Modifier and Type | Method and Description |
---|---|
UserPool.Builder |
accountRecovery(AccountRecovery accountRecovery)
How will a user be able to recover their account?
|
UserPool.Builder |
autoVerify(AutoVerifiedAttrs autoVerify)
Attributes which Cognito will look to verify automatically upon user sign up.
|
UserPool |
build() |
static UserPool.Builder |
create(software.constructs.Construct scope,
java.lang.String id) |
UserPool.Builder |
customAttributes(java.util.Map<java.lang.String,? extends ICustomAttribute> customAttributes)
Define a set of custom attributes that can be configured for each user in the user pool.
|
UserPool.Builder |
customSenderKmsKey(IKey customSenderKmsKey)
This key will be used to encrypt temporary passwords and authorization codes that Amazon Cognito generates.
|
UserPool.Builder |
deviceTracking(DeviceTracking deviceTracking)
Device tracking settings.
|
UserPool.Builder |
email(UserPoolEmail email)
Email settings for a user pool.
|
UserPool.Builder |
emailSettings(EmailSettings emailSettings)
Deprecated.
Use 'email' instead.
|
UserPool.Builder |
enableSmsRole(java.lang.Boolean enableSmsRole)
Setting this would explicitly enable or disable SMS role creation.
|
UserPool.Builder |
lambdaTriggers(UserPoolTriggers lambdaTriggers)
Lambda functions to use for supported Cognito triggers.
|
UserPool.Builder |
mfa(Mfa mfa)
Configure whether users of this user pool can or are required use MFA to sign in.
|
UserPool.Builder |
mfaMessage(java.lang.String mfaMessage)
The SMS message template sent during MFA verification.
|
UserPool.Builder |
mfaSecondFactor(MfaSecondFactor mfaSecondFactor)
Configure the MFA types that users can use in this user pool.
|
UserPool.Builder |
passwordPolicy(PasswordPolicy passwordPolicy)
Password policy for this user pool.
|
UserPool.Builder |
removalPolicy(RemovalPolicy removalPolicy)
Policy to apply when the user pool is removed from the stack.
|
UserPool.Builder |
selfSignUpEnabled(java.lang.Boolean selfSignUpEnabled)
Whether self sign up should be enabled.
|
UserPool.Builder |
signInAliases(SignInAliases signInAliases)
Methods in which a user registers or signs in to a user pool.
|
UserPool.Builder |
signInCaseSensitive(java.lang.Boolean signInCaseSensitive)
Whether sign-in aliases should be evaluated with case sensitivity.
|
UserPool.Builder |
smsRole(IRole smsRole)
The IAM role that Cognito will assume while sending SMS messages.
|
UserPool.Builder |
smsRoleExternalId(java.lang.String smsRoleExternalId)
The 'ExternalId' that Cognito service must using when assuming the `smsRole`, if the role is restricted with an 'sts:ExternalId' conditional.
|
UserPool.Builder |
snsRegion(java.lang.String snsRegion)
The region to integrate with SNS to send SMS messages.
|
UserPool.Builder |
standardAttributes(StandardAttributes standardAttributes)
The set of attributes that are required for every user in the user pool.
|
UserPool.Builder |
userInvitation(UserInvitationConfig userInvitation)
Configuration around admins signing up users into a user pool.
|
UserPool.Builder |
userPoolName(java.lang.String userPoolName)
Name of the user pool.
|
UserPool.Builder |
userVerification(UserVerificationConfig userVerification)
Configuration around users signing themselves up to the user pool.
|
public static UserPool.Builder create(software.constructs.Construct scope, java.lang.String id)
scope
- This parameter is required.id
- This parameter is required.UserPool.Builder
.public UserPool.Builder accountRecovery(AccountRecovery accountRecovery)
Default: AccountRecovery.PHONE_WITHOUT_MFA_AND_EMAIL
accountRecovery
- How will a user be able to recover their account?. This parameter is required.this
public UserPool.Builder autoVerify(AutoVerifiedAttrs autoVerify)
EMAIL and PHONE are the only available options.
Default: - If `signInAlias` includes email and/or phone, they will be included in `autoVerifiedAttributes` by default. If absent, no attributes will be auto-verified.
autoVerify
- Attributes which Cognito will look to verify automatically upon user sign up. This parameter is required.this
public UserPool.Builder customAttributes(java.util.Map<java.lang.String,? extends ICustomAttribute> customAttributes)
Default: - No custom attributes.
customAttributes
- Define a set of custom attributes that can be configured for each user in the user pool. This parameter is required.this
public UserPool.Builder customSenderKmsKey(IKey customSenderKmsKey)
Default: - no key ID configured
customSenderKmsKey
- This key will be used to encrypt temporary passwords and authorization codes that Amazon Cognito generates. This parameter is required.this
public UserPool.Builder deviceTracking(DeviceTracking deviceTracking)
Default: - see defaults on each property of DeviceTracking.
deviceTracking
- Device tracking settings. This parameter is required.this
public UserPool.Builder email(UserPoolEmail email)
Default: - cognito will use the default email configuration
email
- Email settings for a user pool. This parameter is required.this
@Deprecated public UserPool.Builder emailSettings(EmailSettings emailSettings)
Default: - see defaults on each property of EmailSettings.
emailSettings
- Email settings for a user pool. This parameter is required.this
public UserPool.Builder enableSmsRole(java.lang.Boolean enableSmsRole)
When left unspecified, CDK will determine based on other properties if a role is needed or not.
