aws-sdk-cognitoidentityprovider 1.44.0 → 1.49.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: fc51e18f2294d37efc29cfb1fcf4bb90dc4883c012cb0aa33233e3f30b4272d3
-  data.tar.gz: daddd7a3daf5ba303b835aa97c5705b7219ec67487fd66434d48f848fdc45b8a
+  metadata.gz: a0ba68f2a2ee6fa437c9ccdbeaa727e7ffe2c4586dd7e43a6415d3db4c902ab5
+  data.tar.gz: f83d6c040cdcc531fa400ef6f8b38698d50c98d3c3582ea30d9dd2c6d9442f06
 SHA512:
-  metadata.gz: e7d7653c6dd0f4032ca8a53b392a63d6aecaad0836721b38fc187027874cc88a8e769c493f922b2844e326944c17e49ab482640007fa857db7aafe742b546d8c
-  data.tar.gz: 35ffbe29517a8444b546b37cf78ec689ffcaeaacd22dc6221e7c207a721c2c377b3e4af19b709c1b4166e93edc84b881222d903717dd323a9b06978a42d50ca8
+  metadata.gz: 43afd3a06079cb3b2580dd2157ed931c82902d4013107bfc65217357e25572f23eec85eb65a2ae7c81385298ea8640b697f74f327ec37b30853feee5d6ab2cf5
+  data.tar.gz: 76841e53dc05fdb7ea6b9d62f7d83403c3033da47d74a350a2cdcb17dada5f76d212d8dc4f4c03b6a276b34c6bbfa36022de834ee3b8ff78089b7743ab948b0a

data/lib/aws-sdk-cognitoidentityprovider.rb

@@ -7,6 +7,7 @@
 #
 # WARNING ABOUT GENERATED CODE
 
+
 require 'aws-sdk-core'
 require 'aws-sigv4'
 
@@ -44,9 +45,9 @@ require_relative 'aws-sdk-cognitoidentityprovider/customizations'
 #
 # See {Errors} for more information.
 #
-# @service
+# @!group service
 module Aws::CognitoIdentityProvider
 
-  GEM_VERSION = '1.44.0'
+  GEM_VERSION = '1.49.0'
 
