AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.
Update-CGIPUserPool-UserPoolId <String>-UserPoolAddOns_AdvancedSecurityMode <AdvancedSecurityModeType>-AdminCreateUserConfig_AllowAdminCreateUserOnly <Boolean>-AutoVerifiedAttribute <String[]>-DeviceConfiguration_ChallengeRequiredOnNewDevice <Boolean>-EmailConfiguration_ConfigurationSet <String>-LambdaConfig_CreateAuthChallenge <String>-LambdaConfig_CustomMessage <String>-VerificationMessageTemplate_DefaultEmailOption <DefaultEmailOptionType>-LambdaConfig_DefineAuthChallenge <String>-DeviceConfiguration_DeviceOnlyRememberedOnUserPrompt <Boolean>-InviteMessageTemplate_EmailMessage <String>-VerificationMessageTemplate_EmailMessage <String>-VerificationMessageTemplate_EmailMessageByLink <String>-EmailConfiguration_EmailSendingAccount <EmailSendingAccountType>-InviteMessageTemplate_EmailSubject <String>-VerificationMessageTemplate_EmailSubject <String>-VerificationMessageTemplate_EmailSubjectByLink <String>-EmailVerificationMessage <String>-EmailVerificationSubject <String>-SmsConfiguration_ExternalId <String>-EmailConfiguration_From <String>-LambdaConfig_KMSKeyID <String>-CustomEmailSender_LambdaArn <String>-CustomSMSSender_LambdaArn <String>-CustomEmailSender_LambdaVersion <CustomEmailSenderLambdaVersionType>-CustomSMSSender_LambdaVersion <CustomSMSSenderLambdaVersionType>-MfaConfiguration <UserPoolMfaType>-PasswordPolicy_MinimumLength <Int32>-LambdaConfig_PostAuthentication <String>-LambdaConfig_PostConfirmation <String>-LambdaConfig_PreAuthentication <String>-LambdaConfig_PreSignUp <String>-LambdaConfig_PreTokenGeneration <String>-AccountRecoverySetting_RecoveryMechanism <RecoveryOptionType[]>-EmailConfiguration_ReplyToEmailAddress <String>-PasswordPolicy_RequireLowercase <Boolean>-PasswordPolicy_RequireNumber <Boolean>-PasswordPolicy_RequireSymbol <Boolean>-PasswordPolicy_RequireUppercase <Boolean>-SmsAuthenticationMessage <String>-VerificationMessageTemplate_SmsMessage <String>-InviteMessageTemplate_SMSMessage <String>-SmsVerificationMessage <String>-SmsConfiguration_SnsCallerArn <String>-SmsConfiguration_SnsRegion <String>-EmailConfiguration_SourceArn <String>-PasswordPolicy_TemporaryPasswordValidityDay <Int32>-AdminCreateUserConfig_UnusedAccountValidityDay <Int32>-LambdaConfig_UserMigration <String>-UserPoolTag <Hashtable>-LambdaConfig_VerifyAuthChallengeResponse <String>-Select <String>-PassThru <SwitchParameter>-Force <SwitchParameter>
RecoveryOptionTypes
. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AccountRecoverySetting_RecoveryMechanisms |
True
if only the administrator is allowed to create user profiles. Set to False
if users can sign themselves up via an app. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
AdminCreateUser
again, specifying "RESEND"
for the MessageAction
parameter. The default value for this parameter is 7. If you set a value for TemporaryPasswordValidityDays
in PasswordPolicy
, that value will be used, and UnusedAccountValidityDays
will be no longer be an available parameter for that user pool. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AdminCreateUserConfig_UnusedAccountValidityDays |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AutoVerifiedAttributes |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | LambdaConfig_CustomEmailSender_LambdaArn |
V1_0
. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | LambdaConfig_CustomEmailSender_LambdaVersion |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | LambdaConfig_CustomSMSSender_LambdaArn |
V1_0
. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | LambdaConfig_CustomSMSSender_LambdaVersion |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
no-reply@verificationemail.com
. To customize the FROM address, provide the Amazon Resource Name (ARN) of an Amazon SES verified email address for the SourceArn
parameter. If EmailSendingAccount is COGNITO_DEFAULT, you can't use the following parameters:SourceArn
parameter.Before Amazon Cognito can email your users, it requires additional permissions to call Amazon SES on your behalf. When you update your user pool with this option, Amazon Cognito creates a service-linked role, which is a type of role, in your Amazon Web Services account. This role contains the permissions that allow to access Amazon SES and send email messages with your address. For more information about the service-linked role that Amazon Cognito creates, see Using Service-Linked Roles for Amazon Cognito in the Amazon Cognito Developer Guide.Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
testuser@example.com
or Test User <testuser@example.com>
. This address appears before the body of the email. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
EmailSendingAccount
parameter:COGNITO_DEFAULT
, Amazon Cognito uses this address as the custom FROM address when it emails your users using its built-in email account.DEVELOPER
, Amazon Cognito emails your users with this address by calling Amazon SES on your behalf.SourceArn
parameter must indicate a supported Amazon Web Services Region of your user pool. Typically, the Region in the SourceArn
and the user pool Region are the same. For more information, see Amazon SES email configuration regions in the Amazon Cognito Developer Guide. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AdminCreateUserConfig_InviteMessageTemplate_EmailMessage |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AdminCreateUserConfig_InviteMessageTemplate_EmailSubject |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AdminCreateUserConfig_InviteMessageTemplate_SMSMessage |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
CustomEmailSender
and CustomSMSSender
. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
OFF
- MFA tokens aren't required and can't be specified during user registration.ON
- MFA tokens are required for all user registrations. You can only specify ON when you're initially creating a user pool. You can use the SetUserPoolMfaConfig API operation to turn MFA "ON" for existing user pools. OPTIONAL
- Users have the option when registering to create an MFA token.Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | Policies_PasswordPolicy_MinimumLength |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | Policies_PasswordPolicy_RequireLowercase |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | Policies_PasswordPolicy_RequireNumbers |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | Policies_PasswordPolicy_RequireSymbols |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | Policies_PasswordPolicy_RequireUppercase |
TemporaryPasswordValidityDays
for a user pool, you can no longer set the deprecated UnusedAccountValidityDays
value for that user pool. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | Policies_PasswordPolicy_TemporaryPasswordValidityDays |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
ExternalId
with the IAM role that you use with Amazon SNS to send SMS messages for your user pool. If you provide an ExternalId
, your Amazon Cognito user pool includes it in the request to assume your IAM role. You can configure the role trust policy to require that Amazon Cognito, and any principal, provide the ExternalID
. If you use the Amazon Cognito Management Console to create a role for SMS multi-factor authentication (MFA), Amazon Cognito creates a role with the required permissions and a trust policy that demonstrates use of the ExternalId
.For more information about the ExternalId
of a role, see How to use an external ID when granting access to your Amazon Web Services resources to a third party Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | True |
Position? | 1 |
Accept pipeline input? | True (ByValue, ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | UserPoolTags |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AK |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByValue, ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByValue, ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AWSProfilesLocation, ProfilesLocation |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | StoredCredentials, AWSProfileName |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | RegionToCall |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | SK, SecretAccessKey |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | ST |
AWS Tools for PowerShell: 2.x.y.z