate"`
}

Properties for defining a `CfnUserPool`.

TODO: EXAMPLE

type CfnUserPoolResourceServer 

type CfnUserPoolResourceServer interface {
	awscdk.CfnResource
	awscdk.IInspectable
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	Identifier() *string
	SetIdentifier(val *string)
	LogicalId() *string
	Name() *string
	SetName(val *string)
	Node() awscdk.ConstructNode
	Ref() *string
	Scopes() interface{}
	SetScopes(val interface{})
	Stack() awscdk.Stack
	UpdatedProperites() *map[string]interface{}
	UserPoolId() *string
	SetUserPoolId(val *string)
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	OverrideLogicalId(newLogicalId *string)
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Cognito::UserPoolResourceServer`.

The `AWS::Cognito::UserPoolResourceServer` resource creates a new OAuth2.0 resource server and defines custom scopes in it.

TODO: EXAMPLE

func NewCfnUserPoolResourceServer 

func NewCfnUserPoolResourceServer(scope awscdk.Construct, id *string, props *CfnUserPoolResourceServerProps) CfnUserPoolResourceServer

Create a new `AWS::Cognito::UserPoolResourceServer`.

type CfnUserPoolResourceServerProps 

type CfnUserPoolResourceServerProps struct {
	// A unique resource server identifier for the resource server.
	//
	// This could be an HTTPS endpoint where the resource server is located. For example: `https://my-weather-api.example.com` .
	Identifier *string `json:"identifier" yaml:"identifier"`
	// A friendly name for the resource server.
	Name *string `json:"name" yaml:"name"`
	// The user pool ID for the user pool.
	UserPoolId *string `json:"userPoolId" yaml:"userPoolId"`
	// A list of scopes.
	//
	// Each scope is a map with keys `ScopeName` and `ScopeDescription` .
	Scopes interface{} `json:"scopes" yaml:"scopes"`
}

Properties for defining a `CfnUserPoolResourceServer`.

TODO: EXAMPLE

type CfnUserPoolResourceServer_ResourceServerScopeTypeProperty 

type CfnUserPoolResourceServer_ResourceServerScopeTypeProperty struct {
	// A description of the scope.
	ScopeDescription *string `json:"scopeDescription" yaml:"scopeDescription"`
	// The name of the scope.
	ScopeName *string `json:"scopeName" yaml:"scopeName"`
}

A resource server scope.

TODO: EXAMPLE

type CfnUserPoolRiskConfigurationAttachment 

type CfnUserPoolRiskConfigurationAttachment interface {
	awscdk.CfnResource
	awscdk.IInspectable
	AccountTakeoverRiskConfiguration() interface{}
	SetAccountTakeoverRiskConfiguration(val interface{})
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	ClientId() *string
	SetClientId(val *string)
	CompromisedCredentialsRiskConfiguration() interface{}
	SetCompromisedCredentialsRiskConfiguration(val interface{})
	CreationStack() *[]*string
	LogicalId() *string
	Node() awscdk.ConstructNode
	Ref() *string
	RiskExceptionConfiguration() interface{}
	SetRiskExceptionConfiguration(val interface{})
	Stack() awscdk.Stack
	UpdatedProperites() *map[string]interface{}
	UserPoolId() *string
	SetUserPoolId(val *string)
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	OverrideLogicalId(newLogicalId *string)
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Cognito::UserPoolRiskConfigurationAttachment`.

The `AWS::Cognito::UserPoolRiskConfigurationAttachment` resource sets the risk configuration that is used for Amazon Cognito advanced security features.

You can specify risk configuration for a single client (with a specific `clientId` ) or for all clients (by setting the `clientId` to `ALL` ). If you specify `ALL` , the default configuration is used for every client that has had no risk configuration set previously. If you specify risk configuration for a particular client, it no longer falls back to the `ALL` configuration.

TODO: EXAMPLE

func NewCfnUserPoolRiskConfigurationAttachment 

func NewCfnUserPoolRiskConfigurationAttachment(scope awscdk.Construct, id *string, props *CfnUserPoolRiskConfigurationAttachmentProps) CfnUserPoolRiskConfigurationAttachment

Create a new `AWS::Cognito::UserPoolRiskConfigurationAttachment`.

type CfnUserPoolRiskConfigurationAttachmentProps 

type CfnUserPoolRiskConfigurationAttachmentProps struct {
	// The app client ID.
	//
	// You can specify the risk configuration for a single client (with a specific ClientId) or for all clients (by setting the ClientId to `ALL` ).
	ClientId *string `json:"clientId" yaml:"clientId"`
	// The user pool ID.
	UserPoolId *string `json:"userPoolId" yaml:"userPoolId"`
	// The account takeover risk configuration object, including the `NotifyConfiguration` object and `Actions` to take if there is an account takeover.
	AccountTakeoverRiskConfiguration interface{} `json:"accountTakeoverRiskConfiguration" yaml:"accountTakeoverRiskConfiguration"`
	// The compromised credentials risk configuration object, including the `EventFilter` and the `EventAction` .
	CompromisedCredentialsRiskConfiguration interface{} `json:"compromisedCredentialsRiskConfiguration" yaml:"compromisedCredentialsRiskConfiguration"`
	// The configuration to override the risk decision.
	RiskExceptionConfiguration interface{} `json:"riskExceptionConfiguration" yaml:"riskExceptionConfiguration"`
}

Properties for defining a `CfnUserPoolRiskConfigurationAttachment`.

TODO: EXAMPLE

type CfnUserPoolRiskConfigurationAttachment_AccountTakeoverActionTypeProperty 

type CfnUserPoolRiskConfigurationAttachment_AccountTakeoverActionTypeProperty struct {
	// The event action.
	//
	// - `BLOCK` Choosing this action will block the request.
	// - `MFA_IF_CONFIGURED` Present an MFA challenge if user has configured it, else allow the request.
	// - `MFA_REQUIRED` Present an MFA challenge if user has configured it, else block the request.
	// - `NO_ACTION` Allow the user to sign in.
	EventAction *string `json:"eventAction" yaml:"eventAction"`
	// Flag specifying whether to send a notification.
	Notify interface{} `json:"notify" yaml:"notify"`
}

Account takeover action type.

TODO: EXAMPLE

type CfnUserPoolRiskConfigurationAttachment_AccountTakeoverActionsTypeProperty 

type CfnUserPoolRiskConfigurationAttachment_AccountTakeoverActionsTypeProperty struct {
	// Action to take for a high risk.
	HighAction interface{} `json:"highAction" yaml:"highAction"`
	// Action to take for a low risk.
	LowAction interface{} `json:"lowAction" yaml:"lowAction"`
	// Action to take for a medium risk.
	MediumAction interface{} `json:"mediumAction" yaml:"mediumAction"`
}

Account takeover actions type.

TODO: EXAMPLE

type CfnUserPoolRiskConfigurationAttachment_AccountTakeoverRiskConfigurationTypeProperty 

type CfnUserPoolRiskConfigurationAttachment_AccountTakeoverRiskConfigurationTypeProperty struct {
	// Account takeover risk configuration actions.
	Actions interface{} `json:"actions" yaml:"actions"`
	// The notify configuration used to construct email notifications.
	NotifyConfiguration interface{} `json:"notifyConfiguration" yaml:"notifyConfiguration"`
}

Configuration for mitigation actions and notification for different levels of risk detected for a potential account takeover.

TODO: EXAMPLE

type CfnUserPoolRiskConfigurationAttachment_CompromisedCredentialsActionsTypeProperty 

type CfnUserPoolRiskConfigurationAttachment_CompromisedCredentialsActionsTypeProperty struct {
	// The event action.
	EventAction *string `json:"eventAction" yaml:"eventAction"`
}

The compromised credentials actions type.

TODO: EXAMPLE

type CfnUserPoolRiskConfigurationAttachment_CompromisedCredentialsRiskConfigurationTypeProperty 

type CfnUserPoolRiskConfigurationAttachment_CompromisedCredentialsRiskConfigurationTypeProperty struct {
	// The compromised credentials risk configuration actions.
	Actions interface{} `json:"actions" yaml:"actions"`
	// Perform the action for these events.
	//
	// The default is to perform all events if no event filter is specified.
	EventFilter *[]*string `json:"eventFilter" yaml:"eventFilter"`
}

The compromised credentials risk configuration type.

TODO: EXAMPLE

type CfnUserPoolRiskConfigurationAttachment_NotifyConfigurationTypeProperty 

type CfnUserPoolRiskConfigurationAttachment_NotifyConfigurationTypeProperty struct {
	// The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy.
	//
	// This identity permits Amazon Cognito to send for the email address specified in the `From` parameter.
	SourceArn *string `json:"sourceArn" yaml:"sourceArn"`
	// Email template used when a detected risk event is blocked.
	BlockEmail interface{} `json:"blockEmail" yaml:"blockEmail"`
	// The email address that is sending the email.
	//
	// The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES.
	From *string `json:"from" yaml:"from"`
	// The multi-factor authentication (MFA) email template used when MFA is challenged as part of a detected risk.
	MfaEmail interface{} `json:"mfaEmail" yaml:"mfaEmail"`
	// The email template used when a detected risk event is allowed.
	NoActionEmail interface{} `json:"noActionEmail" yaml:"noActionEmail"`
	// The destination to which the receiver of an email should reply to.
	ReplyTo *string `json:"replyTo" yaml:"replyTo"`
}

The notify configuration type.

TODO: EXAMPLE

type CfnUserPoolRiskConfigurationAttachment_NotifyEmailTypeProperty 

type CfnUserPoolRiskConfigurationAttachment_NotifyEmailTypeProperty struct {
	// The email subject.
	Subject *string `json:"subject" yaml:"subject"`
	// The email HTML body.
	HtmlBody *string `json:"htmlBody" yaml:"htmlBody"`
	// The email text body.
	TextBody *string `json:"textBody" yaml:"textBody"`
}

The notify email type.

TODO: EXAMPLE

type CfnUserPoolRiskConfigurationAttachment_RiskExceptionConfigurationTypeProperty 

type CfnUserPoolRiskConfigurationAttachment_RiskExceptionConfigurationTypeProperty struct {
	// Overrides the risk decision to always block the pre-authentication requests.
	//
	// The IP range is in CIDR notation, a compact representation of an IP address and its routing prefix.
	BlockedIpRangeList *[]*string `json:"blockedIpRangeList" yaml:"blockedIpRangeList"`
	// Risk detection isn't performed on the IP addresses in this range list.
	//
	// The IP range is in CIDR notation.
	SkippedIpRangeList *[]*string `json:"skippedIpRangeList" yaml:"skippedIpRangeList"`
}

The type of the configuration to override the risk decision.

TODO: EXAMPLE

type CfnUserPoolUICustomizationAttachment 

type CfnUserPoolUICustomizationAttachment interface {
	awscdk.CfnResource
	awscdk.IInspectable
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	ClientId() *string
	SetClientId(val *string)
	CreationStack() *[]*string
	Css() *string
	SetCss(val *string)
	LogicalId() *string
	Node() awscdk.ConstructNode
	Ref() *string
	Stack() awscdk.Stack
	UpdatedProperites() *map[string]interface{}
	UserPoolId() *string
	SetUserPoolId(val *string)
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	OverrideLogicalId(newLogicalId *string)
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Cognito::UserPoolUICustomizationAttachment`.

The `AWS::Cognito::UserPoolUICustomizationAttachment` resource sets the UI customization information for a user pool's built-in app UI.

You can specify app UI customization settings for a single client (with a specific `clientId` ) or for all clients (by setting the `clientId` to `ALL` ). If you specify `ALL` , the default configuration is used for every client that has had no UI customization set previously. If you specify UI customization settings for a particular client, it no longer falls back to the `ALL` configuration.

> Before you create this resource, your user pool must have a domain associated with it. You can create an `AWS::Cognito::UserPoolDomain` resource first in this user pool.

Setting a logo image isn't supported from AWS CloudFormation . Use the Amazon Cognito [SetUICustomization](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUICustomization.html#API_SetUICustomization_RequestSyntax) API operation to set the image.

TODO: EXAMPLE

func NewCfnUserPoolUICustomizationAttachment 

func NewCfnUserPoolUICustomizationAttachment(scope awscdk.Construct, id *string, props *CfnUserPoolUICustomizationAttachmentProps) CfnUserPoolUICustomizationAttachment

Create a new `AWS::Cognito::UserPoolUICustomizationAttachment`.

type CfnUserPoolUICustomizationAttachmentProps 

type CfnUserPoolUICustomizationAttachmentProps struct {
	// The client ID for the client app.
	//
	// You can specify the UI customization settings for a single client (with a specific clientId) or for all clients (by setting the clientId to `ALL` ).
	ClientId *string `json:"clientId" yaml:"clientId"`
	// The user pool ID for the user pool.
	UserPoolId *string `json:"userPoolId" yaml:"userPoolId"`
	// The CSS values in the UI customization.
	Css *string `json:"css" yaml:"css"`
}

Properties for defining a `CfnUserPoolUICustomizationAttachment`.