 end

data/lib/aws-sdk-cognitoidentityprovider/client.rb

@@ -85,13 +85,28 @@ module Aws::CognitoIdentityProvider
     #     * `Aws::Credentials` - Used for configuring static, non-refreshing
     #       credentials.
     #
+    #     * `Aws::SharedCredentials` - Used for loading static credentials from a
+    #       shared file, such as `~/.aws/config`.
+    #
+    #     * `Aws::AssumeRoleCredentials` - Used when you need to assume a role.
+    #
+    #     * `Aws::AssumeRoleWebIdentityCredentials` - Used when you need to
+    #       assume a role after providing credentials via the web.
+    #
+    #     * `Aws::SSOCredentials` - Used for loading credentials from AWS SSO using an
+    #       access token generated from `aws login`.
+    #
+    #     * `Aws::ProcessCredentials` - Used for loading credentials from a
+    #       process that outputs to stdout.
+    #
     #     * `Aws::InstanceProfileCredentials` - Used for loading credentials
     #       from an EC2 IMDS on an EC2 instance.
     #
-    #     * `Aws::SharedCredentials` - Used for loading credentials from a
-    #       shared file, such as `~/.aws/config`.
+    #     * `Aws::ECSCredentials` - Used for loading credentials from
+    #       instances running in ECS.
     #
-    #     * `Aws::AssumeRoleCredentials` - Used when you need to assume a role.
+    #     * `Aws::CognitoIdentityCredentials` - Used for loading credentials
+    #       from the Cognito Identity service.
     #
     #     When `:credentials` are not configured directly, the following
     #     locations will be searched for credentials:
@@ -101,10 +116,10 @@ module Aws::CognitoIdentityProvider
     #     * ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY']
     #     * `~/.aws/credentials`
     #     * `~/.aws/config`
-    #     * EC2 IMDS instance profile - When used by default, the timeouts are
-    #       very aggressive. Construct and pass an instance of
-    #       `Aws::InstanceProfileCredentails` to enable retries and extended
-    #       timeouts.
+    #     * EC2/ECS IMDS instance profile - When used by default, the timeouts
+    #       are very aggressive. Construct and pass an instance of
+    #       `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to
+    #       enable retries and extended timeouts.
     #
     #   @option options [required, String] :region
     #     The AWS region to connect to.  The configured `:region` is
@@ -2731,9 +2746,21 @@ module Aws::CognitoIdentityProvider
     #
     # @option params [String] :email_verification_message
     #   A string representing the email verification message.
+    #   EmailVerificationMessage is allowed only if [EmailSendingAccount][1]
+    #   is DEVELOPER.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount
     #
     # @option params [String] :email_verification_subject
     #   A string representing the email verification subject.
+    #   EmailVerificationSubject is allowed only if [EmailSendingAccount][1]
+    #   is DEVELOPER.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount
     #
     # @option params [Types::VerificationMessageTemplateType] :verification_message_template
     #   The template for the verification message that the user sees when the
@@ -2819,6 +2846,15 @@ module Aws::CognitoIdentityProvider
     #       verify_auth_challenge_response: "ArnType",
     #       pre_token_generation: "ArnType",
     #       user_migration: "ArnType",
+    #       custom_sms_sender: {
+    #         lambda_version: "V1_0", # required, accepts V1_0
+    #         lambda_arn: "ArnType", # required
+    #       },
+    #       custom_email_sender: {
+    #         lambda_version: "V1_0", # required, accepts V1_0
+    #         lambda_arn: "ArnType", # required
+    #       },
+    #       kms_key_id: "ArnType",
     #     },
     #     auto_verified_attributes: ["phone_number"], # accepts phone_number, email
     #     alias_attributes: ["phone_number"], # accepts phone_number, email, preferred_username
@@ -2916,6 +2952,11 @@ module Aws::CognitoIdentityProvider
     #   resp.user_pool.lambda_config.verify_auth_challenge_response #=> String
     #   resp.user_pool.lambda_config.pre_token_generation #=> String
     #   resp.user_pool.lambda_config.user_migration #=> String
+    #   resp.user_pool.lambda_config.custom_sms_sender.lambda_version #=> String, one of "V1_0"
+    #   resp.user_pool.lambda_config.custom_sms_sender.lambda_arn #=> String
+    #   resp.user_pool.lambda_config.custom_email_sender.lambda_version #=> String, one of "V1_0"
+    #   resp.user_pool.lambda_config.custom_email_sender.lambda_arn #=> String
+    #   resp.user_pool.lambda_config.kms_key_id #=> String
     #   resp.user_pool.status #=> String, one of "Enabled", "Disabled"
     #   resp.user_pool.last_modified_date #=> Time
     #   resp.user_pool.creation_date #=> Time
@@ -3731,6 +3772,11 @@ module Aws::CognitoIdentityProvider
     #   resp.user_pool.lambda_config.verify_auth_challenge_response #=> String
     #   resp.user_pool.lambda_config.pre_token_generation #=> String
     #   resp.user_pool.lambda_config.user_migration #=> String
+    #   resp.user_pool.lambda_config.custom_sms_sender.lambda_version #=> String, one of "V1_0"
+    #   resp.user_pool.lambda_config.custom_sms_sender.lambda_arn #=> String
+    #   resp.user_pool.lambda_config.custom_email_sender.lambda_version #=> String, one of "V1_0"
+    #   resp.user_pool.lambda_config.custom_email_sender.lambda_arn #=> String
+    #   resp.user_pool.lambda_config.kms_key_id #=> String
     #   resp.user_pool.status #=> String, one of "Enabled", "Disabled"
     #   resp.user_pool.last_modified_date #=> Time
     #   resp.user_pool.creation_date #=> Time
@@ -4982,6 +5028,11 @@ module Aws::CognitoIdentityProvider
     #   resp.user_pools[0].lambda_config.verify_auth_challenge_response #=> String
     #   resp.user_pools[0].lambda_config.pre_token_generation #=> String
     #   resp.user_pools[0].lambda_config.user_migration #=> String
+    #   resp.user_pools[0].lambda_config.custom_sms_sender.lambda_version #=> String, one of "V1_0"
+    #   resp.user_pools[0].lambda_config.custom_sms_sender.lambda_arn #=> String
+    #   resp.user_pools[0].lambda_config.custom_email_sender.lambda_version #=> String, one of "V1_0"
+    #   resp.user_pools[0].lambda_config.custom_email_sender.lambda_arn #=> String
+    #   resp.user_pools[0].lambda_config.kms_key_id #=> String
     #   resp.user_pools[0].status #=> String, one of "Enabled", "Disabled"
     #   resp.user_pools[0].last_modified_date #=> Time
     #   resp.user_pools[0].creation_date #=> Time
@@ -5604,7 +5655,12 @@ module Aws::CognitoIdentityProvider
     # one factor can be set as preferred. The preferred MFA factor will be
     # used to authenticate a user if multiple factors are enabled. If
     # multiple options are enabled and no preference is set, a challenge to
-    # choose an MFA option will be returned during sign in.
+    # choose an MFA option will be returned during sign in. If an MFA type
+    # is enabled for a user, the user will be prompted for MFA during all
+    # sign in attempts, unless device tracking is turned on and the device
+    # has been trusted. If you would like MFA to be applied selectively
+    # based on the assessed risk level of sign in attempts, disable MFA for
+    # users and turn on Adaptive Authentication for the user pool.
     #
     # @option params [Types::SMSMfaSettingsType] :sms_mfa_settings
     #   The SMS text message multi-factor authentication (MFA) settings.
@@ -6467,6 +6523,15 @@ module Aws::CognitoIdentityProvider
     #       verify_auth_challenge_response: "ArnType",
     #       pre_token_generation: "ArnType",
     #       user_migration: "ArnType",
+    #       custom_sms_sender: {
+    #         lambda_version: "V1_0", # required, accepts V1_0
+    #         lambda_arn: "ArnType", # required
+    #       },
+    #       custom_email_sender: {
+    #         lambda_version: "V1_0", # required, accepts V1_0
+    #         lambda_arn: "ArnType", # required
+    #       },
+    #       kms_key_id: "ArnType",
     #     },
     #     auto_verified_attributes: ["phone_number"], # accepts phone_number, email
     #     sms_verification_message: "SmsVerificationMessageType",
@@ -6967,7 +7032,7 @@ module Aws::CognitoIdentityProvider
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-cognitoidentityprovider'
-      context[:gem_version] = '1.44.0'
+      context[:gem_version] = '1.49.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-cognitoidentityprovider/client_api.rb

