VaporShell.Cognito.psm1
# PSM1 Contents function Format-Json { [CmdletBinding()] Param ( [Parameter(Mandatory = $true, Position = 0, ValueFromPipeline = $true)] [String] $Json ) Begin { $cleaner = { param([String]$Line) Process{ [Regex]::Replace( $Line, "\\u(?<Value>[a-zA-Z0-9]{4})", { param($m)([char]([int]::Parse( $m.Groups['Value'].Value, [System.Globalization.NumberStyles]::HexNumber ))).ToString() } ) } } } Process { if ($PSVersionTable.PSVersion.Major -lt 6) { try { $indent = 0; $res = $Json -split '\n' | ForEach-Object { if ($_ -match '[\}\]]') { # This line contains ] or }, decrement the indentation level $indent-- } $line = (' ' * $indent * 2) + $_.TrimStart().Replace(': ', ': ') if ($_ -match '[\{\[]') { # This line contains [ or {, increment the indentation level $indent++ } $cleaner.Invoke($line) } $res -join "`n" } catch { ($Json -split '\n' | ForEach-Object {$cleaner.Invoke($_)}) -join "`n" } } else { ($Json -split '\n' | ForEach-Object {$cleaner.Invoke($_)}) -join "`n" } } } function Get-TrueCount { Param ( [parameter(Mandatory = $false,Position = 0,ValueFromPipeline = $true)] $Array ) Process { if ($array) { if ($array.Count) { $count = $array.Count } else { $count = 1 } } else { $count = 0 } } End { return $count } } function New-VSError { <# .SYNOPSIS Error generator function to use in tandem with $PSCmdlet.ThrowTerminatingError() .PARAMETER Result Allows input of an error from AWS SDK, resulting in the Exception message being parsed out. .PARAMETER String Used to create basic String message errors in the same wrapper #> [cmdletbinding(DefaultParameterSetName="Result")] param( [parameter(Position=0,ParameterSetName="Result")] $Result, [parameter(Position=0,ParameterSetName="String")] $String ) switch ($PSCmdlet.ParameterSetName) { Result { $Exception = "$($result.Exception.InnerException.Message)" } String { $Exception = "$String" } } $e = New-Object "System.Exception" $Exception $errorRecord = New-Object 'System.Management.Automation.ErrorRecord' $e, $null, ([System.Management.Automation.ErrorCategory]::InvalidOperation), $null return $errorRecord } function ResolveS3Endpoint { <# .SYNOPSIS Resolves the S3 endpoint most appropriate for each region. #> Param ( [parameter(Mandatory=$true,Position=0)] [ValidateSet("eu-west-2","ap-south-1","us-east-2","sa-east-1","us-west-1","us-west-2","eu-west-1","ap-southeast-2","ca-central-1","ap-northeast-2","us-east-1","eu-central-1","ap-southeast-1","ap-northeast-1")] [String] $Region ) $endpointMap = @{ "us-east-2" = "s3.us-east-2.amazonaws.com" "us-east-1" = "s3.amazonaws.com" "us-west-1" = "s3-us-west-1.amazonaws.com" "us-west-2" = "s3-us-west-2.amazonaws.com" "ca-central-1" = "s3.ca-central-1.amazonaws.com" "ap-south-1" = "s3.ap-south-1.amazonaws.com" "ap-northeast-2" = "s3.ap-northeast-2.amazonaws.com" "ap-southeast-1" = "s3-ap-southeast-1.amazonaws.com" "ap-southeast-2" = "s3-ap-southeast-2.amazonaws.com" "ap-northeast-1" = "s3-ap-northeast-1.amazonaws.com" "eu-central-1" = "s3.eu-central-1.amazonaws.com" "eu-west-1" = "s3-eu-west-1.amazonaws.com" "eu-west-2" = "s3.eu-west-2.amazonaws.com" "sa-east-1" = "s3-sa-east-1.amazonaws.com" } return $endpointMap[$Region] } function Add-VSCognitoIdentityPoolCognitoIdentityProvider { <# .SYNOPSIS Adds an AWS::Cognito::IdentityPool.CognitoIdentityProvider resource property to the template. CognitoIdentityProvider is a property of the AWS::Cognito::IdentityPool: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypool.html resource that represents an Amazon Cognito user pool and its client ID. .DESCRIPTION Adds an AWS::Cognito::IdentityPool.CognitoIdentityProvider resource property to the template. CognitoIdentityProvider is a property of the AWS::Cognito::IdentityPool: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypool.html resource that represents an Amazon Cognito user pool and its client ID. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypool-cognitoidentityprovider.html .PARAMETER ServerSideTokenCheck TRUE if server-side token validation is enabled for the identity provider’s token. After you set the ServerSideTokenCheck to TRUE for an identity pool, that identity pool checks with the integrated user pools to make sure the user has not been globally signed out or deleted before the identity pool provides an OIDC token or AWS credentials for the user. If the user is signed out or deleted, the identity pool returns a 400 Not Authorized error. