AWS::Cognito::UserPool

The AWS::Cognito::UserPool resource creates an Amazon Cognito user pool. For more information on working with Amazon Cognito user pools, see Amazon Cognito User Pools and CreateUserPool.

Topics

Syntax
Properties
Return Value

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON


{
  "Type" : "AWS::Cognito::UserPool",
  "Properties" : {
    "AdminCreateUserConfig" : AdminCreateUserConfig,
    "AliasAttributes" : [ String ],
    "AutoVerifiedAttributes" : [ String ],
    "DeviceConfiguration" : DeviceConfiguration,
    "EmailConfiguration" : EmailConfiguration,
    "EmailVerificationMessage" : String,
    "EmailVerificationSubject" : String,
    "LambdaConfig" : LambdaConfig,
    "MfaConfiguration" : String,
    "Policies" : Policies,
    "Schema" : [ SchemaAttribute ],
    "SmsAuthenticationMessage" : String,
    "SmsConfiguration" : SmsConfiguration,
    "SmsVerificationMessage" : String,
    "UsernameAttributes" : [ String ],
    "UserPoolName" : String,
    "UserPoolTags" : { String:String, ... }
  }
}

YAML


Type: AWS::Cognito::UserPool
Properties:
  AdminCreateUserConfig: 
    AdminCreateUserConfig
  AliasAttributes: 
    - String
  AutoVerifiedAttributes: 
    - String
  DeviceConfiguration: 
    DeviceConfiguration
  EmailConfiguration: 
    EmailConfiguration
  EmailVerificationMessage: String
  EmailVerificationSubject: String
  LambdaConfig: 
    LambdaConfig
  MfaConfiguration: String
  Policies: 
    Policies
  Schema: 
    - SchemaAttribute
  SmsAuthenticationMessage: String
  SmsConfiguration: 
    SmsConfiguration
  SmsVerificationMessage: String
  UsernameAttributes: 
    - String
  UserPoolName: String
  UserPoolTags: 
    String: String

Properties

AdminCreateUserConfig

The type of configuration for creating a new user profile.

Required: No

Type: Amazon Cognito UserPool AdminCreateUserConfig

Update requires: No interruption

AliasAttributes

Attributes supported as an alias for this user pool. Possible values: phone_number, email, or preferred_username.

Required: No

Type: List of String values

Update requires: Replacement

AutoVerifiedAttributes

The attributes to be auto-verified. Possible values: email or phone_number.

Required: No

Type: List of String values

Update requires: No interruption

DeviceConfiguration

The type of configuration for the user pool's device tracking.

Required: No

Type: Amazon Cognito UserPool DeviceConfiguration

Update requires: No interruption

EmailConfiguration

The email configuration.

Required: No

Type: Amazon Cognito UserPool EmailConfiguration

Update requires: No interruption

EmailVerificationMessage

A string representing the email verification message. Must contain {####} in the description.

Required: No

Type: String

Update requires: No interruption

EmailVerificationSubject

A string representing the email verification subject.

Required: No

Type: String

Update requires: No interruption

LambdaConfig

The AWS Lambda trigger configuration information for the Amazon Cognito user pool.

Required: No

Type: Amazon Cognito UserPool LambdaConfig

Update requires: No interruption

MfaConfiguration

Specifies multi-factor authentication (MFA) configuration details. Can be one of the following values:

OFF - MFA tokens are not required and cannot be specified during user registration.

ON - MFA tokens are required for all user registrations. You can only specify required when you are initially creating a user pool.

OPTIONAL - Users have the option when registering to create an MFA token.

Required: No

Type: String

Update requires: No interruption

Policies

The policies associated with the Amazon Cognito user pool.

Required: No

Type: Amazon Cognito UserPool Policies

Update requires: No interruption

Schema

A list of schema attributes for the new user pool. These attributes can be standard or custom attributes.

Required: No

Type: List of SchemaAttribute

Update requires: Replacement

SmsAuthenticationMessage

A string representing the SMS authentication message. Must contain {####} in the message.

Required: No

Type: String

Update requires: No interruption

SmsConfiguration

The Short Message Service (SMS) configuration.

Required: No

Type: Amazon Cognito UserPool SmsConfiguration

Update requires: No interruption

SmsVerificationMessage

A string representing the SMS verification message. Must contain {####} in the message.

Required: No

Type: String

Update requires: No interruption

UsernameAttributes

Specifies whether email addresses or phone numbers can be specified as usernames when a user signs up. Possible values: phone_number or email.

Required: No

Type: List of String values

Update requires: Replacement

UserPoolName

A string used to name the user pool.

Required: Yes

Type: String

Update requires: Replacement

UserPoolTags

The cost allocation tags for the user pool. For more information, see Adding Cost Allocation Tags to Your User Pool in the Amazon Cognito Developer Guide.

Required: No

Type: String to String map

Update requires: No interruption

Return Value

Ref

When the logical ID of this resource is provided to the Ref intrinsic function, Ref returns a generated ID, such as us-east-2_zgaEXAMPLE.

For more information about using the Ref function, see Ref.

Fn::GetAtt

Fn::GetAtt returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

ProviderName: The provider name of the Amazon Cognito user pool, specified as a String.
ProviderURL: The URL of the provider of the Amazon Cognito user pool, specified as a String.
Arn: The Amazon Resource Name (ARN) of the user pool, such as arn:aws:cognito-idp:us-east-2:123412341234:userpool/us-east-1 _123412341.

For more information about using Fn::GetAtt, see Fn::GetAtt.

Warning Javascript is disabled or is unavailable in your browser.

To use the AWS Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

« Previous Next »