TODO: EXAMPLE

type CfnUserPoolUser 

type CfnUserPoolUser interface {
	awscdk.CfnResource
	awscdk.IInspectable
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	ClientMetadata() interface{}
	SetClientMetadata(val interface{})
	CreationStack() *[]*string
	DesiredDeliveryMediums() *[]*string
	SetDesiredDeliveryMediums(val *[]*string)
	ForceAliasCreation() interface{}
	SetForceAliasCreation(val interface{})
	LogicalId() *string
	MessageAction() *string
	SetMessageAction(val *string)
	Node() awscdk.ConstructNode
	Ref() *string
	Stack() awscdk.Stack
	UpdatedProperites() *map[string]interface{}
	UserAttributes() interface{}
	SetUserAttributes(val interface{})
	Username() *string
	SetUsername(val *string)
	UserPoolId() *string
	SetUserPoolId(val *string)
	ValidationData() interface{}
	SetValidationData(val interface{})
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	OverrideLogicalId(newLogicalId *string)
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Cognito::UserPoolUser`.

The `AWS::Cognito::UserPoolUser` resource creates an Amazon Cognito user pool user.

TODO: EXAMPLE

func NewCfnUserPoolUser 

func NewCfnUserPoolUser(scope awscdk.Construct, id *string, props *CfnUserPoolUserProps) CfnUserPoolUser

Create a new `AWS::Cognito::UserPoolUser`.

type CfnUserPoolUserProps 

type CfnUserPoolUserProps struct {
	// The user pool ID for the user pool where the user will be created.
	UserPoolId *string `json:"userPoolId" yaml:"userPoolId"`
	// A map of custom key-value pairs that you can provide as input for the custom workflow that is invoked by the *pre sign-up* trigger.
	//
	// You create custom workflows by assigning AWS Lambda functions to user pool triggers. When you create a `UserPoolUser` resource and include the `ClientMetadata` property, Amazon Cognito invokes the function that is assigned to the *pre sign-up* trigger. When Amazon Cognito invokes this function, it passes a JSON payload, which the function receives as input. This payload contains a `clientMetadata` attribute, which provides the data that you assigned to the ClientMetadata property. In your function code in AWS Lambda , you can process the `clientMetadata` value to enhance your workflow for your specific needs.
	//
	// For more information, see [Customizing User Pool Workflows with Lambda Triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html) in the *Amazon Cognito Developer Guide* .
	//
	// > Take the following limitations into consideration when you use the ClientMetadata parameter:
	// >
	// > - Amazon Cognito does not store the ClientMetadata value. This data is available only to AWS Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration does not include triggers, the ClientMetadata parameter serves no purpose.
	// > - Amazon Cognito does not validate the ClientMetadata value.
	// > - Amazon Cognito does not encrypt the the ClientMetadata value, so don't use it to provide sensitive information.
	ClientMetadata interface{} `json:"clientMetadata" yaml:"clientMetadata"`
	// Specify `"EMAIL"` if email will be used to send the welcome message.
	//
	// Specify `"SMS"` if the phone number will be used. The default value is `"SMS"` . You can specify more than one value.
	DesiredDeliveryMediums *[]*string `json:"desiredDeliveryMediums" yaml:"desiredDeliveryMediums"`
	// This parameter is used only if the `phone_number_verified` or `email_verified` attribute is set to `True` .
	//
	// Otherwise, it is ignored.
	//
	// If this parameter is set to `True` and the phone number or email address specified in the UserAttributes parameter already exists as an alias with a different user, the API call will migrate the alias from the previous user to the newly created user. The previous user will no longer be able to log in using that alias.
	//
	// If this parameter is set to `False` , the API throws an `AliasExistsException` error if the alias already exists. The default value is `False` .
	ForceAliasCreation interface{} `json:"forceAliasCreation" yaml:"forceAliasCreation"`
	// Set to `RESEND` to resend the invitation message to a user that already exists and reset the expiration limit on the user's account.
	//
	// Set to `SUPPRESS` to suppress sending the message. You can specify only one value.
	MessageAction *string `json:"messageAction" yaml:"messageAction"`
	// The user attributes and attribute values to be set for the user to be created.
	//
	// These are name-value pairs You can create a user without specifying any attributes other than `Username` . However, any attributes that you specify as required (in [](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) or in the *Attributes* tab of the console) must be supplied either by you (in your call to `AdminCreateUser` ) or by the user (when they sign up in response to your welcome message).
	//
	// For custom attributes, you must prepend the `custom:` prefix to the attribute name.
	//
	// To send a message inviting the user to sign up, you must specify the user's email address or phone number. This can be done in your call to AdminCreateUser or in the *Users* tab of the Amazon Cognito console for managing your user pools.
	//
	// In your call to `AdminCreateUser` , you can set the `email_verified` attribute to `True` , and you can set the `phone_number_verified` attribute to `True` . (You can also do this by calling [](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminUpdateUserAttributes.html) .)
	//
	// - *email* : The email address of the user to whom the message that contains the code and user name will be sent. Required if the `email_verified` attribute is set to `True` , or if `"EMAIL"` is specified in the `DesiredDeliveryMediums` parameter.
	// - *phone_number* : The phone number of the user to whom the message that contains the code and user name will be sent. Required if the `phone_number_verified` attribute is set to `True` , or if `"SMS"` is specified in the `DesiredDeliveryMediums` parameter.
	UserAttributes interface{} `json:"userAttributes" yaml:"userAttributes"`
	// The username for the user.
	//
	// Must be unique within the user pool. Must be a UTF-8 string between 1 and 128 characters. After the user is created, the username can't be changed.
	Username *string `json:"username" yaml:"username"`
	// The user's validation data.
	//
	// This is an array of name-value pairs that contain user attributes and attribute values that you can use for custom validation, such as restricting the types of user accounts that can be registered. For example, you might choose to allow or disallow user sign-up based on the user's domain.
	//
	// To configure custom validation, you must create a Pre Sign-up AWS Lambda trigger for the user pool as described in the Amazon Cognito Developer Guide. The Lambda trigger receives the validation data and uses it in the validation process.
	//
	// The user's validation data isn't persisted.
	ValidationData interface{} `json:"validationData" yaml:"validationData"`
}

Properties for defining a `CfnUserPoolUser`.

TODO: EXAMPLE

type CfnUserPoolUserToGroupAttachment 

type CfnUserPoolUserToGroupAttachment interface {
	awscdk.CfnResource
	awscdk.IInspectable
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	GroupName() *string
	SetGroupName(val *string)
	LogicalId() *string
	Node() awscdk.ConstructNode
	Ref() *string
	Stack() awscdk.Stack
	UpdatedProperites() *map[string]interface{}
	Username() *string
	SetUsername(val *string)
	UserPoolId() *string
	SetUserPoolId(val *string)
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	OverrideLogicalId(newLogicalId *string)
	Prepare()
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::Cognito::UserPoolUserToGroupAttachment`.

Adds the specified user to the specified group.

Calling this action requires developer credentials.

TODO: EXAMPLE

func NewCfnUserPoolUserToGroupAttachment 

func NewCfnUserPoolUserToGroupAttachment(scope awscdk.Construct, id *string, props *CfnUserPoolUserToGroupAttachmentProps) CfnUserPoolUserToGroupAttachment

Create a new `AWS::Cognito::UserPoolUserToGroupAttachment`.

type CfnUserPoolUserToGroupAttachmentProps 

type CfnUserPoolUserToGroupAttachmentProps struct {
	// The group name.
	GroupName *string `json:"groupName" yaml:"groupName"`
	// The username for the user.
	Username *string `json:"username" yaml:"username"`
	// The user pool ID for the user pool.
	UserPoolId *string `json:"userPoolId" yaml:"userPoolId"`
}

Properties for defining a `CfnUserPoolUserToGroupAttachment`.

TODO: EXAMPLE

type CfnUserPoolUser_AttributeTypeProperty 

type CfnUserPoolUser_AttributeTypeProperty struct {
	// The name of the attribute.
	Name *string `json:"name" yaml:"name"`
	// The value of the attribute.
	Value *string `json:"value" yaml:"value"`
}

Specifies whether the attribute is standard or custom.

TODO: EXAMPLE

type CfnUserPool_AccountRecoverySettingProperty 

type CfnUserPool_AccountRecoverySettingProperty struct {
	// The list of `RecoveryOptionTypes` .
	RecoveryMechanisms interface{} `json:"recoveryMechanisms" yaml:"recoveryMechanisms"`
}

Use this setting to define which verified available method a user can use to recover their password when they call `ForgotPassword` .

It allows you to define a preferred method when a user has more than one method available. With this setting, SMS does not qualify for a valid password recovery mechanism if the user also has SMS MFA enabled. In the absence of this setting, Cognito uses the legacy behavior to determine the recovery method where SMS is preferred over email.

TODO: EXAMPLE

type CfnUserPool_AdminCreateUserConfigProperty 

type CfnUserPool_AdminCreateUserConfigProperty struct {
	// Set to `True` if only the administrator is allowed to create user profiles.
	//
	// Set to `False` if users can sign themselves up via an app.
	AllowAdminCreateUserOnly interface{} `json:"allowAdminCreateUserOnly" yaml:"allowAdminCreateUserOnly"`
	// The message template to be used for the welcome message to new users.
	//
	// See also [Customizing User Invitation Messages](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-message-customizations.html#cognito-user-pool-settings-user-invitation-message-customization) .
	InviteMessageTemplate interface{} `json:"inviteMessageTemplate" yaml:"inviteMessageTemplate"`
	// The user account expiration limit, in days, after which the account is no longer usable.
	//
	// To reset the account after that time limit, you must call `AdminCreateUser` again, specifying `"RESEND"` for the `MessageAction` parameter. The default value for this parameter is 7.
	//
	// > If you set a value for `TemporaryPasswordValidityDays` in `PasswordPolicy` , that value will be used, and `UnusedAccountValidityDays` will be no longer be an available parameter for that user pool.
	UnusedAccountValidityDays *float64 `json:"unusedAccountValidityDays" yaml:"unusedAccountValidityDays"`
}

The configuration for `AdminCreateUser` requests.

TODO: EXAMPLE

type CfnUserPool_CustomEmailSenderProperty 

type CfnUserPool_CustomEmailSenderProperty struct {
	// The Amazon Resource Name (ARN) of the AWS Lambda function that Amazon Cognito triggers to send email notifications to users.
	LambdaArn *string `json:"lambdaArn" yaml:"lambdaArn"`
	// The Lambda version represents the signature of the "request" attribute in the "event" information that Amazon Cognito passes to your custom email sender AWS Lambda function.
	//
	// The only supported value is `V1_0` .
	LambdaVersion *string `json:"lambdaVersion" yaml:"lambdaVersion"`
}

A custom email sender AWS Lambda trigger.

TODO: EXAMPLE

type CfnUserPool_CustomSMSSenderProperty 

type CfnUserPool_CustomSMSSenderProperty struct {
	// The Amazon Resource Name (ARN) of the AWS Lambda function that Amazon Cognito triggers to send SMS notifications to users.
	LambdaArn *string `json:"lambdaArn" yaml:"lambdaArn"`
	// The Lambda version represents the signature of the "request" attribute in the "event" information Amazon Cognito passes to your custom SMS sender Lambda function.
	//
	// The only supported value is `V1_0` .
	LambdaVersion *string `json:"lambdaVersion" yaml:"lambdaVersion"`
}

A custom SMS sender AWS Lambda trigger.

TODO: EXAMPLE

type CfnUserPool_DeviceConfigurationProperty 

type CfnUserPool_DeviceConfigurationProperty struct {
	// When true, device authentication can replace SMS and time-based one-time password (TOTP) factors for multi-factor authentication (MFA).
	//
	// > Users that sign in with devices that have not been confirmed or remembered will still have to provide a second factor, whether or not ChallengeRequiredOnNewDevice is true, when your user pool requires MFA.
	ChallengeRequiredOnNewDevice interface{} `json:"challengeRequiredOnNewDevice" yaml:"challengeRequiredOnNewDevice"`
	// When true, users can opt in to remembering their device.
	//
	// Your app code must use callback functions to return the user's choice.
	DeviceOnlyRememberedOnUserPrompt interface{} `json:"deviceOnlyRememberedOnUserPrompt" yaml:"deviceOnlyRememberedOnUserPrompt"`
}

The device tracking configuration for a user pool. A user pool with device tracking deactivated returns a null value.

> When you provide values for any DeviceConfiguration field, you activate device tracking.

