User
data class UserPoolArgs(val accountRecoverySetting: Output<UserPoolAccountRecoverySettingArgs>? = null, val adminCreateUserConfig: Output<UserPoolAdminCreateUserConfigArgs>? = null, val aliasAttributes: Output<List<String>>? = null, val autoVerifiedAttributes: Output<List<String>>? = null, val deletionProtection: Output<String>? = null, val deviceConfiguration: Output<UserPoolDeviceConfigurationArgs>? = null, val emailConfiguration: Output<UserPoolEmailConfigurationArgs>? = null, val emailVerificationMessage: Output<String>? = null, val emailVerificationSubject: Output<String>? = null, val lambdaConfig: Output<UserPoolLambdaConfigArgs>? = null, val mfaConfiguration: Output<String>? = null, val name: Output<String>? = null, val passwordPolicy: Output<UserPoolPasswordPolicyArgs>? = null, val schemas: Output<List<UserPoolSchemaArgs>>? = null, val smsAuthenticationMessage: Output<String>? = null, val smsConfiguration: Output<UserPoolSmsConfigurationArgs>? = null, val smsVerificationMessage: Output<String>? = null, val softwareTokenMfaConfiguration: Output<UserPoolSoftwareTokenMfaConfigurationArgs>? = null, val tags: Output<Map<String, String>>? = null, val userAttributeUpdateSettings: Output<UserPoolUserAttributeUpdateSettingsArgs>? = null, val userPoolAddOns: Output<UserPoolUserPoolAddOnsArgs>? = null, val usernameAttributes: Output<List<String>>? = null, val usernameConfiguration: Output<UserPoolUsernameConfigurationArgs>? = null, val verificationMessageTemplate: Output<UserPoolVerificationMessageTemplateArgs>? = null) : ConvertibleToJava<UserPoolArgs>
Provides a Cognito User Pool resource.
Example Usage
Basic configuration
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const pool = new aws.cognito.UserPool("pool", {name: "mypool"});Content copied to clipboard
import pulumi
import pulumi_aws as aws
pool = aws.cognito.UserPool("pool", name="mypool")Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var pool = new Aws.Cognito.UserPool("pool", new()
{
Name = "mypool",
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cognito.NewUserPool(ctx, "pool", &cognito.UserPoolArgs{
Name: pulumi.String("mypool"),
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cognito.UserPool;
import com.pulumi.aws.cognito.UserPoolArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var pool = new UserPool("pool", UserPoolArgs.builder()
.name("mypool")
.build());
}
}Content copied to clipboard
resources:
pool:
type: aws:cognito:UserPool
properties:
name: mypoolContent copied to clipboard
Enabling SMS and Software Token Multi-Factor Authentication
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.cognito.UserPool("example", {
mfaConfiguration: "ON",
smsAuthenticationMessage: "Your code is {####}",
smsConfiguration: {
externalId: "example",
snsCallerArn: exampleAwsIamRole.arn,
snsRegion: "us-east-1",
},
softwareTokenMfaConfiguration: {
enabled: true,
},
});Content copied to clipboard
import pulumi
import pulumi_aws as aws
example = aws.cognito.UserPool("example",
mfa_configuration="ON",
sms_authentication_message="Your code is {####}",
sms_configuration=aws.cognito.UserPoolSmsConfigurationArgs(
external_id="example",
sns_caller_arn=example_aws_iam_role["arn"],
sns_region="us-east-1",
),
software_token_mfa_configuration=aws.cognito.UserPoolSoftwareTokenMfaConfigurationArgs(
enabled=True,
))Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.Cognito.UserPool("example", new()
{
MfaConfiguration = "ON",
SmsAuthenticationMessage = "Your code is {####}",
SmsConfiguration = new Aws.Cognito.Inputs.UserPoolSmsConfigurationArgs
{
ExternalId = "example",
SnsCallerArn = exampleAwsIamRole.Arn,
SnsRegion = "us-east-1",
},