@@ -149,6 +149,10 @@ module Aws::CognitoIdentityProvider
     CustomAttributeNameType = Shapes::StringShape.new(name: 'CustomAttributeNameType')
     CustomAttributesListType = Shapes::ListShape.new(name: 'CustomAttributesListType')
     CustomDomainConfigType = Shapes::StructureShape.new(name: 'CustomDomainConfigType')
+    CustomEmailLambdaVersionConfigType = Shapes::StructureShape.new(name: 'CustomEmailLambdaVersionConfigType')
+    CustomEmailSenderLambdaVersionType = Shapes::StringShape.new(name: 'CustomEmailSenderLambdaVersionType')
+    CustomSMSLambdaVersionConfigType = Shapes::StructureShape.new(name: 'CustomSMSLambdaVersionConfigType')
+    CustomSMSSenderLambdaVersionType = Shapes::StringShape.new(name: 'CustomSMSSenderLambdaVersionType')
     DateType = Shapes::TimestampShape.new(name: 'DateType')
     DefaultEmailOptionType = Shapes::StringShape.new(name: 'DefaultEmailOptionType')
     DeleteGroupRequest = Shapes::StructureShape.new(name: 'DeleteGroupRequest')
@@ -957,6 +961,14 @@ module Aws::CognitoIdentityProvider
     CustomDomainConfigType.add_member(:certificate_arn, Shapes::ShapeRef.new(shape: ArnType, required: true, location_name: "CertificateArn"))
     CustomDomainConfigType.struct_class = Types::CustomDomainConfigType
 