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypool-cognitoidentityprovider.html#cfn-cognito-identitypool-cognitoidentityprovider-serversidetokencheck PrimitiveType: Boolean UpdateType: Mutable .PARAMETER ProviderName The provider name for an Amazon Cognito user pool. For example: cognito-idp.us-east-2.amazonaws.com/us-east-2_123456789. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypool-cognitoidentityprovider.html#cfn-cognito-identitypool-cognitoidentityprovider-providername PrimitiveType: String UpdateType: Mutable .PARAMETER ClientId The client ID for the Amazon Cognito user pool. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypool-cognitoidentityprovider.html#cfn-cognito-identitypool-cognitoidentityprovider-clientid PrimitiveType: String UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoIdentityPoolCognitoIdentityProvider])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] [object] $ServerSideTokenCheck, [parameter(Mandatory = $false)] [object] $ProviderName, [parameter(Mandatory = $false)] [object] $ClientId ) Process { $obj = [CognitoIdentityPoolCognitoIdentityProvider]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoIdentityPoolCognitoIdentityProvider' function Add-VSCognitoIdentityPoolCognitoStreams { <# .SYNOPSIS Adds an AWS::Cognito::IdentityPool.CognitoStreams resource property to the template. CognitoStreams is a property of the AWS::Cognito::IdentityPool: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypool.html resource that defines configuration options for Amazon Cognito streams. .DESCRIPTION Adds an AWS::Cognito::IdentityPool.CognitoStreams resource property to the template. CognitoStreams is a property of the AWS::Cognito::IdentityPool: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypool.html resource that defines configuration options for Amazon Cognito streams. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypool-cognitostreams.html .PARAMETER StreamingStatus Status of the Amazon Cognito streams. Valid values are: ENABLED or DISABLED. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypool-cognitostreams.html#cfn-cognito-identitypool-cognitostreams-streamingstatus PrimitiveType: String UpdateType: Mutable .PARAMETER StreamName The name of the Amazon Cognito stream to receive updates. This stream must be in the developer's account and in the same Region as the identity pool. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypool-cognitostreams.html#cfn-cognito-identitypool-cognitostreams-streamname PrimitiveType: String UpdateType: Mutable .PARAMETER RoleArn The Amazon Resource Name ARN of the role Amazon Cognito can assume to publish to the stream. This role must grant access to Amazon Cognito cognito-sync to invoke PutRecord on your Amazon Cognito stream. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypool-cognitostreams.html#cfn-cognito-identitypool-cognitostreams-rolearn PrimitiveType: String UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoIdentityPoolCognitoStreams])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] [object] $StreamingStatus, [parameter(Mandatory = $false)] [object] $StreamName, [parameter(Mandatory = $false)] [object] $RoleArn ) Process { $obj = [CognitoIdentityPoolCognitoStreams]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoIdentityPoolCognitoStreams' function Add-VSCognitoIdentityPoolPushSync { <# .SYNOPSIS Adds an AWS::Cognito::IdentityPool.PushSync resource property to the template. PushSync is a property of the AWS::Cognito::IdentityPool: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypool.html resource that defines the configuration options to be applied to an Amazon Cognito identity pool. .DESCRIPTION Adds an AWS::Cognito::IdentityPool.PushSync resource property to the template. PushSync is a property of the AWS::Cognito::IdentityPool: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypool.html resource that defines the configuration options to be applied to an Amazon Cognito identity pool. