AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.
New-CGIPUserPool-PoolName <String>-UserPoolAddOns_AdvancedSecurityMode <AdvancedSecurityModeType>-AliasAttribute <String[]>-AdminCreateUserConfig_AllowAdminCreateUserOnly <Boolean>-UserAttributeUpdateSettings_AttributesRequireVerificationBeforeUpdate <String[]>-AutoVerifiedAttribute <String[]>-UsernameConfiguration_CaseSensitive <Boolean>-DeviceConfiguration_ChallengeRequiredOnNewDevice <Boolean>-EmailConfiguration_ConfigurationSet <String>-LambdaConfig_CreateAuthChallenge <String>-LambdaConfig_CustomMessage <String>-VerificationMessageTemplate_DefaultEmailOption <DefaultEmailOptionType>-LambdaConfig_DefineAuthChallenge <String>-DeviceConfiguration_DeviceOnlyRememberedOnUserPrompt <Boolean>-InviteMessageTemplate_EmailMessage <String>-VerificationMessageTemplate_EmailMessage <String>-VerificationMessageTemplate_EmailMessageByLink <String>-EmailConfiguration_EmailSendingAccount <EmailSendingAccountType>-InviteMessageTemplate_EmailSubject <String>-VerificationMessageTemplate_EmailSubject <String>-VerificationMessageTemplate_EmailSubjectByLink <String>-EmailVerificationMessage <String>-EmailVerificationSubject <String>-SmsConfiguration_ExternalId <String>-EmailConfiguration_From <String>-LambdaConfig_KMSKeyID <String>-CustomEmailSender_LambdaArn <String>-CustomSMSSender_LambdaArn <String>-CustomEmailSender_LambdaVersion <CustomEmailSenderLambdaVersionType>-CustomSMSSender_LambdaVersion <CustomSMSSenderLambdaVersionType>-MfaConfiguration <UserPoolMfaType>-PasswordPolicy_MinimumLength <Int32>-LambdaConfig_PostAuthentication <String>-LambdaConfig_PostConfirmation <String>-LambdaConfig_PreAuthentication <String>-LambdaConfig_PreSignUp <String>-LambdaConfig_PreTokenGeneration <String>-AccountRecoverySetting_RecoveryMechanism <RecoveryOptionType[]>-EmailConfiguration_ReplyToEmailAddress <String>-PasswordPolicy_RequireLowercase <Boolean>-PasswordPolicy_RequireNumber <Boolean>-PasswordPolicy_RequireSymbol <Boolean>-PasswordPolicy_RequireUppercase <Boolean>-Schema <SchemaAttributeType[]>-SmsAuthenticationMessage <String>-VerificationMessageTemplate_SmsMessage <String>-InviteMessageTemplate_SMSMessage <String>-SmsVerificationMessage <String>-SmsConfiguration_SnsCallerArn <String>-SmsConfiguration_SnsRegion <String>-EmailConfiguration_SourceArn <String>-PasswordPolicy_TemporaryPasswordValidityDay <Int32>-AdminCreateUserConfig_UnusedAccountValidityDay <Int32>-LambdaConfig_UserMigration <String>-UsernameAttribute <String[]>-UserPoolTag <Hashtable>-LambdaConfig_VerifyAuthChallengeResponse <String>-Select <String>-PassThru <SwitchParameter>-Force <SwitchParameter>
RecoveryOptionTypes
. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AccountRecoverySetting_RecoveryMechanisms |
True
if only the administrator is allowed to create user profiles. Set to False
if users can sign themselves up via an app. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
AdminCreateUser
again, specifying "RESEND"
for the MessageAction
parameter. The default value for this parameter is 7. If you set a value for TemporaryPasswordValidityDays
in PasswordPolicy
, that value will be used, and UnusedAccountValidityDays
will be no longer be an available parameter for that user pool. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AdminCreateUserConfig_UnusedAccountValidityDays |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AliasAttributes |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AutoVerifiedAttributes |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | LambdaConfig_CustomEmailSender_LambdaArn |
V1_0
. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | LambdaConfig_CustomEmailSender_LambdaVersion |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | LambdaConfig_CustomSMSSender_LambdaArn |
V1_0
. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | LambdaConfig_CustomSMSSender_LambdaVersion |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
no-reply@verificationemail.com
. To customize the FROM address, provide the Amazon Resource Name (ARN) of an Amazon SES verified email address for the SourceArn
parameter.SourceArn
parameter.Before Amazon Cognito can email your users, it requires additional permissions to call Amazon SES on your behalf. When you update your user pool with this option, Amazon Cognito creates a service-linked role, which is a type of role, in your Amazon Web Services account. This role contains the permissions that allow to access Amazon SES and send email messages with your address. For more information about the service-linked role that Amazon Cognito creates, see Using Service-Linked Roles for Amazon Cognito in the Amazon Cognito Developer Guide.Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
testuser@example.com
or Test User <testuser@example.com>
. This address appears before the body of the email. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
EmailSendingAccount
parameter:COGNITO_DEFAULT