+    CustomEmailLambdaVersionConfigType.add_member(:lambda_version, Shapes::ShapeRef.new(shape: CustomEmailSenderLambdaVersionType, required: true, location_name: "LambdaVersion"))
+    CustomEmailLambdaVersionConfigType.add_member(:lambda_arn, Shapes::ShapeRef.new(shape: ArnType, required: true, location_name: "LambdaArn"))
+    CustomEmailLambdaVersionConfigType.struct_class = Types::CustomEmailLambdaVersionConfigType
+
+    CustomSMSLambdaVersionConfigType.add_member(:lambda_version, Shapes::ShapeRef.new(shape: CustomSMSSenderLambdaVersionType, required: true, location_name: "LambdaVersion"))
+    CustomSMSLambdaVersionConfigType.add_member(:lambda_arn, Shapes::ShapeRef.new(shape: ArnType, required: true, location_name: "LambdaArn"))
+    CustomSMSLambdaVersionConfigType.struct_class = Types::CustomSMSLambdaVersionConfigType
+
     DeleteGroupRequest.add_member(:group_name, Shapes::ShapeRef.new(shape: GroupNameType, required: true, location_name: "GroupName"))
     DeleteGroupRequest.add_member(:user_pool_id, Shapes::ShapeRef.new(shape: UserPoolIdType, required: true, location_name: "UserPoolId"))
     DeleteGroupRequest.struct_class = Types::DeleteGroupRequest
@@ -1274,6 +1286,9 @@ module Aws::CognitoIdentityProvider
     LambdaConfigType.add_member(:verify_auth_challenge_response, Shapes::ShapeRef.new(shape: ArnType, location_name: "VerifyAuthChallengeResponse"))
     LambdaConfigType.add_member(:pre_token_generation, Shapes::ShapeRef.new(shape: ArnType, location_name: "PreTokenGeneration"))
     LambdaConfigType.add_member(:user_migration, Shapes::ShapeRef.new(shape: ArnType, location_name: "UserMigration"))
+    LambdaConfigType.add_member(:custom_sms_sender, Shapes::ShapeRef.new(shape: CustomSMSLambdaVersionConfigType, location_name: "CustomSMSSender"))
+    LambdaConfigType.add_member(:custom_email_sender, Shapes::ShapeRef.new(shape: CustomEmailLambdaVersionConfigType, location_name: "CustomEmailSender"))
+    LambdaConfigType.add_member(:kms_key_id, Shapes::ShapeRef.new(shape: ArnType, location_name: "KMSKeyID"))
     LambdaConfigType.struct_class = Types::LambdaConfigType
 
     LimitExceededException.add_member(:message, Shapes::ShapeRef.new(shape: MessageType, location_name: "message"))

data/lib/aws-sdk-cognitoidentityprovider/types.rb

@@ -3628,6 +3628,15 @@ module Aws::CognitoIdentityProvider
     #           verify_auth_challenge_response: "ArnType",
     #           pre_token_generation: "ArnType",
     #           user_migration: "ArnType",
+    #           custom_sms_sender: {
+    #             lambda_version: "V1_0", # required, accepts V1_0
+    #             lambda_arn: "ArnType", # required
+    #           },
+    #           custom_email_sender: {
+    #             lambda_version: "V1_0", # required, accepts V1_0
+    #             lambda_arn: "ArnType", # required
+    #           },
+    #           kms_key_id: "ArnType",
     #         },
     #         auto_verified_attributes: ["phone_number"], # accepts phone_number, email
     #         alias_attributes: ["phone_number"], # accepts phone_number, email, preferred_username
@@ -3757,10 +3766,22 @@ module Aws::CognitoIdentityProvider
     #
     # @!attribute [rw] email_verification_message
     #   A string representing the email verification message.
+    #   EmailVerificationMessage is allowed only if [EmailSendingAccount][1]
+    #   is DEVELOPER.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount
     #   @return [String]
     #
     # @!attribute [rw] email_verification_subject
     #   A string representing the email verification subject.
+    #   EmailVerificationSubject is allowed only if [EmailSendingAccount][1]
+    #   is DEVELOPER.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount
     #   @return [String]
     #
     # @!attribute [rw] verification_message_template
@@ -3898,6 +3919,66 @@ module Aws::CognitoIdentityProvider
       include Aws::Structure
     end
 
