Skip to content

Set Risk Configuration

cognitoidentityprovider_set_risk_configuration R Documentation

Configures actions on detected risks

Description

Configures actions on detected risks. To delete the risk configuration for UserPoolId or ClientId, pass null values for all four configuration types.

To activate Amazon Cognito advanced security features, update the user pool to include the UserPoolAddOns keyAdvancedSecurityMode.

Usage

cognitoidentityprovider_set_risk_configuration(UserPoolId, ClientId,
  CompromisedCredentialsRiskConfiguration,
  AccountTakeoverRiskConfiguration, RiskExceptionConfiguration)

Arguments

UserPoolId

[required] The user pool ID.

ClientId

The app client ID. If ClientId is null, then the risk configuration is mapped to userPoolId. When the client ID is null, the same risk configuration is applied to all the clients in the userPool.

Otherwise, ClientId is mapped to the client. When the client ID isn't null, the user pool configuration is overridden and the risk configuration for the client is used instead.

CompromisedCredentialsRiskConfiguration

The compromised credentials risk configuration.

AccountTakeoverRiskConfiguration

The account takeover risk configuration.

RiskExceptionConfiguration

The configuration to override the risk decision.

Value

A list with the following syntax:

list(
  RiskConfiguration = list(
    UserPoolId = "string",
    ClientId = "string",
    CompromisedCredentialsRiskConfiguration = list(
      EventFilter = list(
        "SIGN_IN"|"PASSWORD_CHANGE"|"SIGN_UP"
      ),
      Actions = list(
        EventAction = "BLOCK"|"NO_ACTION"
      )
    ),
    AccountTakeoverRiskConfiguration = list(
      NotifyConfiguration = list(
        From = "string",
        ReplyTo = "string",
        SourceArn = "string",
        BlockEmail = list(
          Subject = "string",
          HtmlBody = "string",
          TextBody = "string"
        ),
        NoActionEmail = list(
          Subject = "string",
          HtmlBody = "string",
          TextBody = "string"
        ),
        MfaEmail = list(
          Subject = "string",
          HtmlBody = "string",
          TextBody = "string"
        )
      ),
      Actions = list(
        LowAction = list(
          Notify = TRUE|FALSE,
          EventAction = "BLOCK"|"MFA_IF_CONFIGURED"|"MFA_REQUIRED"|"NO_ACTION"
        ),
        MediumAction = list(
          Notify = TRUE|FALSE,
          EventAction = "BLOCK"|"MFA_IF_CONFIGURED"|"MFA_REQUIRED"|"NO_ACTION"
        ),
        HighAction = list(
          Notify = TRUE|FALSE,
          EventAction = "BLOCK"|"MFA_IF_CONFIGURED"|"MFA_REQUIRED"|"NO_ACTION"
        )
      )
    ),
    RiskExceptionConfiguration = list(
      BlockedIPRangeList = list(
        "string"
      ),
      SkippedIPRangeList = list(
        "string"
      )
    ),
    LastModifiedDate = as.POSIXct(
      "2015-01-01"
    )
  )
)

Request syntax

svc$set_risk_configuration(
  UserPoolId = "string",
  ClientId = "string",
  CompromisedCredentialsRiskConfiguration = list(
    EventFilter = list(
      "SIGN_IN"|"PASSWORD_CHANGE"|"SIGN_UP"
    ),
    Actions = list(
      EventAction = "BLOCK"|"NO_ACTION"
    )
  ),
  AccountTakeoverRiskConfiguration = list(
    NotifyConfiguration = list(
      From = "string",
      ReplyTo = "string",
      SourceArn = "string",
      BlockEmail = list(
        Subject = "string",
        HtmlBody = "string",
        TextBody = "string"
      ),
      NoActionEmail = list(
        Subject = "string",
        HtmlBody = "string",
        TextBody = "string"
      ),
      MfaEmail = list(
        Subject = "string",
        HtmlBody = "string",
        TextBody = "string"
      )
    ),
    Actions = list(
      LowAction = list(
        Notify = TRUE|FALSE,
        EventAction = "BLOCK"|"MFA_IF_CONFIGURED"|"MFA_REQUIRED"|"NO_ACTION"
      ),
      MediumAction = list(
        Notify = TRUE|FALSE,
        EventAction = "BLOCK"|"MFA_IF_CONFIGURED"|"MFA_REQUIRED"|"NO_ACTION"
      ),
      HighAction = list(
        Notify = TRUE|FALSE,
        EventAction = "BLOCK"|"MFA_IF_CONFIGURED"|"MFA_REQUIRED"|"NO_ACTION"
      )
    )
  ),
  RiskExceptionConfiguration = list(
    BlockedIPRangeList = list(
      "string"
    ),
    SkippedIPRangeList = list(
      "string"
    )
  )
)