TODO: EXAMPLE

type CfnUserPool_EmailConfigurationProperty 

type CfnUserPool_EmailConfigurationProperty struct {
	// The set of configuration rules that can be applied to emails sent using Amazon SES.
	//
	// A configuration set is applied to an email by including a reference to the configuration set in the headers of the email. Once applied, all of the rules in that configuration set are applied to the email. Configuration sets can be used to apply the following types of rules to emails:
	//
	// - Event publishing – Amazon SES can track the number of send, delivery, open, click, bounce, and complaint events for each email sent. Use event publishing to send information about these events to other AWS services such as SNS and CloudWatch.
	// - IP pool management – When leasing dedicated IP addresses with Amazon SES, you can create groups of IP addresses, called dedicated IP pools. You can then associate the dedicated IP pools with configuration sets.
	ConfigurationSet *string `json:"configurationSet" yaml:"configurationSet"`
	// Specifies whether Amazon Cognito emails your users by using its built-in email functionality or your Amazon Simple Email Service email configuration.
	//
	// Specify one of the following values:
	//
	// - **COGNITO_DEFAULT** - When Amazon Cognito emails your users, it uses its built-in email functionality. When you use the default option, Amazon Cognito allows only a limited number of emails each day for your user pool. For typical production environments, the default email limit is less than the required delivery volume. To achieve a higher delivery volume, specify DEVELOPER to use your Amazon SES email configuration.
	//
	// To look up the email delivery limit for the default option, see [Limits in](https://docs.aws.amazon.com/cognito/latest/developerguide/limits.html) in the *Developer Guide* .
	//
	// The default FROM address is `no-reply@verificationemail.com` . To customize the FROM address, provide the Amazon Resource Name (ARN) of an Amazon SES verified email address for the `SourceArn` parameter.
	//
	// If EmailSendingAccount is COGNITO_DEFAULT, you can't use the following parameters:
	//
	// - EmailVerificationMessage
	// - EmailVerificationSubject
	// - InviteMessageTemplate.EmailMessage
	// - InviteMessageTemplate.EmailSubject
	// - VerificationMessageTemplate.EmailMessage
	// - VerificationMessageTemplate.EmailMessageByLink
	// - VerificationMessageTemplate.EmailSubject,
	// - VerificationMessageTemplate.EmailSubjectByLink
	//
	// > DEVELOPER EmailSendingAccount is required.
	// - **DEVELOPER** - When Amazon Cognito emails your users, it uses your Amazon SES configuration. Amazon Cognito calls Amazon SES on your behalf to send email from your verified email address. When you use this option, the email delivery limits are the same limits that apply to your Amazon SES verified email address in your AWS account .
	//
	// If you use this option, you must provide the ARN of an Amazon SES verified email address for the `SourceArn` parameter.
	//
	// Before Amazon Cognito can email your users, it requires additional permissions to call Amazon SES on your behalf. When you update your user pool with this option, Amazon Cognito creates a *service-linked role* , which is a type of role, in your AWS account . This role contains the permissions that allow to access Amazon SES and send email messages with your address. For more information about the service-linked role that Amazon Cognito creates, see [Using Service-Linked Roles for Amazon Cognito](https://docs.aws.amazon.com/cognito/latest/developerguide/using-service-linked-roles.html) in the *Amazon Cognito Developer Guide* .
	EmailSendingAccount *string `json:"emailSendingAccount" yaml:"emailSendingAccount"`
	// Identifies either the sender's email address or the sender's name with their email address.
	//
	// For example, `testuser@example.com` or `Test User <testuser@example.com>` . This address appears before the body of the email.
	From *string `json:"from" yaml:"from"`
	// The destination to which the receiver of the email should reply.
	ReplyToEmailAddress *string `json:"replyToEmailAddress" yaml:"replyToEmailAddress"`
	// The ARN of a verified email address in Amazon SES.
	//
	// Amazon Cognito uses this email address in one of the following ways, depending on the value that you specify for the `EmailSendingAccount` parameter:
	//
	// - If you specify `COGNITO_DEFAULT` , Amazon Cognito uses this address as the custom FROM address when it emails your users using its built-in email account.
	// - If you specify `DEVELOPER` , Amazon Cognito emails your users with this address by calling Amazon SES on your behalf.
	SourceArn *string `json:"sourceArn" yaml:"sourceArn"`
}

The email configuration.

TODO: EXAMPLE

type CfnUserPool_InviteMessageTemplateProperty 

type CfnUserPool_InviteMessageTemplateProperty struct {
	// The message template for email messages.
	//
	// EmailMessage is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.
	EmailMessage *string `json:"emailMessage" yaml:"emailMessage"`
	// The subject line for email messages.
	//
	// EmailSubject is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.
	EmailSubject *string `json:"emailSubject" yaml:"emailSubject"`
	// The message template for SMS messages.
	SmsMessage *string `json:"smsMessage" yaml:"smsMessage"`
}

The message template to be used for the welcome message to new users.

See also [Customizing User Invitation Messages](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-message-customizations.html#cognito-user-pool-settings-user-invitation-message-customization) .

TODO: EXAMPLE

type CfnUserPool_LambdaConfigProperty 

type CfnUserPool_LambdaConfigProperty struct {
	// Creates an authentication challenge.
	CreateAuthChallenge *string `json:"createAuthChallenge" yaml:"createAuthChallenge"`
	// A custom email sender AWS Lambda trigger.
	CustomEmailSender interface{} `json:"customEmailSender" yaml:"customEmailSender"`
	// A custom Message AWS Lambda trigger.
	CustomMessage *string `json:"customMessage" yaml:"customMessage"`
	// A custom SMS sender AWS Lambda trigger.
	CustomSmsSender interface{} `json:"customSmsSender" yaml:"customSmsSender"`
	// Defines the authentication challenge.
	DefineAuthChallenge *string `json:"defineAuthChallenge" yaml:"defineAuthChallenge"`
	// The Amazon Resource Name of a AWS Key Management Service ( AWS KMS ) key.
	//
	// Amazon Cognito uses the key to encrypt codes and temporary passwords sent to `CustomEmailSender` and `CustomSMSSender` .
	KmsKeyId *string `json:"kmsKeyId" yaml:"kmsKeyId"`
	// A post-authentication AWS Lambda trigger.
	PostAuthentication *string `json:"postAuthentication" yaml:"postAuthentication"`
	// A post-confirmation AWS Lambda trigger.
	PostConfirmation *string `json:"postConfirmation" yaml:"postConfirmation"`
	// A pre-authentication AWS Lambda trigger.
	PreAuthentication *string `json:"preAuthentication" yaml:"preAuthentication"`
	// A pre-registration AWS Lambda trigger.
	PreSignUp *string `json:"preSignUp" yaml:"preSignUp"`
	// A Lambda trigger that is invoked before token generation.
	PreTokenGeneration *string `json:"preTokenGeneration" yaml:"preTokenGeneration"`
	// The user migration Lambda config type.
	UserMigration *string `json:"userMigration" yaml:"userMigration"`
	// Verifies the authentication challenge response.
	VerifyAuthChallengeResponse *string `json:"verifyAuthChallengeResponse" yaml:"verifyAuthChallengeResponse"`
}

Specifies the configuration for AWS Lambda triggers.

TODO: EXAMPLE

type CfnUserPool_NumberAttributeConstraintsProperty 

type CfnUserPool_NumberAttributeConstraintsProperty struct {
	// The maximum value of an attribute that is of the number data type.
	MaxValue *string `json:"maxValue" yaml:"maxValue"`
	// The minimum value of an attribute that is of the number data type.
	MinValue *string `json:"minValue" yaml:"minValue"`
}

The minimum and maximum values of an attribute that is of the number data type.

TODO: EXAMPLE

type CfnUserPool_PasswordPolicyProperty 

type CfnUserPool_PasswordPolicyProperty struct {
	// The minimum length of the password in the policy that you have set.
	//
	// This value can't be less than 6.
	MinimumLength *float64 `json:"minimumLength" yaml:"minimumLength"`
	// In the password policy that you have set, refers to whether you have required users to use at least one lowercase letter in their password.
	RequireLowercase interface{} `json:"requireLowercase" yaml:"requireLowercase"`
	// In the password policy that you have set, refers to whether you have required users to use at least one number in their password.
	RequireNumbers interface{} `json:"requireNumbers" yaml:"requireNumbers"`
	// In the password policy that you have set, refers to whether you have required users to use at least one symbol in their password.
	RequireSymbols interface{} `json:"requireSymbols" yaml:"requireSymbols"`
	// In the password policy that you have set, refers to whether you have required users to use at least one uppercase letter in their password.
	RequireUppercase interface{} `json:"requireUppercase" yaml:"requireUppercase"`
	// The number of days a temporary password is valid in the password policy.
	//
	// If the user doesn't sign in during this time, an administrator must reset their password.
	//
	// > When you set `TemporaryPasswordValidityDays` for a user pool, you can no longer set the deprecated `UnusedAccountValidityDays` value for that user pool.
	TemporaryPasswordValidityDays *float64 `json:"temporaryPasswordValidityDays" yaml:"temporaryPasswordValidityDays"`
}

The password policy type.

TODO: EXAMPLE

type CfnUserPool_PoliciesProperty 

type CfnUserPool_PoliciesProperty struct {
	// The password policy.
	PasswordPolicy interface{} `json:"passwordPolicy" yaml:"passwordPolicy"`
}

The policy associated with a user pool.

TODO: EXAMPLE

type CfnUserPool_RecoveryOptionProperty 

type CfnUserPool_RecoveryOptionProperty struct {
	// Specifies the recovery method for a user.
	Name *string `json:"name" yaml:"name"`
	// A positive integer specifying priority of a method with 1 being the highest priority.
	Priority *float64 `json:"priority" yaml:"priority"`
}

A map containing a priority as a key, and recovery method name as a value.

TODO: EXAMPLE

type CfnUserPool_SchemaAttributeProperty 

type CfnUserPool_SchemaAttributeProperty struct {
	// The attribute data type.
	AttributeDataType *string `json:"attributeDataType" yaml:"attributeDataType"`
	// > We recommend that you use [WriteAttributes](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UserPoolClientType.html#CognitoUserPools-Type-UserPoolClientType-WriteAttributes) in the user pool client to control how attributes can be mutated for new use cases instead of using `DeveloperOnlyAttribute` .
	//
	// Specifies whether the attribute type is developer only. This attribute can only be modified by an administrator. Users will not be able to modify this attribute using their access token.
	DeveloperOnlyAttribute interface{} `json:"developerOnlyAttribute" yaml:"developerOnlyAttribute"`
	// Specifies whether the value of the attribute can be changed.
	//
	// For any user pool attribute that is mapped to an identity provider attribute, you must set this parameter to `true` . Amazon Cognito updates mapped attributes when users sign in to your application through an identity provider. If an attribute is immutable, Amazon Cognito throws an error when it attempts to update the attribute. For more information, see [Specifying Identity Provider Attribute Mappings for Your User Pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html) .
	Mutable interface{} `json:"mutable" yaml:"mutable"`
	// A schema attribute of the name type.
	Name *string `json:"name" yaml:"name"`
	// Specifies the constraints for an attribute of the number type.
	NumberAttributeConstraints interface{} `json:"numberAttributeConstraints" yaml:"numberAttributeConstraints"`
	// Specifies whether a user pool attribute is required.
	//
	// If the attribute is required and the user doesn't provide a value, registration or sign-in will fail.
	Required interface{} `json:"required" yaml:"required"`
	// Specifies the constraints for an attribute of the string type.
	StringAttributeConstraints interface{} `json:"stringAttributeConstraints" yaml:"stringAttributeConstraints"`
}

Contains information about the schema attribute.

TODO: EXAMPLE

type CfnUserPool_SmsConfigurationProperty 

type CfnUserPool_SmsConfigurationProperty struct {
	// The external ID is a value.
	//
	// We recommend you use `ExternalId` to add security to your IAM role, which is used to call Amazon SNS to send SMS messages for your user pool. If you provide an `ExternalId` , the Cognito User Pool uses it when attempting to assume your IAM role. You can also set your roles trust policy to require the `ExternalID` . If you use the Cognito Management Console to create a role for SMS MFA, Cognito creates a role with the required permissions and a trust policy that uses `ExternalId` .
	ExternalId *string `json:"externalId" yaml:"externalId"`
	// The Amazon Resource Name (ARN) of the Amazon SNS caller.
	//
	// This is the ARN of the IAM role in your AWS account that Amazon Cognito will use to send SMS messages. SMS messages are subject to a [spending limit](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html) .
	SnsCallerArn *string `json:"snsCallerArn" yaml:"snsCallerArn"`
	// `CfnUserPool.SmsConfigurationProperty.SnsRegion`.
	SnsRegion *string `json:"snsRegion" yaml:"snsRegion"`
}

The SMS configuration type that includes the settings the Cognito User Pool needs to call for the Amazon SNS service to send an SMS message from your AWS account .

The Cognito User Pool makes the request to the Amazon SNS Service by using an IAM role that you provide for your AWS account .

TODO: EXAMPLE

type CfnUserPool_StringAttributeConstraintsProperty 

type CfnUserPool_StringAttributeConstraintsProperty struct {
	// The maximum length.
	MaxLength *string `json:"maxLength" yaml:"maxLength"`
	// The minimum length.
	MinLength *string `json:"minLength" yaml:"minLength"`
}

The `StringAttributeConstraints` property type defines the string attribute constraints of an Amazon Cognito user pool.

`StringAttributeConstraints` is a subproperty of the [SchemaAttribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-schemaattribute.html) property type.

TODO: EXAMPLE

type CfnUserPool_UserPoolAddOnsProperty 

type CfnUserPool_UserPoolAddOnsProperty struct {
	// The advanced security mode.
	AdvancedSecurityMode *string `json:"advancedSecurityMode" yaml:"advancedSecurityMode"`
}

The user pool add-ons type.

TODO: EXAMPLE

type CfnUserPool_UsernameConfigurationProperty 

type CfnUserPool_UsernameConfigurationProperty struct {
	// Specifies whether username case sensitivity will be applied for all users in the user pool through Amazon Cognito APIs.
	//
	// Valid values include:
	//
	// - *`True`* : Enables case sensitivity for all username input. When this option is set to `True` , users must sign in using the exact capitalization of their given username, such as “UserName”. This is the default value.
	// - *`False`* : Enables case insensitivity for all username input. For example, when this option is set to `False` , users can sign in using either "username" or "Username". This option also enables both `preferred_username` and `email` alias to be case insensitive, in addition to the `username` attribute.
	CaseSensitive interface{} `json:"caseSensitive" yaml:"caseSensitive"`
}

The `UsernameConfiguration` property type specifies case sensitivity on the username input for the selected sign-in option.