+    # A custom email sender Lambda configuration type.
+    #
+    # @note When making an API call, you may pass CustomEmailLambdaVersionConfigType
+    #   data as a hash:
+    #
+    #       {
+    #         lambda_version: "V1_0", # required, accepts V1_0
+    #         lambda_arn: "ArnType", # required
+    #       }
+    #
+    # @!attribute [rw] lambda_version
+    #   The Lambda version represents the signature of the "request"
+    #   attribute in the "event" information Amazon Cognito passes to your
+    #   custom email Lambda function. The only supported value is `V1_0`.
+    #   @return [String]
+    #
+    # @!attribute [rw] lambda_arn
+    #   The Lambda Amazon Resource Name of the Lambda function that Amazon
+    #   Cognito triggers to send email notifications to users.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CustomEmailLambdaVersionConfigType AWS API Documentation
+    #
+    class CustomEmailLambdaVersionConfigType < Struct.new(
+      :lambda_version,
+      :lambda_arn)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # A custom SMS sender Lambda configuration type.
+    #
+    # @note When making an API call, you may pass CustomSMSLambdaVersionConfigType
+    #   data as a hash:
+    #
+    #       {
+    #         lambda_version: "V1_0", # required, accepts V1_0
+    #         lambda_arn: "ArnType", # required
+    #       }
+    #
+    # @!attribute [rw] lambda_version
+    #   The Lambda version represents the signature of the "request"
+    #   attribute in the "event" information Amazon Cognito passes to your
+    #   custom SMS Lambda function. The only supported value is `V1_0`.
+    #   @return [String]
+    #
+    # @!attribute [rw] lambda_arn
+    #   The Lambda Amazon Resource Name of the Lambda function that Amazon
+    #   Cognito triggers to send SMS notifications to users.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CustomSMSLambdaVersionConfigType AWS API Documentation
+    #
+    class CustomSMSLambdaVersionConfigType < Struct.new(
+      :lambda_version,
+      :lambda_arn)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass DeleteGroupRequest
     #   data as a hash:
     #
@@ -4528,6 +4609,16 @@ module Aws::CognitoIdentityProvider
 
