UserPool is the Schema for the UserPools API
Type
CRD
Group
cognitoidentityprovider.aws.crossplane.io
Version
v1alpha1
apiVersion: cognitoidentityprovider.aws.crossplane.io/v1alpha1
kind: UserPool
UserPoolSpec defines the desired state of UserPool
UserPoolParameters defines the desired state of UserPool
The available verified method a user can use to recover their password when they call ForgotPassword. You can use this setting to define a preferred method when a user has more than one method available. With this setting, SMS doesn't qualify for a valid password recovery mechanism if the user also has SMS multi-factor authentication (MFA) activated. In the absence of this setting, Amazon Cognito uses the legacy behavior to determine the recovery method where SMS is preferred through email.
The configuration for AdminCreateUser requests.
The message template structure.
Attributes supported as an alias for this user pool. Possible values: phone_number, email, or preferred_username.
The attributes to be auto-verified. Possible values: email, phone_number.
The device configuration.
The email configuration of your user pool. The email configuration type sets your preferred sending method, Amazon Web Services Region, and sender for messages from your user pool.
The Lambda trigger configuration information for the new user pool. In a push model, event sources (such as Amazon S3 and custom applications) need permission to invoke a function. So you must make an extra call to add permission for these event sources to invoke your Lambda function. For more information on using the Lambda API to add permission, see AddPermission (https://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html). For adding permission using the CLI, see add-permission (https://docs.aws.amazon.com/cli/latest/reference/lambda/add-permission.html).
A custom email sender Lambda configuration type.
A custom SMS sender Lambda configuration type.
The policies associated with the new user pool.
The password policy type.
An array of schema attributes for the new user pool. These attributes can be standard or custom attributes.
The SMS configuration with the settings that your Amazon Cognito user pool must use to send an SMS message from your Amazon Web Services account through Amazon Simple Notification Service. To send SMS messages with Amazon SNS in the Amazon Web Services Region that you want, the Amazon Cognito user pool uses an Identity and Access Management (IAM) role in your Amazon Web Services account.
The software token MFA configuration.
Enables advanced security risk detection. Set the key AdvancedSecurityMode to the value "AUDIT".
Specifies whether a user can use an email address or phone number as a username when they sign up.
Case sensitivity on the username input for the selected sign-in option. For example, when case sensitivity is set to False, users can sign in using either "username" or "Username". This configuration is immutable once it has been set. For more information, see UsernameConfigurationType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UsernameConfigurationType.html).
The template for the verification message that the user sees when the app requests permission to access the user's information.
ProviderConfigReference specifies how the provider that will be used to create, observe, update, and delete this managed resource should be configured.
Policies for referencing.
ProviderReference specifies the provider that will be used to create, observe, update, and delete this managed resource. Deprecated: Please use ProviderConfigReference, i.e. providerConfigRef
Policies for referencing.
PublishConnectionDetailsTo specifies the connection secret config which contains a name, metadata and a reference to secret store config to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource.
WriteConnectionSecretToReference specifies the namespace and name of a Secret to which any connection details for this managed resource should be written. Connection details frequently include the endpoint, username, and password required to connect to the managed resource. This field is planned to be replaced in a future release in favor of PublishConnectionDetailsTo. Currently, both could be set independently and connection details would be published to both without affecting each other.
UserPoolStatus defines the observed state of UserPool.
UserPoolObservation defines the observed state of UserPool
A container with the schema attributes of a user pool.
Conditions of the resource.
example
apiVersion: cognitoidentityprovider.aws.crossplane.io/v1alpha1
kind: UserPool
metadata:
name: example
spec:
forProvider:
adminCreateUserConfig:
allowAdminCreateUserOnly: true
inviteMessageTemplate:
emailMessage: |
Your username is:
<br>{username}<br>
<br>and your temporary password is:
<br>{####}<br>
emailSubject: Your temporary password
aliasAttributes:
- email
- phone_number
- preferred_username
mfaConfiguration: ON
poolName: examplePool
region: us-east-1
softwareTokenMFAConfiguration:
enabled: true
userPoolTags:
pool: big
users: best
usernameConfiguration:
caseSensitive: false
providerConfigRef:
name: example