TODO: EXAMPLE

type CfnUserPool_VerificationMessageTemplateProperty 

type CfnUserPool_VerificationMessageTemplateProperty struct {
	// The default email option.
	DefaultEmailOption *string `json:"defaultEmailOption" yaml:"defaultEmailOption"`
	// The email message template.
	//
	// EmailMessage is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.
	EmailMessage *string `json:"emailMessage" yaml:"emailMessage"`
	// The email message template for sending a confirmation link to the user.
	//
	// EmailMessageByLink is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.
	EmailMessageByLink *string `json:"emailMessageByLink" yaml:"emailMessageByLink"`
	// The subject line for the email message template.
	//
	// EmailSubject is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.
	EmailSubject *string `json:"emailSubject" yaml:"emailSubject"`
	// The subject line for the email message template for sending a confirmation link to the user.
	//
	// EmailSubjectByLink is allowed only [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER.
	EmailSubjectByLink *string `json:"emailSubjectByLink" yaml:"emailSubjectByLink"`
	// The SMS message template.
	SmsMessage *string `json:"smsMessage" yaml:"smsMessage"`
}

The template for verification messages.

TODO: EXAMPLE

type ClientAttributes 

type ClientAttributes interface {
	Attributes() *[]*string
	WithCustomAttributes(attributes ...*string) ClientAttributes
	WithStandardAttributes(attributes *StandardAttributesMask) ClientAttributes
}

A set of attributes, useful to set Read and Write attributes.

TODO: EXAMPLE

Experimental.

func NewClientAttributes 

func NewClientAttributes() ClientAttributes

Creates a ClientAttributes with the specified attributes. Experimental.

type CognitoDomainOptions 

type CognitoDomainOptions struct {
	// The prefix to the Cognito hosted domain name that will be associated with the user pool.
	// Experimental.
	DomainPrefix *string `json:"domainPrefix" yaml:"domainPrefix"`
}

Options while specifying a cognito prefix domain.

TODO: EXAMPLE

See: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-assign-domain-prefix.html

Experimental.

type CustomAttributeConfig 

type CustomAttributeConfig struct {
	// The data type of the custom attribute.
	// See: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SchemaAttributeType.html#CognitoUserPools-Type-SchemaAttributeType-AttributeDataType
	//
	// Experimental.
	DataType *string `json:"dataType" yaml:"dataType"`
	// Specifies whether the value of the attribute can be changed.
	//
	// For any user pool attribute that's mapped to an identity provider attribute, you must set this parameter to true.
	// Amazon Cognito updates mapped attributes when users sign in to your application through an identity provider.
	// If an attribute is immutable, Amazon Cognito throws an error when it attempts to update the attribute.
	// Experimental.
	Mutable *bool `json:"mutable" yaml:"mutable"`
	// The constraints for a custom attribute of the 'Number' data type.
	// Experimental.
	NumberConstraints *NumberAttributeConstraints `json:"numberConstraints" yaml:"numberConstraints"`
	// The constraints for a custom attribute of 'String' data type.
	// Experimental.
	StringConstraints *StringAttributeConstraints `json:"stringConstraints" yaml:"stringConstraints"`
}

Configuration that will be fed into CloudFormation for any custom attribute type.

TODO: EXAMPLE

Experimental.

type CustomAttributeProps 

type CustomAttributeProps struct {
	// Specifies whether the value of the attribute can be changed.
	//
	// For any user pool attribute that's mapped to an identity provider attribute, you must set this parameter to true.
	// Amazon Cognito updates mapped attributes when users sign in to your application through an identity provider.
	// If an attribute is immutable, Amazon Cognito throws an error when it attempts to update the attribute.
	// Experimental.
	Mutable *bool `json:"mutable" yaml:"mutable"`
}

Constraints that can be applied to a custom attribute of any type.

TODO: EXAMPLE

Experimental.

type CustomDomainOptions 

type CustomDomainOptions struct {
	// The certificate to associate with this domain.
	// Experimental.
	Certificate awscertificatemanager.ICertificate `json:"certificate" yaml:"certificate"`
	// The custom domain name that you would like to associate with this User Pool.
	// Experimental.
	DomainName *string `json:"domainName" yaml:"domainName"`
}

Options while specifying custom domain.

TODO: EXAMPLE

See: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-add-custom-domain.html

Experimental.

type DateTimeAttribute 

type DateTimeAttribute interface {
	ICustomAttribute
	Bind() *CustomAttributeConfig
}

The DateTime custom attribute type.

TODO: EXAMPLE

Experimental.

func NewDateTimeAttribute 

func NewDateTimeAttribute(props *CustomAttributeProps) DateTimeAttribute

Experimental.

type DeviceTracking 

type DeviceTracking struct {
	// Indicates whether a challenge is required on a new device.
	//
	// Only applicable to a new device.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html
	//
	// Experimental.
	ChallengeRequiredOnNewDevice *bool `json:"challengeRequiredOnNewDevice" yaml:"challengeRequiredOnNewDevice"`
	// If true, a device is only remembered on user prompt.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html
	//
	// Experimental.
	DeviceOnlyRememberedOnUserPrompt *bool `json:"deviceOnlyRememberedOnUserPrompt" yaml:"deviceOnlyRememberedOnUserPrompt"`
}

Device tracking settings.

TODO: EXAMPLE

See: https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-device-tracking.html

Experimental.

type EmailSettings 

type EmailSettings struct {
	// The 'from' address on the emails received by the user.
	// Experimental.
	From *string `json:"from" yaml:"from"`
	// The 'replyTo' address on the emails received by the user as defined by IETF RFC-5322.
	//
	// When set, most email clients recognize to change 'to' line to this address when a reply is drafted.
	// Experimental.
	ReplyTo *string `json:"replyTo" yaml:"replyTo"`
}

Email settings for the user pool.

TODO: EXAMPLE

Experimental.

type ICustomAttribute 

type ICustomAttribute interface {
	// Bind this custom attribute type to the values as expected by CloudFormation.
	// Experimental.
	Bind() *CustomAttributeConfig
}

Represents a custom attribute type. Experimental.

type IUserPool 

type IUserPool interface {
	awscdk.IResource
	// Add a new app client to this user pool.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-client-apps.html
	//
	// Experimental.
	AddClient(id *string, options *UserPoolClientOptions) UserPoolClient
	// Associate a domain to this user pool.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-assign-domain.html
	//
	// Experimental.
	AddDomain(id *string, options *UserPoolDomainOptions) UserPoolDomain
	// Add a new resource server to this user pool.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-resource-servers.html
	//
	// Experimental.
	AddResourceServer(id *string, options *UserPoolResourceServerOptions) UserPoolResourceServer
	// Register an identity provider with this user pool.
	// Experimental.
	RegisterIdentityProvider(provider IUserPoolIdentityProvider)
	// Get all identity providers registered with this user pool.
	// Experimental.
	IdentityProviders() *[]IUserPoolIdentityProvider
	// The ARN of this user pool resource.
	// Experimental.
	UserPoolArn() *string
	// The physical ID of this user pool resource.
	// Experimental.
	UserPoolId() *string
}

Represents a Cognito UserPool. Experimental.

func UserPool_FromUserPoolArn 

func UserPool_FromUserPoolArn(scope constructs.Construct, id *string, userPoolArn *string) IUserPool

Import an existing user pool based on its ARN. Experimental.

func UserPool_FromUserPoolId 

func UserPool_FromUserPoolId(scope constructs.Construct, id *string, userPoolId *string) IUserPool

Import an existing user pool based on its id. Experimental.

type IUserPoolClient 

type IUserPoolClient interface {
	awscdk.IResource
	// Name of the application client.
	// Experimental.
	UserPoolClientId() *string
}

Represents a Cognito user pool client. Experimental.

func UserPoolClient_FromUserPoolClientId 

func UserPoolClient_FromUserPoolClientId(scope constructs.Construct, id *string, userPoolClientId *string) IUserPoolClient

Import a user pool client given its id. Experimental.

type IUserPoolDomain 

type IUserPoolDomain interface {
	awscdk.IResource
	// The domain that was specified to be created.
	//
	// If `customDomain` was selected, this holds the full domain name that was specified.
	// If the `cognitoDomain` was used, it contains the prefix to the Cognito hosted domain.
	// Experimental.
	DomainName() *string
}

Represents a user pool domain. Experimental.

func UserPoolDomain_FromDomainName 

func UserPoolDomain_FromDomainName(scope constructs.Construct, id *string, userPoolDomainName *string) IUserPoolDomain

Import a UserPoolDomain given its domain name. Experimental.

type IUserPoolIdentityProvider 

type IUserPoolIdentityProvider interface {
	awscdk.IResource
	// The primary identifier of this identity provider.
	// Experimental.
	ProviderName() *string
}

Represents a UserPoolIdentityProvider. Experimental.

func UserPoolIdentityProvider_FromProviderName 

func UserPoolIdentityProvider_FromProviderName(scope constructs.Construct, id *string, providerName *string) IUserPoolIdentityProvider

Import an existing UserPoolIdentityProvider. Experimental.

type IUserPoolResourceServer 

type IUserPoolResourceServer interface {
	awscdk.IResource
	// Resource server id.
	// Experimental.
	UserPoolResourceServerId() *string
}

Represents a Cognito user pool resource server. Experimental.

func UserPoolResourceServer_FromUserPoolResourceServerId 

func UserPoolResourceServer_FromUserPoolResourceServerId(scope constructs.Construct, id *string, userPoolResourceServerId *string) IUserPoolResourceServer

Import a user pool resource client given its id. Experimental.

type Mfa 

type Mfa string

The different ways in which a user pool's MFA enforcement can be configured.

TODO: EXAMPLE

See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa.html

Experimental. 

const (
	Mfa_OFF      Mfa = "OFF"
	Mfa_OPTIONAL Mfa = "OPTIONAL"
	Mfa_REQUIRED Mfa = "REQUIRED"
)

type MfaSecondFactor 

type MfaSecondFactor struct {
	// The MFA token is a time-based one time password that is generated by a hardware or software token.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa-totp.html
	//
	// Experimental.
	Otp *bool `json:"otp" yaml:"otp"`
	// The MFA token is sent to the user via SMS to their verified phone numbers.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa-sms-text-message.html
	//
	// Experimental.
	Sms *bool `json:"sms" yaml:"sms"`
}

The different ways in which a user pool can obtain their MFA token for sign in.

TODO: EXAMPLE

See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-mfa.html

Experimental.

type NumberAttribute 

type NumberAttribute interface {
	ICustomAttribute
	Bind() *CustomAttributeConfig
}

The Number custom attribute type.

TODO: EXAMPLE

Experimental.

func NewNumberAttribute 

func NewNumberAttribute(props *NumberAttributeProps) NumberAttribute

Experimental.

type NumberAttributeConstraints 

type NumberAttributeConstraints struct {
	// Maximum value of this attribute.
	// Experimental.
	Max *float64 `json:"max" yaml:"max"`
	// Minimum value of this attribute.
	// Experimental.
	Min *float64 `json:"min" yaml:"min"`
}

Constraints that can be applied to a custom attribute of number type.

TODO: EXAMPLE

Experimental.

type NumberAttributeProps 

type NumberAttributeProps struct {
	// Maximum value of this attribute.
	// Experimental.
	Max *float64 `json:"max" yaml:"max"`
	// Minimum value of this attribute.
	// Experimental.
	Min *float64 `json:"min" yaml:"min"`
	// Specifies whether the value of the attribute can be changed.
	//
	// For any user pool attribute that's mapped to an identity provider attribute, you must set this parameter to true.
	// Amazon Cognito updates mapped attributes when users sign in to your application through an identity provider.
	// If an attribute is immutable, Amazon Cognito throws an error when it attempts to update the attribute.
	// Experimental.
	Mutable *bool `json:"mutable" yaml:"mutable"`
}

Props for NumberAttr.

TODO: EXAMPLE

Experimental.

type OAuthFlows 

type OAuthFlows struct {
	// Initiate an authorization code grant flow, which provides an authorization code as the response.
	// Experimental.
	AuthorizationCodeGrant *bool `json:"authorizationCodeGrant" yaml:"authorizationCodeGrant"`
	// Client should get the access token and ID token from the token endpoint using a combination of client and client_secret.
	// Experimental.
	ClientCredentials *bool `json:"clientCredentials" yaml:"clientCredentials"`
	// The client should get the access token and ID token directly.
	// Experimental.
	ImplicitCodeGrant *bool `json:"implicitCodeGrant" yaml:"implicitCodeGrant"`
}

Types of OAuth grant flows.

TODO: EXAMPLE

See: - the 'Allowed OAuth Flows' section at https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-app-idp-settings.html

Experimental.

type OAuthScope 

type OAuthScope interface {
	ScopeName() *string
}

OAuth scopes that are allowed with this client.

TODO: EXAMPLE

See: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-app-idp-settings.html

Experimental.

func OAuthScope_COGNITO_ADMIN 

func OAuthScope_COGNITO_ADMIN() OAuthScope

func OAuthScope_Custom 

func OAuthScope_Custom(name *string) OAuthScope

Custom scope is one that you define for your own resource server in the Resource Servers.

