AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.
New-CGIPUserPool-PoolName <String>-UserPoolAddOns_AdvancedSecurityMode <AdvancedSecurityModeType>-AliasAttribute <String[]>-AdminCreateUserConfig_AllowAdminCreateUserOnly <Boolean>-AutoVerifiedAttribute <String[]>-DeviceConfiguration_ChallengeRequiredOnNewDevice <Boolean>-EmailConfiguration_ConfigurationSet <String>-LambdaConfig_CreateAuthChallenge <String>-LambdaConfig_CustomMessage <String>-VerificationMessageTemplate_DefaultEmailOption <DefaultEmailOptionType>-LambdaConfig_DefineAuthChallenge <String>-DeviceConfiguration_DeviceOnlyRememberedOnUserPrompt <Boolean>-InviteMessageTemplate_EmailMessage <String>-VerificationMessageTemplate_EmailMessage <String>-VerificationMessageTemplate_EmailMessageByLink <String>-EmailConfiguration_EmailSendingAccount <EmailSendingAccountType>-InviteMessageTemplate_EmailSubject <String>-VerificationMessageTemplate_EmailSubject <String>-VerificationMessageTemplate_EmailSubjectByLink <String>-EmailVerificationMessage <String>-EmailVerificationSubject <String>-SmsConfiguration_ExternalId <String>-EmailConfiguration_From <String>-MfaConfiguration <UserPoolMfaType>-PasswordPolicy_MinimumLength <Int32>-LambdaConfig_PostAuthentication <String>-LambdaConfig_PostConfirmation <String>-LambdaConfig_PreAuthentication <String>-LambdaConfig_PreSignUp <String>-LambdaConfig_PreTokenGeneration <String>-EmailConfiguration_ReplyToEmailAddress <String>-PasswordPolicy_RequireLowercase <Boolean>-PasswordPolicy_RequireNumber <Boolean>-PasswordPolicy_RequireSymbol <Boolean>-PasswordPolicy_RequireUppercase <Boolean>-Schema <SchemaAttributeType[]>-SmsAuthenticationMessage <String>-VerificationMessageTemplate_SmsMessage <String>-InviteMessageTemplate_SMSMessage <String>-SmsVerificationMessage <String>-SmsConfiguration_SnsCallerArn <String>-EmailConfiguration_SourceArn <String>-PasswordPolicy_TemporaryPasswordValidityDay <Int32>-AdminCreateUserConfig_UnusedAccountValidityDay <Int32>-LambdaConfig_UserMigration <String>-UsernameAttribute <String[]>-UserPoolTag <Hashtable>-LambdaConfig_VerifyAuthChallengeResponse <String>-Select <String>-PassThru <SwitchParameter>-Force <SwitchParameter>
True
if only the administrator is allowed to create user profiles. Set to False
if users can sign themselves up via an app. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
AdminCreateUser
again, specifying "RESEND"
for the MessageAction
parameter. The default value for this parameter is 7. If you set a value for TemporaryPasswordValidityDays
in PasswordPolicy
, that value will be used and UnusedAccountValidityDays
will be deprecated for that user pool. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AdminCreateUserConfig_UnusedAccountValidityDays |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AliasAttributes |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AutoVerifiedAttributes |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
SourceArn
parameter.SourceArn
parameter.Before Amazon Cognito can email your users, it requires additional permissions to call Amazon SES on your behalf. When you update your user pool with this option, Amazon Cognito creates a service-linked role, which is a type of IAM role, in your AWS account. This role contains the permissions that allow Amazon Cognito to access Amazon SES and send email messages with your address. For more information about the service-linked role that Amazon Cognito creates, see Using Service-Linked Roles for Amazon Cognito in the Amazon Cognito Developer Guide.Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
testuser@example.com
or Test User <testuser@example.com>
. This address will appear before the body of the email. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
EmailSendingAccount
parameter:COGNITO_DEFAULT
, Amazon Cognito uses this address as the custom FROM address when it emails your users by using its built-in email account.DEVELOPER
, Amazon Cognito emails your users with this address by calling Amazon SES on your behalf.Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AdminCreateUserConfig_InviteMessageTemplate_EmailMessage |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AdminCreateUserConfig_InviteMessageTemplate_EmailSubject |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AdminCreateUserConfig_InviteMessageTemplate_SMSMessage |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | Policies_PasswordPolicy_MinimumLength |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | Policies_PasswordPolicy_RequireLowercase |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | Policies_PasswordPolicy_RequireNumbers |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | Policies_PasswordPolicy_RequireSymbols |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | Policies_PasswordPolicy_RequireUppercase |
TemporaryPasswordValidityDays
for a user pool, you will no longer be able to set the deprecated UnusedAccountValidityDays
value for that user pool. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | Policies_PasswordPolicy_TemporaryPasswordValidityDays |
Required? | True |
Position? | 1 |
Accept pipeline input? | True (ByValue, ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
ExternalId
, the Cognito User Pool will include it when attempting to assume your IAM role, so that you can set your roles trust policy to require the ExternalID
. If you use the Cognito Management Console to create a role for SMS MFA, Cognito will create a role with the required permissions and a trust policy that demonstrates use of the ExternalId
. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | UsernameAttributes |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | UserPoolTags |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AK |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Used to specify the name and location of the ini-format credential file (shared with the AWS CLI and other AWS SDKs)
If this optional parameter is omitted this cmdlet will search the encrypted credential file used by the AWS SDK for .NET and AWS Toolkit for Visual Studio first. If the profile is not found then the cmdlet will search in the ini-format credential file at the default location: (user's home directory)\.aws\credentials. Note that the encrypted credential file is not supported on all platforms. It will be skipped when searching for profiles on Windows Nano Server, Mac, and Linux platforms.
If this parameter is specified then this cmdlet will only search the ini-format credential file at the location given.
As the current folder can vary in a shell or during script execution it is advised that you use specify a fully qualified path instead of a relative path.
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AWSProfilesLocation, ProfilesLocation |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AWSProfileName, StoredCredentials |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | SecretAccessKey, SK |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | ST |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | RegionToCall |
The endpoint to make the call against.
Note: This parameter is primarily for internal AWS use and is not required/should not be specified for normal usage. The cmdlets normally determine which endpoint to call based on the region specified to the -Region parameter or set as default in the shell (via Set-DefaultAWSRegion). Only specify this parameter if you must direct the call to a specific custom endpoint.
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
AWS Tools for PowerShell: 2.x.y.z