, Amazon Cognito uses this address as the custom FROM address when it emails your users using its built-in email account.DEVELOPER
, Amazon Cognito emails your users with this address by calling Amazon SES on your behalf.SourceArn
parameter must indicate a supported Amazon Web Services Region of your user pool. Typically, the Region in the SourceArn
and the user pool Region are the same. For more information, see Amazon SES email configuration regions in the Amazon Cognito Developer Guide. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AdminCreateUserConfig_InviteMessageTemplate_EmailMessage |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AdminCreateUserConfig_InviteMessageTemplate_EmailSubject |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AdminCreateUserConfig_InviteMessageTemplate_SMSMessage |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
CustomEmailSender
and CustomSMSSender
. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | Policies_PasswordPolicy_MinimumLength |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | Policies_PasswordPolicy_RequireLowercase |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | Policies_PasswordPolicy_RequireNumbers |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | Policies_PasswordPolicy_RequireSymbols |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | Policies_PasswordPolicy_RequireUppercase |
TemporaryPasswordValidityDays
for a user pool, you can no longer set a value for the legacy UnusedAccountValidityDays
parameter in that user pool. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | Policies_PasswordPolicy_TemporaryPasswordValidityDays |
Required? | True |
Position? | 1 |
Accept pipeline input? | True (ByValue, ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
ExternalId
with the IAM role that you use with Amazon SNS to send SMS messages for your user pool. If you provide an ExternalId
, your Amazon Cognito user pool includes it in the request to assume your IAM role. You can configure the role trust policy to require that Amazon Cognito, and any principal, provide the ExternalID
. If you use the Amazon Cognito Management Console to create a role for SMS multi-factor authentication (MFA), Amazon Cognito creates a role with the required permissions and a trust policy that demonstrates use of the ExternalId
.For more information about the ExternalId
of a role, see How to use an external ID when granting access to your Amazon Web Services resources to a third party Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
email_verified
or phone_number_verified
to true.When AttributesRequireVerificationBeforeUpdate
is false, your user pool doesn't require that your users verify attribute changes before Amazon Cognito updates them. In a user pool where AttributesRequireVerificationBeforeUpdate
is false, API operations that change attribute values can immediately update a user’s email
or phone_number
attribute. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | UsernameAttributes |
True
, users must sign in using the exact capitalization of their given username, such as “UserName”. This is the default value.False
, users can sign in using either "username" or "Username". This option also enables both preferred_username
and email
alias to be case insensitive, in addition to the username
attribute.Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | UserPoolTags |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
EmailMessage
template only if the value of EmailSendingAccount is DEVELOPER
. When your EmailSendingAccount is DEVELOPER
, your user pool sends email messages with your own Amazon SES configuration. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
EmailMessageByLink
template only if the value of EmailSendingAccount is DEVELOPER
. When your EmailSendingAccount is DEVELOPER
, your user pool sends email messages with your own Amazon SES configuration. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
EmailSubject
template only if the value of EmailSendingAccount is DEVELOPER
. When your EmailSendingAccount is DEVELOPER
, your user pool sends email messages with your own Amazon SES configuration. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
EmailSubjectByLink
template only if the value of EmailSendingAccount is DEVELOPER
. When your EmailSendingAccount is DEVELOPER
, your user pool sends email messages with your own Amazon SES configuration. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AK |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByValue, ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByValue, ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AWSProfilesLocation, ProfilesLocation |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | StoredCredentials, AWSProfileName |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | RegionToCall |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | SK, SecretAccessKey |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | ST |
AWS Tools for PowerShell: 2.x.y.z