     # The email configuration type.
     #
+    # <note markdown="1"> Amazon Cognito has specific regions for use with Amazon SES. For more
+    # information on the supported regions, see [Email Settings for Amazon
+    # Cognito User Pools][1].
+    #
+    #  </note>
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-email.html
+    #
     # @note When making an API call, you may pass EmailConfigurationType
     #   data as a hash:
     #
@@ -4580,6 +4671,29 @@ module Aws::CognitoIdentityProvider
     #     customize the FROM address, provide the ARN of an Amazon SES
     #     verified email address for the `SourceArn` parameter.
     #
+    #     If EmailSendingAccount is COGNITO\_DEFAULT, the following
+    #     parameters aren't allowed:
+    #
+    #     * EmailVerificationMessage
+    #
+    #     * EmailVerificationSubject
+    #
+    #     * InviteMessageTemplate.EmailMessage
+    #
+    #     * InviteMessageTemplate.EmailSubject
+    #
+    #     * VerificationMessageTemplate.EmailMessage
+    #
+    #     * VerificationMessageTemplate.EmailMessageByLink
+    #
+    #     * VerificationMessageTemplate.EmailSubject,
+    #
+    #     * VerificationMessageTemplate.EmailSubjectByLink
+    #
+    #     <note markdown="1"> DEVELOPER EmailSendingAccount is required.
+    #
+    #      </note>
+    #
     #   DEVELOPER
     #
     #   : When Amazon Cognito emails your users, it uses your Amazon SES
@@ -5975,6 +6089,15 @@ module Aws::CognitoIdentityProvider
     #         verify_auth_challenge_response: "ArnType",
     #         pre_token_generation: "ArnType",
     #         user_migration: "ArnType",
+    #         custom_sms_sender: {
+    #           lambda_version: "V1_0", # required, accepts V1_0
+    #           lambda_arn: "ArnType", # required
+    #         },
+    #         custom_email_sender: {
+    #           lambda_version: "V1_0", # required, accepts V1_0
+    #           lambda_arn: "ArnType", # required
+    #         },
+    #         kms_key_id: "ArnType",
     #       }
     #
     # @!attribute [rw] pre_sign_up
@@ -6017,6 +6140,21 @@ module Aws::CognitoIdentityProvider
     #   The user migration Lambda config type.
     #   @return [String]
     #
+    # @!attribute [rw] custom_sms_sender
+    #   A custom SMS sender AWS Lambda trigger.
+    #   @return [Types::CustomSMSLambdaVersionConfigType]
+    #
+    # @!attribute [rw] custom_email_sender
+    #   A custom email sender AWS Lambda trigger.
+    #   @return [Types::CustomEmailLambdaVersionConfigType]
+    #
+    # @!attribute [rw] kms_key_id
+    #   The Amazon Resource Name of Key Management Service [Customer master
+    #   keys](/kms/latest/developerguide/concepts.html#master_keys) . Amazon
+    #   Cognito uses the key to encrypt codes and temporary passwords sent
+    #   to `CustomEmailSender` and `CustomSMSSender`.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/LambdaConfigType AWS API Documentation
     #
     class LambdaConfigType < Struct.new(
@@ -6029,7 +6167,10 @@ module Aws::CognitoIdentityProvider
       :create_auth_challenge,
       :verify_auth_challenge_response,
       :pre_token_generation,
-      :user_migration)
+      :user_migration,
+      :custom_sms_sender,
+      :custom_email_sender,
+      :kms_key_id)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -6690,11 +6831,21 @@ module Aws::CognitoIdentityProvider
     #   @return [String]
     #
     # @!attribute [rw] email_message
-    #   The message template for email messages.
+    #   The message template for email messages. EmailMessage is allowed
+    #   only if [EmailSendingAccount][1] is DEVELOPER.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount
     #   @return [String]
     #
     # @!attribute [rw] email_subject
-    #   The subject line for email messages.
+    #   The subject line for email messages. EmailSubject is allowed only if
+    #   [EmailSendingAccount][1] is DEVELOPER.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/MessageTemplateType AWS API Documentation
@@ -7499,7 +7650,13 @@ module Aws::CognitoIdentityProvider
       include Aws::Structure
     end
 
-    # The type used for enabling SMS MFA at the user level.
+    # The type used for enabling SMS MFA at the user level. Phone numbers
+    # don't need to be verified to be used for SMS MFA. If an MFA type is
+    # enabled for a user, the user will be prompted for MFA during all sign
+    # in attempts, unless device tracking is turned on and the device has
+    # been trusted. If you would like MFA to be applied selectively based on
+    # the assessed risk level of sign in attempts, disable MFA for users and
+    # turn on Adaptive Authentication for the user pool.
     #
     # @note When making an API call, you may pass SMSMfaSettingsType
     #   data as a hash:
@@ -7510,7 +7667,10 @@ module Aws::CognitoIdentityProvider
     #       }
     #
     # @!attribute [rw] enabled
-    #   Specifies whether SMS text message MFA is enabled.
+    #   Specifies whether SMS text message MFA is enabled. If an MFA type is
+    #   enabled for a user, the user will be prompted for MFA during all
+    #   sign in attempts, unless device tracking is turned on and the device
+    #   has been trusted.
     #   @return [Boolean]
     #
     # @!attribute [rw] preferred_mfa
@@ -8119,7 +8279,12 @@ module Aws::CognitoIdentityProvider
     # @!attribute [rw] sns_caller_arn
     #   The Amazon Resource Name (ARN) of the Amazon Simple Notification
     #   Service (SNS) caller. This is the ARN of the IAM role in your AWS
-    #   account which Cognito will use to send SMS messages.
+    #   account which Cognito will use to send SMS messages. SMS messages
+    #   are subject to a [spending limit][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html
     #   @return [String]
     #
     # @!attribute [rw] external_id
@@ -8212,7 +8377,13 @@ module Aws::CognitoIdentityProvider
       include Aws::Structure
     end
 