The format is 'resource-server-identifier/scope'. See: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-define-resource-servers.html

Experimental.

func OAuthScope_EMAIL 

func OAuthScope_EMAIL() OAuthScope

func OAuthScope_OPENID 

func OAuthScope_OPENID() OAuthScope

func OAuthScope_PHONE 

func OAuthScope_PHONE() OAuthScope

func OAuthScope_PROFILE 

func OAuthScope_PROFILE() OAuthScope

func OAuthScope_ResourceServer 

func OAuthScope_ResourceServer(server IUserPoolResourceServer, scope ResourceServerScope) OAuthScope

Adds a custom scope that's tied to a resource server in your stack. Experimental.

type OAuthSettings 

type OAuthSettings struct {
	// List of allowed redirect URLs for the identity providers.
	// Experimental.
	CallbackUrls *[]*string `json:"callbackUrls" yaml:"callbackUrls"`
	// OAuth flows that are allowed with this client.
	// See: - the 'Allowed OAuth Flows' section at https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-app-idp-settings.html
	//
	// Experimental.
	Flows *OAuthFlows `json:"flows" yaml:"flows"`
	// List of allowed logout URLs for the identity providers.
	// Experimental.
	LogoutUrls *[]*string `json:"logoutUrls" yaml:"logoutUrls"`
	// OAuth scopes that are allowed with this client.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-app-idp-settings.html
	//
	// Experimental.
	Scopes *[]OAuthScope `json:"scopes" yaml:"scopes"`
}

OAuth settings to configure the interaction between the app and this client.

TODO: EXAMPLE

Experimental.

type PasswordPolicy 

type PasswordPolicy struct {
	// Minimum length required for a user's password.
	// Experimental.
	MinLength *float64 `json:"minLength" yaml:"minLength"`
	// Whether the user is required to have digits in their password.
	// Experimental.
	RequireDigits *bool `json:"requireDigits" yaml:"requireDigits"`
	// Whether the user is required to have lowercase characters in their password.
	// Experimental.
	RequireLowercase *bool `json:"requireLowercase" yaml:"requireLowercase"`
	// Whether the user is required to have symbols in their password.
	// Experimental.
	RequireSymbols *bool `json:"requireSymbols" yaml:"requireSymbols"`
	// Whether the user is required to have uppercase characters in their password.
	// Experimental.
	RequireUppercase *bool `json:"requireUppercase" yaml:"requireUppercase"`
	// The length of time the temporary password generated by an admin is valid.
	//
	// This must be provided as whole days, like Duration.days(3) or Duration.hours(48).
	// Fractional days, such as Duration.hours(20), will generate an error.
	// Experimental.
	TempPasswordValidity awscdk.Duration `json:"tempPasswordValidity" yaml:"tempPasswordValidity"`
}

Password policy for User Pools.

TODO: EXAMPLE

Experimental.

type ProviderAttribute 

type ProviderAttribute interface {
	AttributeName() *string
}

An attribute available from a third party identity provider.

TODO: EXAMPLE

Experimental.

func ProviderAttribute_AMAZON_EMAIL 

func ProviderAttribute_AMAZON_EMAIL() ProviderAttribute

func ProviderAttribute_AMAZON_NAME 

func ProviderAttribute_AMAZON_NAME() ProviderAttribute

func ProviderAttribute_AMAZON_POSTAL_CODE 

func ProviderAttribute_AMAZON_POSTAL_CODE() ProviderAttribute

func ProviderAttribute_AMAZON_USER_ID 

func ProviderAttribute_AMAZON_USER_ID() ProviderAttribute

func ProviderAttribute_APPLE_EMAIL 

func ProviderAttribute_APPLE_EMAIL() ProviderAttribute

func ProviderAttribute_APPLE_FIRST_NAME 

func ProviderAttribute_APPLE_FIRST_NAME() ProviderAttribute

func ProviderAttribute_APPLE_LAST_NAME 

func ProviderAttribute_APPLE_LAST_NAME() ProviderAttribute

func ProviderAttribute_APPLE_NAME 

func ProviderAttribute_APPLE_NAME() ProviderAttribute

func ProviderAttribute_FACEBOOK_BIRTHDAY 

func ProviderAttribute_FACEBOOK_BIRTHDAY() ProviderAttribute

func ProviderAttribute_FACEBOOK_EMAIL 

func ProviderAttribute_FACEBOOK_EMAIL() ProviderAttribute

func ProviderAttribute_FACEBOOK_FIRST_NAME 

func ProviderAttribute_FACEBOOK_FIRST_NAME() ProviderAttribute

func ProviderAttribute_FACEBOOK_GENDER 

func ProviderAttribute_FACEBOOK_GENDER() ProviderAttribute

func ProviderAttribute_FACEBOOK_ID 

func ProviderAttribute_FACEBOOK_ID() ProviderAttribute

func ProviderAttribute_FACEBOOK_LAST_NAME 

func ProviderAttribute_FACEBOOK_LAST_NAME() ProviderAttribute

func ProviderAttribute_FACEBOOK_LOCALE 

func ProviderAttribute_FACEBOOK_LOCALE() ProviderAttribute

func ProviderAttribute_FACEBOOK_MIDDLE_NAME 

func ProviderAttribute_FACEBOOK_MIDDLE_NAME() ProviderAttribute

func ProviderAttribute_FACEBOOK_NAME 

func ProviderAttribute_FACEBOOK_NAME() ProviderAttribute

func ProviderAttribute_GOOGLE_BIRTHDAYS 

func ProviderAttribute_GOOGLE_BIRTHDAYS() ProviderAttribute

func ProviderAttribute_GOOGLE_EMAIL 

func ProviderAttribute_GOOGLE_EMAIL() ProviderAttribute

func ProviderAttribute_GOOGLE_FAMILY_NAME 

func ProviderAttribute_GOOGLE_FAMILY_NAME() ProviderAttribute

func ProviderAttribute_GOOGLE_GENDER 

func ProviderAttribute_GOOGLE_GENDER() ProviderAttribute

func ProviderAttribute_GOOGLE_GIVEN_NAME 

func ProviderAttribute_GOOGLE_GIVEN_NAME() ProviderAttribute

func ProviderAttribute_GOOGLE_NAME 

func ProviderAttribute_GOOGLE_NAME() ProviderAttribute

func ProviderAttribute_GOOGLE_NAMES 

func ProviderAttribute_GOOGLE_NAMES() ProviderAttribute

func ProviderAttribute_GOOGLE_PHONE_NUMBERS 

func ProviderAttribute_GOOGLE_PHONE_NUMBERS() ProviderAttribute

func ProviderAttribute_GOOGLE_PICTURE 

func ProviderAttribute_GOOGLE_PICTURE() ProviderAttribute

func ProviderAttribute_Other 

func ProviderAttribute_Other(attributeName *string) ProviderAttribute

Use this to specify an attribute from the identity provider that is not pre-defined in the CDK. Experimental.

type ResourceServerScope 

type ResourceServerScope interface {
	ScopeDescription() *string
	ScopeName() *string
}

A scope for ResourceServer.

TODO: EXAMPLE

Experimental.

func NewResourceServerScope 

func NewResourceServerScope(props *ResourceServerScopeProps) ResourceServerScope

Experimental.

type ResourceServerScopeProps 

type ResourceServerScopeProps struct {
	// A description of the scope.
	// Experimental.
	ScopeDescription *string `json:"scopeDescription" yaml:"scopeDescription"`
	// The name of the scope.
	// Experimental.
	ScopeName *string `json:"scopeName" yaml:"scopeName"`
}

Props to initialize ResourceServerScope.

TODO: EXAMPLE

Experimental.

type SignInAliases 

type SignInAliases struct {
	// Whether a user is allowed to sign up or sign in with an email address.
	// Experimental.
	Email *bool `json:"email" yaml:"email"`
	// Whether a user is allowed to sign up or sign in with a phone number.
	// Experimental.
	Phone *bool `json:"phone" yaml:"phone"`
	// Whether a user is allowed to sign in with a secondary username, that can be set and modified after sign up.
	//
	// Can only be used in conjunction with `USERNAME`.
	// Experimental.
	PreferredUsername *bool `json:"preferredUsername" yaml:"preferredUsername"`
	// Whether user is allowed to sign up or sign in with a username.
	// Experimental.
	Username *bool `json:"username" yaml:"username"`
}

The different ways in which users of this pool can sign up or sign in.

TODO: EXAMPLE

Experimental.

type SignInUrlOptions 

type SignInUrlOptions struct {
	// Where to redirect to after sign in.
	// Experimental.
	RedirectUri *string `json:"redirectUri" yaml:"redirectUri"`
	// The path in the URI where the sign-in page is located.
	// Experimental.
	SignInPath *string `json:"signInPath" yaml:"signInPath"`
}

Options to customize the behaviour of `signInUrl()`.

TODO: EXAMPLE

Experimental.

type StandardAttribute 

type StandardAttribute struct {
	// Specifies whether the value of the attribute can be changed.
	//
	// For any user pool attribute that's mapped to an identity provider attribute, this must be set to `true`.
	// Amazon Cognito updates mapped attributes when users sign in to your application through an identity provider.
	// If an attribute is immutable, Amazon Cognito throws an error when it attempts to update the attribute.
	// Experimental.
	Mutable *bool `json:"mutable" yaml:"mutable"`
	// Specifies whether the attribute is required upon user registration.
	//
	// If the attribute is required and the user does not provide a value, registration or sign-in will fail.
	// Experimental.
	Required *bool `json:"required" yaml:"required"`
}

Standard attribute that can be marked as required or mutable.

TODO: EXAMPLE

See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#cognito-user-pools-standard-attributes

Experimental.

type StandardAttributes 

type StandardAttributes struct {
	// The user's postal address.
	// Experimental.
	Address *StandardAttribute `json:"address" yaml:"address"`
	// The user's birthday, represented as an ISO 8601:2004 format.
	// Experimental.
	Birthdate *StandardAttribute `json:"birthdate" yaml:"birthdate"`
	// The user's e-mail address, represented as an RFC 5322 [RFC5322] addr-spec.
	// Experimental.
	Email *StandardAttribute `json:"email" yaml:"email"`
	// DEPRECATED.
	// Deprecated: this is not a standard attribute and was incorrectly added to the CDK.
	// It is a Cognito built-in attribute and cannot be controlled as part of user pool creation.
	EmailVerified *StandardAttribute `json:"emailVerified" yaml:"emailVerified"`
	// The surname or last name of the user.
	// Experimental.
	FamilyName *StandardAttribute `json:"familyName" yaml:"familyName"`
	// The user's full name in displayable form, including all name parts, titles and suffixes.
	// Experimental.
	Fullname *StandardAttribute `json:"fullname" yaml:"fullname"`
	// The user's gender.
	// Experimental.
	Gender *StandardAttribute `json:"gender" yaml:"gender"`
	// The user's first name or give name.
	// Experimental.
	GivenName *StandardAttribute `json:"givenName" yaml:"givenName"`
	// The time, the user's information was last updated.
	// Experimental.
	LastUpdateTime *StandardAttribute `json:"lastUpdateTime" yaml:"lastUpdateTime"`
	// The user's locale, represented as a BCP47 [RFC5646] language tag.
	// Experimental.
	Locale *StandardAttribute `json:"locale" yaml:"locale"`
	// The user's middle name.
	// Experimental.
	MiddleName *StandardAttribute `json:"middleName" yaml:"middleName"`
	// The user's nickname or casual name.
	// Experimental.
	Nickname *StandardAttribute `json:"nickname" yaml:"nickname"`
	// The user's telephone number.
	// Experimental.
	PhoneNumber *StandardAttribute `json:"phoneNumber" yaml:"phoneNumber"`
	// DEPRECATED.
	// Deprecated: this is not a standard attribute and was incorrectly added to the CDK.
	// It is a Cognito built-in attribute and cannot be controlled as part of user pool creation.
	PhoneNumberVerified *StandardAttribute `json:"phoneNumberVerified" yaml:"phoneNumberVerified"`
	// The user's preffered username, different from the immutable user name.
	// Experimental.
	PreferredUsername *StandardAttribute `json:"preferredUsername" yaml:"preferredUsername"`
	// The URL to the user's profile page.
	// Experimental.
	ProfilePage *StandardAttribute `json:"profilePage" yaml:"profilePage"`
	// The URL to the user's profile picture.
	// Experimental.
	ProfilePicture *StandardAttribute `json:"profilePicture" yaml:"profilePicture"`
	// The user's time zone.
	// Experimental.
	Timezone *StandardAttribute `json:"timezone" yaml:"timezone"`
	// The URL to the user's web page or blog.
	// Experimental.
	Website *StandardAttribute `json:"website" yaml:"website"`
}

The set of standard attributes that can be marked as required or mutable.

TODO: EXAMPLE

See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#cognito-user-pools-standard-attributes

Experimental.

type StandardAttributesMask 

type StandardAttributesMask struct {
	// The user's postal address.
	// Experimental.
	Address *bool `json:"address" yaml:"address"`
	// The user's birthday, represented as an ISO 8601:2004 format.
	// Experimental.
	Birthdate *bool `json:"birthdate" yaml:"birthdate"`
	// The user's e-mail address, represented as an RFC 5322 [RFC5322] addr-spec.
	// Experimental.
	Email *bool `json:"email" yaml:"email"`
	// Whether the email address has been verified.
	// Experimental.
	EmailVerified *bool `json:"emailVerified" yaml:"emailVerified"`
	// The surname or last name of the user.
	// Experimental.
	FamilyName *bool `json:"familyName" yaml:"familyName"`
	// The user's full name in displayable form, including all name parts, titles and suffixes.
	// Experimental.
	Fullname *bool `json:"fullname" yaml:"fullname"`
	// The user's gender.
	// Experimental.
	Gender *bool `json:"gender" yaml:"gender"`
	// The user's first name or give name.
	// Experimental.
	GivenName *bool `json:"givenName" yaml:"givenName"`
	// The time, the user's information was last updated.
	// Experimental.
	LastUpdateTime *bool `json:"lastUpdateTime" yaml:"lastUpdateTime"`
	// The user's locale, represented as a BCP47 [RFC5646] language tag.
	// Experimental.
	Locale *bool `json:"locale" yaml:"locale"`
	// The user's middle name.
	// Experimental.
	MiddleName *bool `json:"middleName" yaml:"middleName"`
	// The user's nickname or casual name.
	// Experimental.
	Nickname *bool `json:"nickname" yaml:"nickname"`
	// The user's telephone number.
	// Experimental.
	PhoneNumber *bool `json:"phoneNumber" yaml:"phoneNumber"`
	// Whether the phone number has been verified.
	// Experimental.
	PhoneNumberVerified *bool `json:"phoneNumberVerified" yaml:"phoneNumberVerified"`
	// The user's preffered username, different from the immutable user name.
	// Experimental.
	PreferredUsername *bool `json:"preferredUsername" yaml:"preferredUsername"`
	// The URL to the user's profile page.
	// Experimental.
	ProfilePage *bool `json:"profilePage" yaml:"profilePage"`
	// The URL to the user's profile picture.
	// Experimental.
	ProfilePicture *bool `json:"profilePicture" yaml:"profilePicture"`
	// The user's time zone.
	// Experimental.
	Timezone *bool `json:"timezone" yaml:"timezone"`
	// The URL to the user's web page or blog.
	// Experimental.
	Website *bool `json:"website" yaml:"website"`
}

This interface contains standard attributes recognized by Cognito from https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html including built-in attributes `email_verified` and `phone_number_verified`.