SoftwareTokenMfaConfiguration = new Aws.Cognito.Inputs.UserPoolSoftwareTokenMfaConfigurationArgs
{
Enabled = true,
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cognito.NewUserPool(ctx, "example", &cognito.UserPoolArgs{
MfaConfiguration: pulumi.String("ON"),
SmsAuthenticationMessage: pulumi.String("Your code is {####}"),
SmsConfiguration: &cognito.UserPoolSmsConfigurationArgs{
ExternalId: pulumi.String("example"),
SnsCallerArn: pulumi.Any(exampleAwsIamRole.Arn),
SnsRegion: pulumi.String("us-east-1"),
},
SoftwareTokenMfaConfiguration: &cognito.UserPoolSoftwareTokenMfaConfigurationArgs{
Enabled: pulumi.Bool(true),
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cognito.UserPool;
import com.pulumi.aws.cognito.UserPoolArgs;
import com.pulumi.aws.cognito.inputs.UserPoolSmsConfigurationArgs;
import com.pulumi.aws.cognito.inputs.UserPoolSoftwareTokenMfaConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new UserPool("example", UserPoolArgs.builder()
.mfaConfiguration("ON")
.smsAuthenticationMessage("Your code is {####}")
.smsConfiguration(UserPoolSmsConfigurationArgs.builder()
.externalId("example")
.snsCallerArn(exampleAwsIamRole.arn())
.snsRegion("us-east-1")
.build())
.softwareTokenMfaConfiguration(UserPoolSoftwareTokenMfaConfigurationArgs.builder()
.enabled(true)
.build())
.build());
}
}Content copied to clipboard
resources:
example:
type: aws:cognito:UserPool
properties:
mfaConfiguration: ON
smsAuthenticationMessage: Your code is {####}
smsConfiguration:
externalId: example
snsCallerArn: ${exampleAwsIamRole.arn}
snsRegion: us-east-1
softwareTokenMfaConfiguration:
enabled: trueContent copied to clipboard
Using Account Recovery Setting
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const test = new aws.cognito.UserPool("test", {
name: "mypool",
accountRecoverySetting: {
recoveryMechanisms: [
{
name: "verified_email",
priority: 1,
},
{
name: "verified_phone_number",
priority: 2,
},
],
},
});Content copied to clipboard
import pulumi
import pulumi_aws as aws
test = aws.cognito.UserPool("test",
name="mypool",
account_recovery_setting=aws.cognito.UserPoolAccountRecoverySettingArgs(
recovery_mechanisms=[
aws.cognito.UserPoolAccountRecoverySettingRecoveryMechanismArgs(
name="verified_email",
priority=1,
),
aws.cognito.UserPoolAccountRecoverySettingRecoveryMechanismArgs(
name="verified_phone_number",
priority=2,
),
],
))Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var test = new Aws.Cognito.UserPool("test", new()
{
Name = "mypool",
AccountRecoverySetting = new Aws.Cognito.Inputs.UserPoolAccountRecoverySettingArgs
{
RecoveryMechanisms = new[]
{
new Aws.Cognito.Inputs.UserPoolAccountRecoverySettingRecoveryMechanismArgs
{
Name = "verified_email",
Priority = 1,
},
new Aws.Cognito.Inputs.UserPoolAccountRecoverySettingRecoveryMechanismArgs
{
Name = "verified_phone_number",
Priority = 2,
},
},
},
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cognito"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cognito.NewUserPool(ctx, "test", &cognito.UserPoolArgs{
Name: pulumi.String("mypool"),
AccountRecoverySetting: &cognito.UserPoolAccountRecoverySettingArgs{
RecoveryMechanisms: cognito.UserPoolAccountRecoverySettingRecoveryMechanismArray{
&cognito.UserPoolAccountRecoverySettingRecoveryMechanismArgs{
Name: pulumi.String("verified_email"),
Priority: pulumi.Int(1),
},
&cognito.UserPoolAccountRecoverySettingRecoveryMechanismArgs{
Name: pulumi.String("verified_phone_number"),
Priority: pulumi.Int(2),
},
},
},
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cognito.UserPool;
import com.pulumi.aws.cognito.UserPoolArgs;