-    # The type used for enabling software token MFA at the user level.
+    # The type used for enabling software token MFA at the user level. If an
+    # MFA type is enabled for a user, the user will be prompted for MFA
+    # during all sign in attempts, unless device tracking is turned on and
+    # the device has been trusted. If you would like MFA to be applied
+    # selectively based on the assessed risk level of sign in attempts,
+    # disable MFA for users and turn on Adaptive Authentication for the user
+    # pool.
     #
     # @note When making an API call, you may pass SoftwareTokenMfaSettingsType
     #   data as a hash:
@@ -8223,7 +8394,10 @@ module Aws::CognitoIdentityProvider
     #       }
     #
     # @!attribute [rw] enabled
-    #   Specifies whether software token MFA is enabled.
+    #   Specifies whether software token MFA is enabled. If an MFA type is
+    #   enabled for a user, the user will be prompted for MFA during all
+    #   sign in attempts, unless device tracking is turned on and the device
+    #   has been trusted.
     #   @return [Boolean]
     #
     # @!attribute [rw] preferred_mfa
@@ -9281,6 +9455,15 @@ module Aws::CognitoIdentityProvider
     #           verify_auth_challenge_response: "ArnType",
     #           pre_token_generation: "ArnType",
     #           user_migration: "ArnType",
+    #           custom_sms_sender: {
+    #             lambda_version: "V1_0", # required, accepts V1_0
+    #             lambda_arn: "ArnType", # required
+    #           },
+    #           custom_email_sender: {
+    #             lambda_version: "V1_0", # required, accepts V1_0
+    #             lambda_arn: "ArnType", # required
+    #           },
+    #           kms_key_id: "ArnType",
     #         },
     #         auto_verified_attributes: ["phone_number"], # accepts phone_number, email
     #         sms_verification_message: "SmsVerificationMessageType",
@@ -10347,21 +10530,41 @@ module Aws::CognitoIdentityProvider
     #   @return [String]
     #
     # @!attribute [rw] email_message
-    #   The email message template.
+    #   The email message template. EmailMessage is allowed only if [
+    #   EmailSendingAccount][1] is DEVELOPER.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount
     #   @return [String]
     #
     # @!attribute [rw] email_subject
-    #   The subject line for the email message template.
+    #   The subject line for the email message template. EmailSubject is
+    #   allowed only if [EmailSendingAccount][1] is DEVELOPER.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount
     #   @return [String]
     #
     # @!attribute [rw] email_message_by_link
     #   The email message template for sending a confirmation link to the
-    #   user.
+    #   user. EmailMessageByLink is allowed only if [
+    #   EmailSendingAccount][1] is DEVELOPER.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount
     #   @return [String]
     #
     # @!attribute [rw] email_subject_by_link
     #   The subject line for the email message template for sending a
-    #   confirmation link to the user.
+    #   confirmation link to the user. EmailSubjectByLink is allowed only [
+    #   EmailSendingAccount][1] is DEVELOPER.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount
     #   @return [String]
     #
     # @!attribute [rw] default_email_option

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-cognitoidentityprovider
 version: !ruby/object:Gem::Version
-  version: 1.44.0
+  version: 1.49.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-08-18 00:00:00.000000000 Z
+date: 2021-02-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core
@@ -19,7 +19,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.99.0
+        version: 3.112.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.99.0
+        version: 3.112.0
 - !ruby/object:Gem::Dependency
   name: aws-sigv4
   requirement: !ruby/object:Gem::Requirement