Amazon Cognito Identity Provider Update: Added support for threat protection for custom authentication in Amazon Cognito user pools.

AWS · AWS · commit 7b80112e1b62 · 2024-08-08T18:06:43.000Z
diff --git a/.changes/next-release/feature-AmazonCognitoIdentityProvider-98eebf5.json b/.changes/next-release/feature-AmazonCognitoIdentityProvider-98eebf5.json
@@ -0,0 +1,6 @@
+{
+    "type": "feature",
+    "category": "Amazon Cognito Identity Provider",
+    "contributor": "",
+    "description": "Added support for threat protection for custom authentication in Amazon Cognito user pools."
+}
diff --git a/services/cognitoidentityprovider/src/main/resources/codegen-resources/service-2.json b/services/cognitoidentityprovider/src/main/resources/codegen-resources/service-2.json
@@ -3116,6 +3116,23 @@
       },
       "documentation":"<p>The global sign-out response, as an administrator.</p>"
     },
+    "AdvancedSecurityAdditionalFlowsType":{
+      "type":"structure",
+      "members":{
+        "CustomAuthMode":{
+          "shape":"AdvancedSecurityEnabledModeType",
+          "documentation":"<p>The operating mode of advanced security features in custom authentication with <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html\"> Custom authentication challenge Lambda triggers</a>. </p>"
+        }
+      },
+      "documentation":"<p>Advanced security configuration options for additional authentication types in your user pool, including custom authentication and refresh-token authentication. </p>"
+    },
+    "AdvancedSecurityEnabledModeType":{
+      "type":"string",
+      "enum":[
+        "AUDIT",
+        "ENFORCED"
+      ]
+    },
     "AdvancedSecurityModeType":{
       "type":"string",
       "enum":[
@@ -8169,7 +8186,11 @@
       "members":{
         "AdvancedSecurityMode":{
           "shape":"AdvancedSecurityModeType",
-          "documentation":"<p>The operating mode of advanced security features in your user pool.</p>"
+          "documentation":"<p>The operating mode of advanced security features for standard authentication types in your user pool, including username-password and secure remote password (SRP) authentication. </p>"
+        },
+        "AdvancedSecurityAdditionalFlows":{
+          "shape":"AdvancedSecurityAdditionalFlowsType",
+          "documentation":"<p>Advanced security configuration options for additional authentication types in your user pool, including custom authentication and refresh-token authentication. </p>"
         }
       },
       "documentation":"<p>User pool add-ons. Contains settings for activation of advanced security features. To log user security information but take no action, set to <code>AUDIT</code>. To configure automatic security responses to risky traffic to your user pool, set to <code>ENFORCED</code>.</p> <p>For more information, see <a href=\"https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html\">Adding advanced security to a user pool</a>.</p>"
