Skip to content

Set Risk Configuration

cognitoidentityprovider_set_risk_configuration R Documentation

Configures threat protection for a user pool or app client

Description

Configures threat protection for a user pool or app client. Sets configuration for the following.

  • Responses to risks with adaptive authentication

  • Responses to vulnerable passwords with compromised-credentials detection

  • Notifications to users who have had risky activity detected

  • IP-address denylist and allowlist

To set the risk configuration for the user pool to defaults, send this request with only the UserPoolId parameter. To reset the threat protection settings of an app client to be inherited from the user pool, send UserPoolId and ClientId parameters only. To change threat protection to audit-only or off, update the value of UserPoolAddOns in an update_user_pool request. To activate this setting, your user pool must be on the Plus tier.

Usage

cognitoidentityprovider_set_risk_configuration(UserPoolId, ClientId,
  CompromisedCredentialsRiskConfiguration,
  AccountTakeoverRiskConfiguration, RiskExceptionConfiguration)

Arguments

UserPoolId

[required] The ID of the user pool where you want to set a risk configuration. If you include UserPoolId in your request, don't include ClientId. When the client ID is null, the same risk configuration is applied to all the clients in the userPool. When you include both ClientId and UserPoolId, Amazon Cognito maps the configuration to the app client only.
ClientId

The ID of the app client where you want to set a risk configuration. If ClientId is null, then the risk configuration is mapped to UserPoolId. When the client ID is null, the same risk configuration is applied to all the clients in the userPool.

When you include a ClientId parameter, Amazon Cognito maps the configuration to the app client. When you include both ClientId and UserPoolId, Amazon Cognito maps the configuration to the app client only.
CompromisedCredentialsRiskConfiguration

The configuration of automated reactions to detected compromised credentials. Includes settings for blocking future sign-in requests and for the types of password-submission events you want to monitor.
AccountTakeoverRiskConfiguration

The settings for automated responses and notification templates for adaptive authentication with threat protection.
RiskExceptionConfiguration

A set of IP-address overrides to threat protection. You can set up IP-address always-block and always-allow lists.

Value

A list with the following syntax:

list(
  RiskConfiguration = list(
    UserPoolId = "string",
    ClientId = "string",
    CompromisedCredentialsRiskConfiguration = list(
      EventFilter = list(
        "SIGN_IN"|"PASSWORD_CHANGE"|"SIGN_UP"
      ),
      Actions = list(
        EventAction = "BLOCK"|"NO_ACTION"
      )
    ),
    AccountTakeoverRiskConfiguration = list(
      NotifyConfiguration = list(
        From = "string",
        ReplyTo = "string",
        SourceArn = "string",
        BlockEmail = list(
          Subject = "string",
          HtmlBody = "string",
          TextBody = "string"
        ),
        NoActionEmail = list(
          Subject = "string",
          HtmlBody = "string",
          TextBody = "string"
        ),
        MfaEmail = list(
          Subject = "string",
          HtmlBody = "string",
          TextBody = "string"
        )
      ),
      Actions = list(
        LowAction = list(
          Notify = TRUE|FALSE,
          EventAction = "BLOCK"|"MFA_IF_CONFIGURED"|"MFA_REQUIRED"|"NO_ACTION"
        ),
        MediumAction = list(
          Notify = TRUE|FALSE,
          EventAction = "BLOCK"|"MFA_IF_CONFIGURED"|"MFA_REQUIRED"|"NO_ACTION"
        ),
        HighAction = list(
          Notify = TRUE|FALSE,
          EventAction = "BLOCK"|"MFA_IF_CONFIGURED"|"MFA_REQUIRED"|"NO_ACTION"
        )
      )
    ),
    RiskExceptionConfiguration = list(
      BlockedIPRangeList = list(
        "string"
      ),
      SkippedIPRangeList = list(
        "string"
      )
    ),
    LastModifiedDate = as.POSIXct(
      "2015-01-01"
    )
  )
)

Request syntax

svc$set_risk_configuration(
  UserPoolId = "string",
  ClientId = "string",
  CompromisedCredentialsRiskConfiguration = list(
    EventFilter = list(
      "SIGN_IN"|"PASSWORD_CHANGE"|"SIGN_UP"
    ),
    Actions = list(
      EventAction = "BLOCK"|"NO_ACTION"
    )
  ),
  AccountTakeoverRiskConfiguration = list(
    NotifyConfiguration = list(
      From = "string",
      ReplyTo = "string",
      SourceArn = "string",
      BlockEmail = list(
        Subject = "string",
        HtmlBody = "string",
        TextBody = "string"
      ),
      NoActionEmail = list(
        Subject = "string",
        HtmlBody = "string",
        TextBody = "string"
      ),
      MfaEmail = list(
        Subject = "string",
        HtmlBody = "string",
        TextBody = "string"
      )
    ),
    Actions = list(
      LowAction = list(
        Notify = TRUE|FALSE,
        EventAction = "BLOCK"|"MFA_IF_CONFIGURED"|"MFA_REQUIRED"|"NO_ACTION"
      ),
      MediumAction = list(
        Notify = TRUE|FALSE,
        EventAction = "BLOCK"|"MFA_IF_CONFIGURED"|"MFA_REQUIRED"|"NO_ACTION"
      ),
      HighAction = list(
        Notify = TRUE|FALSE,
        EventAction = "BLOCK"|"MFA_IF_CONFIGURED"|"MFA_REQUIRED"|"NO_ACTION"
      )
    )
  ),
  RiskExceptionConfiguration = list(
    BlockedIPRangeList = list(
      "string"
    ),
    SkippedIPRangeList = list(
      "string"
    )
  )
)