TODO: EXAMPLE

Experimental.

type StringAttribute 

type StringAttribute interface {
	ICustomAttribute
	Bind() *CustomAttributeConfig
}

The String custom attribute type.

TODO: EXAMPLE

Experimental.

func NewStringAttribute 

func NewStringAttribute(props *StringAttributeProps) StringAttribute

Experimental.

type StringAttributeConstraints 

type StringAttributeConstraints struct {
	// Maximum length of this attribute.
	// Experimental.
	MaxLen *float64 `json:"maxLen" yaml:"maxLen"`
	// Minimum length of this attribute.
	// Experimental.
	MinLen *float64 `json:"minLen" yaml:"minLen"`
}

Constraints that can be applied to a custom attribute of string type.

TODO: EXAMPLE

Experimental.

type StringAttributeProps 

type StringAttributeProps struct {
	// Maximum length of this attribute.
	// Experimental.
	MaxLen *float64 `json:"maxLen" yaml:"maxLen"`
	// Minimum length of this attribute.
	// Experimental.
	MinLen *float64 `json:"minLen" yaml:"minLen"`
	// Specifies whether the value of the attribute can be changed.
	//
	// For any user pool attribute that's mapped to an identity provider attribute, you must set this parameter to true.
	// Amazon Cognito updates mapped attributes when users sign in to your application through an identity provider.
	// If an attribute is immutable, Amazon Cognito throws an error when it attempts to update the attribute.
	// Experimental.
	Mutable *bool `json:"mutable" yaml:"mutable"`
}

Props for constructing a StringAttr.

TODO: EXAMPLE

Experimental.

type UserInvitationConfig 

type UserInvitationConfig struct {
	// The template to the email body that is sent to the user when an administrator signs them up to the user pool.
	// Experimental.
	EmailBody *string `json:"emailBody" yaml:"emailBody"`
	// The template to the email subject that is sent to the user when an administrator signs them up to the user pool.
	// Experimental.
	EmailSubject *string `json:"emailSubject" yaml:"emailSubject"`
	// The template to the SMS message that is sent to the user when an administrator signs them up to the user pool.
	// Experimental.
	SmsMessage *string `json:"smsMessage" yaml:"smsMessage"`
}

User pool configuration when administrators sign users up.

TODO: EXAMPLE

Experimental.

type UserPool 

type UserPool interface {
	awscdk.Resource
	IUserPool
	Env() *awscdk.ResourceEnvironment
	IdentityProviders() *[]IUserPoolIdentityProvider
	Node() awscdk.ConstructNode
	PhysicalName() *string
	Stack() awscdk.Stack
	UserPoolArn() *string
	UserPoolId() *string
	UserPoolProviderName() *string
	UserPoolProviderUrl() *string
	AddClient(id *string, options *UserPoolClientOptions) UserPoolClient
	AddDomain(id *string, options *UserPoolDomainOptions) UserPoolDomain
	AddResourceServer(id *string, options *UserPoolResourceServerOptions) UserPoolResourceServer
	AddTrigger(operation UserPoolOperation, fn awslambda.IFunction)
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	GetResourceNameAttribute(nameAttr *string) *string
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	Prepare()
	RegisterIdentityProvider(provider IUserPoolIdentityProvider)
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
}

Define a Cognito User Pool.

TODO: EXAMPLE

Experimental.

func NewUserPool 

func NewUserPool(scope constructs.Construct, id *string, props *UserPoolProps) UserPool

Experimental.

type UserPoolClient 

type UserPoolClient interface {
	awscdk.Resource
	IUserPoolClient
	Env() *awscdk.ResourceEnvironment
	Node() awscdk.ConstructNode
	OAuthFlows() *OAuthFlows
	PhysicalName() *string
	Stack() awscdk.Stack
	UserPoolClientId() *string
	UserPoolClientName() *string
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	GetResourceNameAttribute(nameAttr *string) *string
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	Prepare()
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
}

Define a UserPool App Client.

TODO: EXAMPLE

Experimental.

func NewUserPoolClient 

func NewUserPoolClient(scope constructs.Construct, id *string, props *UserPoolClientProps) UserPoolClient

Experimental.

type UserPoolClientIdentityProvider 

type UserPoolClientIdentityProvider interface {
	Name() *string
}

Identity providers supported by the UserPoolClient.

TODO: EXAMPLE

Experimental.

func UserPoolClientIdentityProvider_AMAZON 

func UserPoolClientIdentityProvider_AMAZON() UserPoolClientIdentityProvider

func UserPoolClientIdentityProvider_APPLE 

func UserPoolClientIdentityProvider_APPLE() UserPoolClientIdentityProvider

func UserPoolClientIdentityProvider_COGNITO 

func UserPoolClientIdentityProvider_COGNITO() UserPoolClientIdentityProvider

func UserPoolClientIdentityProvider_Custom 

func UserPoolClientIdentityProvider_Custom(name *string) UserPoolClientIdentityProvider

Specify a provider not yet supported by the CDK. Experimental.

func UserPoolClientIdentityProvider_FACEBOOK 

func UserPoolClientIdentityProvider_FACEBOOK() UserPoolClientIdentityProvider

func UserPoolClientIdentityProvider_GOOGLE 

func UserPoolClientIdentityProvider_GOOGLE() UserPoolClientIdentityProvider

type UserPoolClientOptions 

type UserPoolClientOptions struct {
	// Validity of the access token.
	//
	// Values between 5 minutes and 1 day are valid. The duration can not be longer than the refresh token validity.
	// See: https://docs.aws.amazon.com/en_us/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html#amazon-cognito-user-pools-using-the-access-token
	//
	// Experimental.
	AccessTokenValidity awscdk.Duration `json:"accessTokenValidity" yaml:"accessTokenValidity"`
	// The set of OAuth authentication flows to enable on the client.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-authentication-flow.html
	//
	// Experimental.
	AuthFlows *AuthFlow `json:"authFlows" yaml:"authFlows"`
	// Turns off all OAuth interactions for this client.
	// Experimental.
	DisableOAuth *bool `json:"disableOAuth" yaml:"disableOAuth"`
	// Enable token revocation for this client.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/token-revocation.html#enable-token-revocation
	//
	// Experimental.
	EnableTokenRevocation *bool `json:"enableTokenRevocation" yaml:"enableTokenRevocation"`
	// Whether to generate a client secret.
	// Experimental.
	GenerateSecret *bool `json:"generateSecret" yaml:"generateSecret"`
	// Validity of the ID token.
	//
	// Values between 5 minutes and 1 day are valid. The duration can not be longer than the refresh token validity.
	// See: https://docs.aws.amazon.com/en_us/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html#amazon-cognito-user-pools-using-the-id-token
	//
	// Experimental.
	IdTokenValidity awscdk.Duration `json:"idTokenValidity" yaml:"idTokenValidity"`
	// OAuth settings for this client to interact with the app.
	//
	// An error is thrown when this is specified and `disableOAuth` is set.
	// Experimental.
	OAuth *OAuthSettings `json:"oAuth" yaml:"oAuth"`
	// Whether Cognito returns a UserNotFoundException exception when the user does not exist in the user pool (false), or whether it returns another type of error that doesn't reveal the user's absence.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-managing-errors.html
	//
	// Experimental.
	PreventUserExistenceErrors *bool `json:"preventUserExistenceErrors" yaml:"preventUserExistenceErrors"`
	// The set of attributes this client will be able to read.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-attribute-permissions-and-scopes
	//
	// Experimental.
	ReadAttributes ClientAttributes `json:"readAttributes" yaml:"readAttributes"`
	// Validity of the refresh token.
	//
	// Values between 60 minutes and 10 years are valid.
	// See: https://docs.aws.amazon.com/en_us/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html#amazon-cognito-user-pools-using-the-refresh-token
	//
	// Experimental.
	RefreshTokenValidity awscdk.Duration `json:"refreshTokenValidity" yaml:"refreshTokenValidity"`
	// The list of identity providers that users should be able to use to sign in using this client.
	// Experimental.
	SupportedIdentityProviders *[]UserPoolClientIdentityProvider `json:"supportedIdentityProviders" yaml:"supportedIdentityProviders"`
	// Name of the application client.
	// Experimental.
	UserPoolClientName *string `json:"userPoolClientName" yaml:"userPoolClientName"`
	// The set of attributes this client will be able to write.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-attribute-permissions-and-scopes
	//
	// Experimental.
	WriteAttributes ClientAttributes `json:"writeAttributes" yaml:"writeAttributes"`
}

Options to create a UserPoolClient.

TODO: EXAMPLE

Experimental.

type UserPoolClientProps 

type UserPoolClientProps struct {
	// Validity of the access token.
	//
	// Values between 5 minutes and 1 day are valid. The duration can not be longer than the refresh token validity.
	// See: https://docs.aws.amazon.com/en_us/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html#amazon-cognito-user-pools-using-the-access-token
	//
	// Experimental.
	AccessTokenValidity awscdk.Duration `json:"accessTokenValidity" yaml:"accessTokenValidity"`
	// The set of OAuth authentication flows to enable on the client.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-authentication-flow.html
	//
	// Experimental.
	AuthFlows *AuthFlow `json:"authFlows" yaml:"authFlows"`
	// Turns off all OAuth interactions for this client.
	// Experimental.
	DisableOAuth *bool `json:"disableOAuth" yaml:"disableOAuth"`
	// Enable token revocation for this client.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/token-revocation.html#enable-token-revocation
	//
	// Experimental.
	EnableTokenRevocation *bool `json:"enableTokenRevocation" yaml:"enableTokenRevocation"`
	// Whether to generate a client secret.
	// Experimental.
	GenerateSecret *bool `json:"generateSecret" yaml:"generateSecret"`
	// Validity of the ID token.
	//
	// Values between 5 minutes and 1 day are valid. The duration can not be longer than the refresh token validity.
	// See: https://docs.aws.amazon.com/en_us/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html#amazon-cognito-user-pools-using-the-id-token
	//
	// Experimental.
	IdTokenValidity awscdk.Duration `json:"idTokenValidity" yaml:"idTokenValidity"`
	// OAuth settings for this client to interact with the app.
	//
	// An error is thrown when this is specified and `disableOAuth` is set.
	// Experimental.
	OAuth *OAuthSettings `json:"oAuth" yaml:"oAuth"`
	// Whether Cognito returns a UserNotFoundException exception when the user does not exist in the user pool (false), or whether it returns another type of error that doesn't reveal the user's absence.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-managing-errors.html
	//
	// Experimental.
	PreventUserExistenceErrors *bool `json:"preventUserExistenceErrors" yaml:"preventUserExistenceErrors"`
	// The set of attributes this client will be able to read.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-attribute-permissions-and-scopes
	//
	// Experimental.
	ReadAttributes ClientAttributes `json:"readAttributes" yaml:"readAttributes"`
	// Validity of the refresh token.
	//
	// Values between 60 minutes and 10 years are valid.
	// See: https://docs.aws.amazon.com/en_us/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html#amazon-cognito-user-pools-using-the-refresh-token
	//
	// Experimental.
	RefreshTokenValidity awscdk.Duration `json:"refreshTokenValidity" yaml:"refreshTokenValidity"`
	// The list of identity providers that users should be able to use to sign in using this client.
	// Experimental.
	SupportedIdentityProviders *[]UserPoolClientIdentityProvider `json:"supportedIdentityProviders" yaml:"supportedIdentityProviders"`
	// Name of the application client.
	// Experimental.
	UserPoolClientName *string `json:"userPoolClientName" yaml:"userPoolClientName"`
	// The set of attributes this client will be able to write.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html#user-pool-settings-attribute-permissions-and-scopes
	//
	// Experimental.
	WriteAttributes ClientAttributes `json:"writeAttributes" yaml:"writeAttributes"`
	// The UserPool resource this client will have access to.
	// Experimental.
	UserPool IUserPool `json:"userPool" yaml:"userPool"`
}

Properties for the UserPoolClient construct.