import com.pulumi.aws.cognito.inputs.UserPoolAccountRecoverySettingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var test = new UserPool("test", UserPoolArgs.builder()
.name("mypool")
.accountRecoverySetting(UserPoolAccountRecoverySettingArgs.builder()
.recoveryMechanisms(
UserPoolAccountRecoverySettingRecoveryMechanismArgs.builder()
.name("verified_email")
.priority(1)
.build(),
UserPoolAccountRecoverySettingRecoveryMechanismArgs.builder()
.name("verified_phone_number")
.priority(2)
.build())
.build())
.build());
}
}Content copied to clipboard
resources:
test:
type: aws:cognito:UserPool
properties:
name: mypool
accountRecoverySetting:
recoveryMechanisms:
- name: verified_email
priority: 1
- name: verified_phone_number
priority: 2Content copied to clipboard
Import
Using pulumi import, import Cognito User Pools using the id. For example:
$ pulumi import aws:cognito/userPool:UserPool pool us-west-2_abc123Content copied to clipboard
Constructors
Link copied to clipboard
fun UserPoolArgs(accountRecoverySetting: Output<UserPoolAccountRecoverySettingArgs>? = null, adminCreateUserConfig: Output<UserPoolAdminCreateUserConfigArgs>? = null, aliasAttributes: Output<List<String>>? = null, autoVerifiedAttributes: Output<List<String>>? = null, deletionProtection: Output<String>? = null, deviceConfiguration: Output<UserPoolDeviceConfigurationArgs>? = null, emailConfiguration: Output<UserPoolEmailConfigurationArgs>? = null, emailVerificationMessage: Output<String>? = null, emailVerificationSubject: Output<String>? = null, lambdaConfig: Output<UserPoolLambdaConfigArgs>? = null, mfaConfiguration: Output<String>? = null, name: Output<String>? = null, passwordPolicy: Output<UserPoolPasswordPolicyArgs>? = null, schemas: Output<List<UserPoolSchemaArgs>>? = null, smsAuthenticationMessage: Output<String>? = null, smsConfiguration: Output<UserPoolSmsConfigurationArgs>? = null, smsVerificationMessage: Output<String>? = null, softwareTokenMfaConfiguration: Output<UserPoolSoftwareTokenMfaConfigurationArgs>? = null, tags: Output<Map<String, String>>? = null, userAttributeUpdateSettings: Output<UserPoolUserAttributeUpdateSettingsArgs>? = null, userPoolAddOns: Output<UserPoolUserPoolAddOnsArgs>? = null, usernameAttributes: Output<List<String>>? = null, usernameConfiguration: Output<UserPoolUsernameConfigurationArgs>? = null, verificationMessageTemplate: Output<UserPoolVerificationMessageTemplateArgs>? = null)
Functions
Properties
Link copied to clipboard
Multi-Factor Authentication (MFA) configuration for the User Pool. Defaults of OFF. Valid values are OFF (MFA Tokens are not required), ON (MFA is required for all users to sign in; requires at least one of sms_configuration or software_token_mfa_configuration to be configured), or OPTIONAL (MFA Will be required only for individual users who have MFA Enabled; requires at least one of sms_configuration or software_token_mfa_configuration to be configured).
Link copied to clipboard
Configuration block for the schema attributes of a user pool. Detailed below. Schema attributes from the standard attribute set only need to be specified if they are different from the default configuration. Attributes can be added, but not modified or removed. Maximum of 50 attributes.
Link copied to clipboard
Configuration block for Short Message Service (SMS) settings. Detailed below. These settings apply to SMS user verification and SMS Multi-Factor Authentication (MFA). Due to Cognito API restrictions, the SMS configuration cannot be removed without recreating the Cognito User Pool. For user data safety, this resource will ignore the removal of this configuration by disabling drift detection. To force resource recreation after this configuration has been applied, see the taint command.