Default: - CDK will determine based on other properties of the user pool if an SMS role should be created or not.
enableSmsRole
- Setting this would explicitly enable or disable SMS role creation. This parameter is required.this
public UserPool.Builder lambdaTriggers(UserPoolTriggers lambdaTriggers)
Default: - No Lambda triggers.
lambdaTriggers
- Lambda functions to use for supported Cognito triggers. This parameter is required.this
public UserPool.Builder mfa(Mfa mfa)
Default: Mfa.OFF
mfa
- Configure whether users of this user pool can or are required use MFA to sign in. This parameter is required.this
public UserPool.Builder mfaMessage(java.lang.String mfaMessage)
Use '{####}' in the template where Cognito should insert the verification code.
Default: 'Your authentication code is {####}.'
mfaMessage
- The SMS message template sent during MFA verification. This parameter is required.this
public UserPool.Builder mfaSecondFactor(MfaSecondFactor mfaSecondFactor)
Ignored if mfa
is set to OFF
.
Default: - { sms: true, otp: false }, if `mfa` is set to `OPTIONAL` or `REQUIRED`. { sms: false, otp: false }, otherwise
mfaSecondFactor
- Configure the MFA types that users can use in this user pool. This parameter is required.this
public UserPool.Builder passwordPolicy(PasswordPolicy passwordPolicy)
Default: - see defaults on each property of PasswordPolicy.
passwordPolicy
- Password policy for this user pool. This parameter is required.this
public UserPool.Builder removalPolicy(RemovalPolicy removalPolicy)
Default: RemovalPolicy.RETAIN
removalPolicy
- Policy to apply when the user pool is removed from the stack. This parameter is required.this
public UserPool.Builder selfSignUpEnabled(java.lang.Boolean selfSignUpEnabled)
This can be further configured via the selfSignUp
property.
Default: false
selfSignUpEnabled
- Whether self sign up should be enabled. This parameter is required.this
public UserPool.Builder signInAliases(SignInAliases signInAliases)
Allows either username with aliases OR sign in with email, phone, or both.
Read the sections on usernames and aliases to learn more - https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html
To match with 'Option 1' in the above link, with a verified email, this property should be set to
{ username: true, email: true }
. To match with 'Option 2' in the above link with both a verified email and phone
number, this property should be set to { email: true, phone: true }
.
Default: { username: true }
signInAliases
- Methods in which a user registers or signs in to a user pool. This parameter is required.this
public UserPool.Builder signInCaseSensitive(java.lang.Boolean signInCaseSensitive)
For example, when this option is set to false, users will be able to sign in using either MyUsername
or myusername
.
Default: true
signInCaseSensitive
- Whether sign-in aliases should be evaluated with case sensitivity. This parameter is required.this
public UserPool.Builder smsRole(IRole smsRole)
Default: - a new IAM role is created
smsRole
- The IAM role that Cognito will assume while sending SMS messages. This parameter is required.this
public UserPool.Builder smsRoleExternalId(java.lang.String smsRoleExternalId)
Learn more about ExternalId here - https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html
This property will be ignored if smsRole
is not specified.
Default: - No external id will be configured
smsRoleExternalId
- The 'ExternalId' that Cognito service must using when assuming the `smsRole`, if the role is restricted with an 'sts:ExternalId' conditional. This parameter is required.this
public UserPool.Builder snsRegion(java.lang.String snsRegion)
This property will do nothing if SMS configuration is not configured
Default: - The same region as the user pool, with a few exceptions - https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html#user-pool-sms-settings-first-time
snsRegion
- The region to integrate with SNS to send SMS messages. This parameter is required.this
public UserPool.Builder standardAttributes(StandardAttributes standardAttributes)
Read more on attributes here - https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-attributes.html
Default: - All standard attributes are optional and mutable.
standardAttributes
- The set of attributes that are required for every user in the user pool. This parameter is required.this
public UserPool.Builder userInvitation(UserInvitationConfig userInvitation)
Default: - see defaults in UserInvitationConfig
userInvitation
- Configuration around admins signing up users into a user pool. This parameter is required.this
public UserPool.Builder userPoolName(java.lang.String userPoolName)
Default: - automatically generated name by CloudFormation at deploy time
userPoolName
- Name of the user pool. This parameter is required.this
public UserPool.Builder userVerification(UserVerificationConfig userVerification)
Enable or disable self sign-up via the selfSignUpEnabled
property.
Default: - see defaults in UserVerificationConfig
userVerification
- Configuration around users signing themselves up to the user pool. This parameter is required.this
public UserPool build()