TODO: EXAMPLE

Experimental.

type UserPoolDomain 

type UserPoolDomain interface {
	awscdk.Resource
	IUserPoolDomain
	CloudFrontDomainName() *string
	DomainName() *string
	Env() *awscdk.ResourceEnvironment
	Node() awscdk.ConstructNode
	PhysicalName() *string
	Stack() awscdk.Stack
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	BaseUrl() *string
	GeneratePhysicalName() *string
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	GetResourceNameAttribute(nameAttr *string) *string
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	Prepare()
	SignInUrl(client UserPoolClient, options *SignInUrlOptions) *string
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
}

Define a user pool domain.

TODO: EXAMPLE

Experimental.

func NewUserPoolDomain 

func NewUserPoolDomain(scope constructs.Construct, id *string, props *UserPoolDomainProps) UserPoolDomain

Experimental.

type UserPoolDomainOptions 

type UserPoolDomainOptions struct {
	// Associate a cognito prefix domain with your user pool Either `customDomain` or `cognitoDomain` must be specified.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-assign-domain-prefix.html
	//
	// Experimental.
	CognitoDomain *CognitoDomainOptions `json:"cognitoDomain" yaml:"cognitoDomain"`
	// Associate a custom domain with your user pool Either `customDomain` or `cognitoDomain` must be specified.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-add-custom-domain.html
	//
	// Experimental.
	CustomDomain *CustomDomainOptions `json:"customDomain" yaml:"customDomain"`
}

Options to create a UserPoolDomain.

TODO: EXAMPLE

Experimental.

type UserPoolDomainProps 

type UserPoolDomainProps struct {
	// Associate a cognito prefix domain with your user pool Either `customDomain` or `cognitoDomain` must be specified.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-assign-domain-prefix.html
	//
	// Experimental.
	CognitoDomain *CognitoDomainOptions `json:"cognitoDomain" yaml:"cognitoDomain"`
	// Associate a custom domain with your user pool Either `customDomain` or `cognitoDomain` must be specified.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-add-custom-domain.html
	//
	// Experimental.
	CustomDomain *CustomDomainOptions `json:"customDomain" yaml:"customDomain"`
	// The user pool to which this domain should be associated.
	// Experimental.
	UserPool IUserPool `json:"userPool" yaml:"userPool"`
}

Props for UserPoolDomain construct.

TODO: EXAMPLE

Experimental.

type UserPoolEmail 

type UserPoolEmail interface {
}

Configure how Cognito sends emails.

TODO: EXAMPLE

Experimental.

func UserPoolEmail_WithCognito 

func UserPoolEmail_WithCognito(replyTo *string) UserPoolEmail

Send email using Cognito. Experimental.

func UserPoolEmail_WithSES 

func UserPoolEmail_WithSES(options *UserPoolSESOptions) UserPoolEmail

Send email using SES. Experimental.

type UserPoolIdentityProvider 

type UserPoolIdentityProvider interface {
}

User pool third-party identity providers. Experimental.

type UserPoolIdentityProviderAmazon 

type UserPoolIdentityProviderAmazon interface {
	awscdk.Resource
	IUserPoolIdentityProvider
	Env() *awscdk.ResourceEnvironment
	Node() awscdk.ConstructNode
	PhysicalName() *string
	ProviderName() *string
	Stack() awscdk.Stack
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	ConfigureAttributeMapping() interface{}
	GeneratePhysicalName() *string
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	GetResourceNameAttribute(nameAttr *string) *string
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	Prepare()
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
}

Represents a identity provider that integrates with 'Login with Amazon'.

TODO: EXAMPLE

Experimental.

func NewUserPoolIdentityProviderAmazon 

func NewUserPoolIdentityProviderAmazon(scope constructs.Construct, id *string, props *UserPoolIdentityProviderAmazonProps) UserPoolIdentityProviderAmazon

Experimental.

type UserPoolIdentityProviderAmazonProps 

type UserPoolIdentityProviderAmazonProps struct {
	// The user pool to which this construct provides identities.
	// Experimental.
	UserPool IUserPool `json:"userPool" yaml:"userPool"`
	// Mapping attributes from the identity provider to standard and custom attributes of the user pool.
	// Experimental.
	AttributeMapping *AttributeMapping `json:"attributeMapping" yaml:"attributeMapping"`
	// The client id recognized by 'Login with Amazon' APIs.
	// See: https://developer.amazon.com/docs/login-with-amazon/security-profile.html#client-identifier
	//
	// Experimental.
	ClientId *string `json:"clientId" yaml:"clientId"`
	// The client secret to be accompanied with clientId for 'Login with Amazon' APIs to authenticate the client.
	// See: https://developer.amazon.com/docs/login-with-amazon/security-profile.html#client-identifier
	//
	// Experimental.
	ClientSecret *string `json:"clientSecret" yaml:"clientSecret"`
	// The types of user profile data to obtain for the Amazon profile.
	// See: https://developer.amazon.com/docs/login-with-amazon/customer-profile.html
	//
	// Experimental.
	Scopes *[]*string `json:"scopes" yaml:"scopes"`
}

Properties to initialize UserPoolAmazonIdentityProvider.

TODO: EXAMPLE

Experimental.

type UserPoolIdentityProviderApple 

type UserPoolIdentityProviderApple interface {
	awscdk.Resource
	IUserPoolIdentityProvider
	Env() *awscdk.ResourceEnvironment
	Node() awscdk.ConstructNode
	PhysicalName() *string
	ProviderName() *string
	Stack() awscdk.Stack
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	ConfigureAttributeMapping() interface{}
	GeneratePhysicalName() *string
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	GetResourceNameAttribute(nameAttr *string) *string
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	Prepare()
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
}

Represents a identity provider that integrates with 'Apple'.

TODO: EXAMPLE

Experimental.

func NewUserPoolIdentityProviderApple 

func NewUserPoolIdentityProviderApple(scope constructs.Construct, id *string, props *UserPoolIdentityProviderAppleProps) UserPoolIdentityProviderApple

Experimental.

type UserPoolIdentityProviderAppleProps 

type UserPoolIdentityProviderAppleProps struct {
	// The user pool to which this construct provides identities.
	// Experimental.
	UserPool IUserPool `json:"userPool" yaml:"userPool"`
	// Mapping attributes from the identity provider to standard and custom attributes of the user pool.
	// Experimental.
	AttributeMapping *AttributeMapping `json:"attributeMapping" yaml:"attributeMapping"`
	// The client id recognized by Apple APIs.
	// See: https://developer.apple.com/documentation/sign_in_with_apple/clientconfigi/3230948-clientid
	//
	// Experimental.
	ClientId *string `json:"clientId" yaml:"clientId"`
	// The keyId (of the same key, which content has to be later supplied as `privateKey`) for Apple APIs to authenticate the client.
	// Experimental.
	KeyId *string `json:"keyId" yaml:"keyId"`
	// The privateKey content for Apple APIs to authenticate the client.
	// Experimental.
	PrivateKey *string `json:"privateKey" yaml:"privateKey"`
	// The teamId for Apple APIs to authenticate the client.
	// Experimental.
	TeamId *string `json:"teamId" yaml:"teamId"`
	// The list of apple permissions to obtain for getting access to the apple profile.
	// See: https://developer.apple.com/documentation/sign_in_with_apple/clientconfigi/3230955-scope
	//
	// Experimental.
	Scopes *[]*string `json:"scopes" yaml:"scopes"`
}

Properties to initialize UserPoolAppleIdentityProvider.

TODO: EXAMPLE

Experimental.

type UserPoolIdentityProviderFacebook 

type UserPoolIdentityProviderFacebook interface {
	awscdk.Resource
	IUserPoolIdentityProvider
	Env() *awscdk.ResourceEnvironment
	Node() awscdk.ConstructNode
	PhysicalName() *string
	ProviderName() *string
	Stack() awscdk.Stack
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	ConfigureAttributeMapping() interface{}
	GeneratePhysicalName() *string
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	GetResourceNameAttribute(nameAttr *string) *string
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	Prepare()
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
}

Represents a identity provider that integrates with 'Facebook Login'.

TODO: EXAMPLE

Experimental.

func NewUserPoolIdentityProviderFacebook 

func NewUserPoolIdentityProviderFacebook(scope constructs.Construct, id *string, props *UserPoolIdentityProviderFacebookProps) UserPoolIdentityProviderFacebook

Experimental.

type UserPoolIdentityProviderFacebookProps 

type UserPoolIdentityProviderFacebookProps struct {
	// The user pool to which this construct provides identities.
	// Experimental.
	UserPool IUserPool `json:"userPool" yaml:"userPool"`
	// Mapping attributes from the identity provider to standard and custom attributes of the user pool.
	// Experimental.
	AttributeMapping *AttributeMapping `json:"attributeMapping" yaml:"attributeMapping"`
	// The client id recognized by Facebook APIs.
	// Experimental.
	ClientId *string `json:"clientId" yaml:"clientId"`
	// The client secret to be accompanied with clientUd for Facebook to authenticate the client.
	// See: https://developers.facebook.com/docs/facebook-login/security#appsecret
	//
	// Experimental.
	ClientSecret *string `json:"clientSecret" yaml:"clientSecret"`
	// The Facebook API version to use.
	// Experimental.
	ApiVersion *string `json:"apiVersion" yaml:"apiVersion"`
	// The list of facebook permissions to obtain for getting access to the Facebook profile.
	// See: https://developers.facebook.com/docs/facebook-login/permissions
	//
	// Experimental.
	Scopes *[]*string `json:"scopes" yaml:"scopes"`
}

Properties to initialize UserPoolFacebookIdentityProvider.

TODO: EXAMPLE

Experimental.

type UserPoolIdentityProviderGoogle 

type UserPoolIdentityProviderGoogle interface {
	awscdk.Resource
	IUserPoolIdentityProvider
	Env() *awscdk.ResourceEnvironment
	Node() awscdk.ConstructNode
	PhysicalName() *string
	ProviderName() *string
	Stack() awscdk.Stack
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	ConfigureAttributeMapping() interface{}
	GeneratePhysicalName() *string
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	GetResourceNameAttribute(nameAttr *string) *string
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	Prepare()
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
}

Represents a identity provider that integrates with 'Google'.

TODO: EXAMPLE

Experimental.

func NewUserPoolIdentityProviderGoogle 

func NewUserPoolIdentityProviderGoogle(scope constructs.Construct, id *string, props *UserPoolIdentityProviderGoogleProps) UserPoolIdentityProviderGoogle

Experimental.

type UserPoolIdentityProviderGoogleProps 

type UserPoolIdentityProviderGoogleProps struct {
	// The user pool to which this construct provides identities.
	// Experimental.
	UserPool IUserPool `json:"userPool" yaml:"userPool"`
	// Mapping attributes from the identity provider to standard and custom attributes of the user pool.
	// Experimental.
	AttributeMapping *AttributeMapping `json:"attributeMapping" yaml:"attributeMapping"`
	// The client id recognized by Google APIs.
	// See: https://developers.google.com/identity/sign-in/web/sign-in#specify_your_apps_client_id
	//
	// Experimental.
	ClientId *string `json:"clientId" yaml:"clientId"`
	// The client secret to be accompanied with clientId for Google APIs to authenticate the client.
	// See: https://developers.google.com/identity/sign-in/web/sign-in
	//
	// Experimental.
	ClientSecret *string `json:"clientSecret" yaml:"clientSecret"`
	// The list of google permissions to obtain for getting access to the google profile.
	// See: https://developers.google.com/identity/sign-in/web/sign-in
	//
	// Experimental.
	Scopes *[]*string `json:"scopes" yaml:"scopes"`
}

Properties to initialize UserPoolGoogleIdentityProvider.

TODO: EXAMPLE

Experimental.

type UserPoolIdentityProviderProps 

type UserPoolIdentityProviderProps struct {
	// The user pool to which this construct provides identities.
	// Experimental.
	UserPool IUserPool `json:"userPool" yaml:"userPool"`
	// Mapping attributes from the identity provider to standard and custom attributes of the user pool.
	// Experimental.
	AttributeMapping *AttributeMapping `json:"attributeMapping" yaml:"attributeMapping"`
}

Properties to create a new instance of UserPoolIdentityProvider.

TODO: EXAMPLE

Experimental.

type UserPoolOperation 

type UserPoolOperation interface {
	OperationName() *string
}

User pool operations to which lambda triggers can be attached.

