class Aws::CognitoIdentityProvider::Types::CreateUserPoolRequest

Represents the request to create a user pool.

@note When making an API call, you may pass CreateUserPoolRequest

data as a hash:

    {
      pool_name: "UserPoolNameType", # required
      policies: {
        password_policy: {
          minimum_length: 1,
          require_uppercase: false,
          require_lowercase: false,
          require_numbers: false,
          require_symbols: false,
          temporary_password_validity_days: 1,
        },
      },
      lambda_config: {
        pre_sign_up: "ArnType",
        custom_message: "ArnType",
        post_confirmation: "ArnType",
        pre_authentication: "ArnType",
        post_authentication: "ArnType",
        define_auth_challenge: "ArnType",
        create_auth_challenge: "ArnType",
        verify_auth_challenge_response: "ArnType",
        pre_token_generation: "ArnType",
        user_migration: "ArnType",
        custom_sms_sender: {
          lambda_version: "V1_0", # required, accepts V1_0
          lambda_arn: "ArnType", # required
        },
        custom_email_sender: {
          lambda_version: "V1_0", # required, accepts V1_0
          lambda_arn: "ArnType", # required
        },
        kms_key_id: "ArnType",
      },
      auto_verified_attributes: ["phone_number"], # accepts phone_number, email
      alias_attributes: ["phone_number"], # accepts phone_number, email, preferred_username
      username_attributes: ["phone_number"], # accepts phone_number, email
      sms_verification_message: "SmsVerificationMessageType",
      email_verification_message: "EmailVerificationMessageType",
      email_verification_subject: "EmailVerificationSubjectType",
      verification_message_template: {
        sms_message: "SmsVerificationMessageType",
        email_message: "EmailVerificationMessageType",
        email_subject: "EmailVerificationSubjectType",
        email_message_by_link: "EmailVerificationMessageByLinkType",
        email_subject_by_link: "EmailVerificationSubjectByLinkType",
        default_email_option: "CONFIRM_WITH_LINK", # accepts CONFIRM_WITH_LINK, CONFIRM_WITH_CODE
      },
      sms_authentication_message: "SmsVerificationMessageType",
      mfa_configuration: "OFF", # accepts OFF, ON, OPTIONAL
      device_configuration: {
        challenge_required_on_new_device: false,
        device_only_remembered_on_user_prompt: false,
      },
      email_configuration: {
        source_arn: "ArnType",
        reply_to_email_address: "EmailAddressType",
        email_sending_account: "COGNITO_DEFAULT", # accepts COGNITO_DEFAULT, DEVELOPER
        from: "StringType",
        configuration_set: "SESConfigurationSet",
      },
      sms_configuration: {
        sns_caller_arn: "ArnType", # required
        external_id: "StringType",
      },
      user_pool_tags: {
        "TagKeysType" => "TagValueType",
      },
      admin_create_user_config: {
        allow_admin_create_user_only: false,
        unused_account_validity_days: 1,
        invite_message_template: {
          sms_message: "SmsVerificationMessageType",
          email_message: "EmailVerificationMessageType",
          email_subject: "EmailVerificationSubjectType",
        },
      },
      schema: [
        {
          name: "CustomAttributeNameType",
          attribute_data_type: "String", # accepts String, Number, DateTime, Boolean
          developer_only_attribute: false,
          mutable: false,
          required: false,
          number_attribute_constraints: {
            min_value: "StringType",
            max_value: "StringType",
          },
          string_attribute_constraints: {
            min_length: "StringType",
            max_length: "StringType",
          },
        },
      ],
      user_pool_add_ons: {
        advanced_security_mode: "OFF", # required, accepts OFF, AUDIT, ENFORCED
      },
      username_configuration: {
        case_sensitive: false, # required
      },
      account_recovery_setting: {
        recovery_mechanisms: [
          {
            priority: 1, # required
            name: "verified_email", # required, accepts verified_email, verified_phone_number, admin_only
          },
        ],
      },
    }

@!attribute [rw] pool_name

A string used to name the user pool.
@return [String]

@!attribute [rw] policies

The policies associated with the new user pool.
@return [Types::UserPoolPolicyType]

@!attribute [rw] lambda_config

The Lambda trigger configuration information for the new user pool.