TODO: EXAMPLE

Experimental.

func UserPoolOperation_CREATE_AUTH_CHALLENGE 

func UserPoolOperation_CREATE_AUTH_CHALLENGE() UserPoolOperation

func UserPoolOperation_CUSTOM_EMAIL_SENDER 

func UserPoolOperation_CUSTOM_EMAIL_SENDER() UserPoolOperation

func UserPoolOperation_CUSTOM_MESSAGE 

func UserPoolOperation_CUSTOM_MESSAGE() UserPoolOperation

func UserPoolOperation_CUSTOM_SMS_SENDER 

func UserPoolOperation_CUSTOM_SMS_SENDER() UserPoolOperation

func UserPoolOperation_DEFINE_AUTH_CHALLENGE 

func UserPoolOperation_DEFINE_AUTH_CHALLENGE() UserPoolOperation

func UserPoolOperation_Of 

func UserPoolOperation_Of(name *string) UserPoolOperation

A custom user pool operation. Experimental.

func UserPoolOperation_POST_AUTHENTICATION 

func UserPoolOperation_POST_AUTHENTICATION() UserPoolOperation

func UserPoolOperation_POST_CONFIRMATION 

func UserPoolOperation_POST_CONFIRMATION() UserPoolOperation

func UserPoolOperation_PRE_AUTHENTICATION 

func UserPoolOperation_PRE_AUTHENTICATION() UserPoolOperation

func UserPoolOperation_PRE_SIGN_UP 

func UserPoolOperation_PRE_SIGN_UP() UserPoolOperation

func UserPoolOperation_PRE_TOKEN_GENERATION 

func UserPoolOperation_PRE_TOKEN_GENERATION() UserPoolOperation

func UserPoolOperation_USER_MIGRATION 

func UserPoolOperation_USER_MIGRATION() UserPoolOperation

func UserPoolOperation_VERIFY_AUTH_CHALLENGE_RESPONSE 

func UserPoolOperation_VERIFY_AUTH_CHALLENGE_RESPONSE() UserPoolOperation

type UserPoolProps 

type UserPoolProps struct {
	// How will a user be able to recover their account?
	// Experimental.
	AccountRecovery AccountRecovery `json:"accountRecovery" yaml:"accountRecovery"`
	// Attributes which Cognito will look to verify automatically upon user sign up.
	//
	// EMAIL and PHONE are the only available options.
	// Experimental.
	AutoVerify *AutoVerifiedAttrs `json:"autoVerify" yaml:"autoVerify"`
	// Define a set of custom attributes that can be configured for each user in the user pool.
	// Experimental.
	CustomAttributes *map[string]ICustomAttribute `json:"customAttributes" yaml:"customAttributes"`
	// This key will be used to encrypt temporary passwords and authorization codes that Amazon Cognito generates.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-custom-sender-triggers.html
	//
	// Experimental.
	CustomSenderKmsKey awskms.IKey `json:"customSenderKmsKey" yaml:"customSenderKmsKey"`
	// Device tracking settings.
	// Experimental.
	DeviceTracking *DeviceTracking `json:"deviceTracking" yaml:"deviceTracking"`
	// Email settings for a user pool.
	// Experimental.
	Email UserPoolEmail `json:"email" yaml:"email"`
	// Email settings for a user pool.
	// Deprecated: Use 'email' instead.
	EmailSettings *EmailSettings `json:"emailSettings" yaml:"emailSettings"`
	// Setting this would explicitly enable or disable SMS role creation.
	//
	// When left unspecified, CDK will determine based on other properties if a role is needed or not.
	// Experimental.
	EnableSmsRole *bool `json:"enableSmsRole" yaml:"enableSmsRole"`
	// Lambda functions to use for supported Cognito triggers.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html
	//
	// Experimental.
	LambdaTriggers *UserPoolTriggers `json:"lambdaTriggers" yaml:"lambdaTriggers"`
	// Configure whether users of this user pool can or are required use MFA to sign in.
	// Experimental.
	Mfa Mfa `json:"mfa" yaml:"mfa"`
	// The SMS message template sent during MFA verification.
	//
	// Use '{####}' in the template where Cognito should insert the verification code.
	// Experimental.
	MfaMessage *string `json:"mfaMessage" yaml:"mfaMessage"`
	// Configure the MFA types that users can use in this user pool.
	//
	// Ignored if `mfa` is set to `OFF`.
	// Experimental.
	MfaSecondFactor *MfaSecondFactor `json:"mfaSecondFactor" yaml:"mfaSecondFactor"`
	// Password policy for this user pool.
	// Experimental.
	PasswordPolicy *PasswordPolicy `json:"passwordPolicy" yaml:"passwordPolicy"`
	// Policy to apply when the user pool is removed from the stack.
	// Experimental.
	RemovalPolicy awscdk.RemovalPolicy `json:"removalPolicy" yaml:"removalPolicy"`
	// Whether self sign up should be enabled.
	//
	// This can be further configured via the `selfSignUp` property.
	// Experimental.
	SelfSignUpEnabled *bool `json:"selfSignUpEnabled" yaml:"selfSignUpEnabled"`
	// Methods in which a user registers or signs in to a user pool.
	//
	// Allows either username with aliases OR sign in with email, phone, or both.
	//
	// Read the sections on usernames and aliases to learn more -
	// https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html
	//
	// To match with 'Option 1' in the above link, with a verified email, this property should be set to
	// `{ username: true, email: true }`. To match with 'Option 2' in the above link with both a verified email and phone
	// number, this property should be set to `{ email: true, phone: true }`.
	// Experimental.
	SignInAliases *SignInAliases `json:"signInAliases" yaml:"signInAliases"`
	// Whether sign-in aliases should be evaluated with case sensitivity.
	//
	// For example, when this option is set to false, users will be able to sign in using either `MyUsername` or `myusername`.
	// Experimental.
	SignInCaseSensitive *bool `json:"signInCaseSensitive" yaml:"signInCaseSensitive"`
	// The IAM role that Cognito will assume while sending SMS messages.
	// Experimental.
	SmsRole awsiam.IRole `json:"smsRole" yaml:"smsRole"`
	// The 'ExternalId' that Cognito service must using when assuming the `smsRole`, if the role is restricted with an 'sts:ExternalId' conditional.
	//
	// Learn more about ExternalId here - https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html
	//
	// This property will be ignored if `smsRole` is not specified.
	// Experimental.
	SmsRoleExternalId *string `json:"smsRoleExternalId" yaml:"smsRoleExternalId"`
	// The set of attributes that are required for every user in the user pool.
	//
	// Read more on attributes here - https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html
	// Experimental.
	StandardAttributes *StandardAttributes `json:"standardAttributes" yaml:"standardAttributes"`
	// Configuration around admins signing up users into a user pool.
	// Experimental.
	UserInvitation *UserInvitationConfig `json:"userInvitation" yaml:"userInvitation"`
	// Name of the user pool.
	// Experimental.
	UserPoolName *string `json:"userPoolName" yaml:"userPoolName"`
	// Configuration around users signing themselves up to the user pool.
	//
	// Enable or disable self sign-up via the `selfSignUpEnabled` property.
	// Experimental.
	UserVerification *UserVerificationConfig `json:"userVerification" yaml:"userVerification"`
}

Props for the UserPool construct.

TODO: EXAMPLE

Experimental.

type UserPoolResourceServer 

type UserPoolResourceServer interface {
	awscdk.Resource
	IUserPoolResourceServer
	Env() *awscdk.ResourceEnvironment
	Node() awscdk.ConstructNode
	PhysicalName() *string
	Stack() awscdk.Stack
	UserPoolResourceServerId() *string
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	GetResourceNameAttribute(nameAttr *string) *string
	OnPrepare()
	OnSynthesize(session constructs.ISynthesisSession)
	OnValidate() *[]*string
	Prepare()
	Synthesize(session awscdk.ISynthesisSession)
	ToString() *string
	Validate() *[]*string
}

Defines a User Pool OAuth2.0 Resource Server.

TODO: EXAMPLE

Experimental.

func NewUserPoolResourceServer 

func NewUserPoolResourceServer(scope constructs.Construct, id *string, props *UserPoolResourceServerProps) UserPoolResourceServer

Experimental.

type UserPoolResourceServerOptions 

type UserPoolResourceServerOptions struct {
	// A unique resource server identifier for the resource server.
	// Experimental.
	Identifier *string `json:"identifier" yaml:"identifier"`
	// Oauth scopes.
	// Experimental.
	Scopes *[]ResourceServerScope `json:"scopes" yaml:"scopes"`
	// A friendly name for the resource server.
	// Experimental.
	UserPoolResourceServerName *string `json:"userPoolResourceServerName" yaml:"userPoolResourceServerName"`
}

Options to create a UserPoolResourceServer.

TODO: EXAMPLE

Experimental.

type UserPoolResourceServerProps 

type UserPoolResourceServerProps struct {
	// A unique resource server identifier for the resource server.
	// Experimental.
	Identifier *string `json:"identifier" yaml:"identifier"`
	// Oauth scopes.
	// Experimental.
	Scopes *[]ResourceServerScope `json:"scopes" yaml:"scopes"`
	// A friendly name for the resource server.
	// Experimental.
	UserPoolResourceServerName *string `json:"userPoolResourceServerName" yaml:"userPoolResourceServerName"`
	// The user pool to add this resource server to.
	// Experimental.
	UserPool IUserPool `json:"userPool" yaml:"userPool"`
}

Properties for the UserPoolResourceServer construct.

TODO: EXAMPLE

Experimental.

type UserPoolSESOptions 

type UserPoolSESOptions struct {
	// The verified Amazon SES email address that Cognito should use to send emails.
	//
	// The email address used must be a verified email address
	// in Amazon SES and must be configured to allow Cognito to
	// send emails.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-email.html
	//
	// Experimental.
	FromEmail *string `json:"fromEmail" yaml:"fromEmail"`
	// The name of a configuration set in Amazon SES that should be applied to emails sent via Cognito.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-emailconfiguration.html#cfn-cognito-userpool-emailconfiguration-configurationset
	//
	// Experimental.
	ConfigurationSetName *string `json:"configurationSetName" yaml:"configurationSetName"`
	// An optional name that should be used as the sender's name along with the email.
	// Experimental.
	FromName *string `json:"fromName" yaml:"fromName"`
	// The destination to which the receiver of the email should reploy to.
	// Experimental.
	ReplyTo *string `json:"replyTo" yaml:"replyTo"`
	// Required if the UserPool region is different than the SES region.
	//
	// If sending emails with a Amazon SES verified email address,
	// and the region that SES is configured is different than the
	// region in which the UserPool is deployed, you must specify that
	// region here.
	//
	// Must be 'us-east-1', 'us-west-2', or 'eu-west-1'
	// Experimental.
	SesRegion *string `json:"sesRegion" yaml:"sesRegion"`
}

Configuration for Cognito sending emails via Amazon SES.

TODO: EXAMPLE

Experimental.

type UserPoolTriggers 

type UserPoolTriggers struct {
	// Creates an authentication challenge.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-create-auth-challenge.html
	//
	// Experimental.
	CreateAuthChallenge awslambda.IFunction `json:"createAuthChallenge" yaml:"createAuthChallenge"`
	// Amazon Cognito invokes this trigger to send email notifications to users.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-custom-email-sender.html
	//
	// Experimental.
	CustomEmailSender awslambda.IFunction `json:"customEmailSender" yaml:"customEmailSender"`
	// A custom Message AWS Lambda trigger.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-custom-message.html
	//
	// Experimental.
	CustomMessage awslambda.IFunction `json:"customMessage" yaml:"customMessage"`
	// Amazon Cognito invokes this trigger to send SMS notifications to users.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-custom-sms-sender.html
	//
	// Experimental.
	CustomSmsSender awslambda.IFunction `json:"customSmsSender" yaml:"customSmsSender"`
	// Defines the authentication challenge.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-define-auth-challenge.html
	//
	// Experimental.
	DefineAuthChallenge awslambda.IFunction `json:"defineAuthChallenge" yaml:"defineAuthChallenge"`
	// A post-authentication AWS Lambda trigger.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-post-authentication.html
	//
	// Experimental.
	PostAuthentication awslambda.IFunction `json:"postAuthentication" yaml:"postAuthentication"`
	// A post-confirmation AWS Lambda trigger.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-post-confirmation.html
	//
	// Experimental.
	PostConfirmation awslambda.IFunction `json:"postConfirmation" yaml:"postConfirmation"`
	// A pre-authentication AWS Lambda trigger.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-authentication.html
	//
	// Experimental.
	PreAuthentication awslambda.IFunction `json:"preAuthentication" yaml:"preAuthentication"`
	// A pre-registration AWS Lambda trigger.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html
	//
	// Experimental.
	PreSignUp awslambda.IFunction `json:"preSignUp" yaml:"preSignUp"`
	// A pre-token-generation AWS Lambda trigger.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-token-generation.html
	//
	// Experimental.
	PreTokenGeneration awslambda.IFunction `json:"preTokenGeneration" yaml:"preTokenGeneration"`
	// A user-migration AWS Lambda trigger.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-migrate-user.html
	//
	// Experimental.
	UserMigration awslambda.IFunction `json:"userMigration" yaml:"userMigration"`
	// Verifies the authentication challenge response.
	// See: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-verify-auth-challenge-response.html
	//
	// Experimental.
	VerifyAuthChallengeResponse awslambda.IFunction `json:"verifyAuthChallengeResponse" yaml:"verifyAuthChallengeResponse"`
}

Triggers for a user pool.

TODO: EXAMPLE

See: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html

Experimental.

type UserVerificationConfig 

type UserVerificationConfig struct {
	// The email body template for the verification email sent to the user upon sign up.
	//
	// See https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-message-templates.html to
	// learn more about message templates.
	// Experimental.
	EmailBody *string `json:"emailBody" yaml:"emailBody"`
	// Emails can be verified either using a code or a link.
	//
	// Learn more at https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-email-verification-message-customization.html
	// Experimental.
	EmailStyle VerificationEmailStyle `json:"emailStyle" yaml:"emailStyle"`
	// The email subject template for the verification email sent to the user upon sign up.
	//
	// See https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-message-templates.html to
	// learn more about message templates.
	// Experimental.
	EmailSubject *string `json:"emailSubject" yaml:"emailSubject"`
	// The message template for the verification SMS sent to the user upon sign up.
	//
	// See https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-message-templates.html to
	// learn more about message templates.
	// Experimental.
	SmsMessage *string `json:"smsMessage" yaml:"smsMessage"`
}

User pool configuration for user self sign up.

TODO: EXAMPLE

Experimental.

type VerificationEmailStyle 

type VerificationEmailStyle string

The email verification style.

TODO: EXAMPLE

Experimental. 

const (
	VerificationEmailStyle_CODE VerificationEmailStyle = "CODE"
	VerificationEmailStyle_LINK VerificationEmailStyle = "LINK"
)

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.