<note markdown="1"> In a push model, event sources (such as Amazon S3 and custom
applications) need permission to invoke a function. So you will need
to make an extra call to add permission for these event sources to
invoke your Lambda function.

 For more information on using the Lambda API to add permission, see
[ AddPermission ][1].

 For adding permission using the CLI, see [ add-permission ][2].

 </note>

[1]: https://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html
[2]: https://docs.aws.amazon.com/cli/latest/reference/lambda/add-permission.html
@return [Types::LambdaConfigType]

@!attribute [rw] auto_verified_attributes

The attributes to be auto-verified. Possible values: **email**,
**phone\_number**.
@return [Array<String>]

@!attribute [rw] alias_attributes

Attributes supported as an alias for this user pool. Possible
values: **phone\_number**, **email**, or **preferred\_username**.
@return [Array<String>]

@!attribute [rw] username_attributes

Specifies whether email addresses or phone numbers can be specified
as usernames when a user signs up.
@return [Array<String>]

@!attribute [rw] sms_verification_message

A string representing the SMS verification message.
@return [String]

@!attribute [rw] email_verification_message

A string representing the email verification message.
EmailVerificationMessage is allowed only if [EmailSendingAccount][1]
is DEVELOPER.

[1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount
@return [String]

@!attribute [rw] email_verification_subject

A string representing the email verification subject.
EmailVerificationSubject is allowed only if [EmailSendingAccount][1]
is DEVELOPER.

[1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount
@return [String]

@!attribute [rw] verification_message_template

The template for the verification message that the user sees when
the app requests permission to access the user's information.
@return [Types::VerificationMessageTemplateType]

@!attribute [rw] sms_authentication_message

A string representing the SMS authentication message.
@return [String]

@!attribute [rw] mfa_configuration

Specifies MFA configuration details.
@return [String]

@!attribute [rw] device_configuration

The device configuration.
@return [Types::DeviceConfigurationType]

@!attribute [rw] email_configuration

The email configuration.
@return [Types::EmailConfigurationType]

@!attribute [rw] sms_configuration

The SMS configuration.
@return [Types::SmsConfigurationType]

@!attribute [rw] user_pool_tags

The tag keys and values to assign to the user pool. A tag is a label
that you can use to categorize and manage user pools in different
ways, such as by purpose, owner, environment, or other criteria.
@return [Hash<String,String>]

@!attribute [rw] admin_create_user_config

The configuration for `AdminCreateUser` requests.
@return [Types::AdminCreateUserConfigType]

@!attribute [rw] schema

An array of schema attributes for the new user pool. These
attributes can be standard or custom attributes.
@return [Array<Types::SchemaAttributeType>]

@!attribute [rw] user_pool_add_ons

Used to enable advanced security risk detection. Set the key
`AdvancedSecurityMode` to the value "AUDIT".
@return [Types::UserPoolAddOnsType]

@!attribute [rw] username_configuration

You can choose to set case sensitivity on the username input for the
selected sign-in option. For example, when this is set to `False`,
users will be able to sign in using either "username" or
"Username". This configuration is immutable once it has been set.
For more information, see [UsernameConfigurationType][1].

[1]: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UsernameConfigurationType.html
@return [Types::UsernameConfigurationType]

@!attribute [rw] account_recovery_setting

Use this setting to define which verified available method a user
can use to recover their password when they call `ForgotPassword`.
It allows you to define a preferred method when a user has more than
one method available. With this setting, SMS does not qualify for a
valid password recovery mechanism if the user also has SMS MFA
enabled. In the absence of this setting, Cognito uses the legacy
behavior to determine the recovery method where SMS is preferred
over email.
@return [Types::AccountRecoverySettingType]

@see docs.aws.amazon.com/goto/WebAPI/cognito-idp-2016-04-18/CreateUserPoolRequest AWS API Documentation

Constants

SENSITIVE