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypool-pushsync.html .PARAMETER ApplicationArns The ARNs of the Amazon SNS platform applications that could be used by clients. PrimitiveItemType: String Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypool-pushsync.html#cfn-cognito-identitypool-pushsync-applicationarns UpdateType: Mutable .PARAMETER RoleArn An IAM role configured to allow Amazon Cognito to call Amazon SNS on behalf of the developer. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypool-pushsync.html#cfn-cognito-identitypool-pushsync-rolearn PrimitiveType: String UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoIdentityPoolPushSync])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] $ApplicationArns, [parameter(Mandatory = $false)] [object] $RoleArn ) Process { $obj = [CognitoIdentityPoolPushSync]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoIdentityPoolPushSync' function Add-VSCognitoIdentityPoolRoleAttachmentMappingRule { <# .SYNOPSIS Adds an AWS::Cognito::IdentityPoolRoleAttachment.MappingRule resource property to the template. Defines how to map a claim to a role ARN. .DESCRIPTION Adds an AWS::Cognito::IdentityPoolRoleAttachment.MappingRule resource property to the template. Defines how to map a claim to a role ARN. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-mappingrule.html .PARAMETER MatchType The match condition that specifies how closely the claim value in the IdP token must match Value. Valid values are: Equals, Contains, StartsWith, and NotEqual. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-mappingrule.html#cfn-cognito-identitypoolroleattachment-mappingrule-matchtype PrimitiveType: String UpdateType: Mutable .PARAMETER Value A brief string that the claim must match. For example, "paid" or "yes". Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-mappingrule.html#cfn-cognito-identitypoolroleattachment-mappingrule-value PrimitiveType: String UpdateType: Mutable .PARAMETER Claim The claim name that must be present in the token. For example: "isAdmin" or "paid". Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-mappingrule.html#cfn-cognito-identitypoolroleattachment-mappingrule-claim PrimitiveType: String UpdateType: Mutable .PARAMETER RoleARN The Amazon Resource Name ARN of the role. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-mappingrule.html#cfn-cognito-identitypoolroleattachment-mappingrule-rolearn PrimitiveType: String UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoIdentityPoolRoleAttachmentMappingRule])] [cmdletbinding()] Param( [parameter(Mandatory = $true)] [object] $MatchType, [parameter(Mandatory = $true)] [object] $Value, [parameter(Mandatory = $true)] [object] $Claim, [parameter(Mandatory = $true)] [object] $RoleARN ) Process { $obj = [CognitoIdentityPoolRoleAttachmentMappingRule]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoIdentityPoolRoleAttachmentMappingRule' function Add-VSCognitoIdentityPoolRoleAttachmentRoleMapping { <# .SYNOPSIS Adds an AWS::Cognito::IdentityPoolRoleAttachment.RoleMapping resource property to the template. RoleMapping is a property of the AWS::Cognito::IdentityPoolRoleAttachment: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypoolroleattachment.html resource that defines the role-mapping attributes of an Amazon Cognito identity pool. .DESCRIPTION Adds an AWS::Cognito::IdentityPoolRoleAttachment.RoleMapping resource property to the template. RoleMapping is a property of the AWS::Cognito::IdentityPoolRoleAttachment: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypoolroleattachment.html resource that defines the role-mapping attributes of an Amazon Cognito identity pool. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html .PARAMETER Type The role-mapping type. Token uses cognito:roles and cognito:preferred_role claims from the Amazon Cognito identity provider token to map groups to roles. Rules attempts to match claims from the token to map to a role. Valid values are Token or Rules. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html#cfn-cognito-identitypoolroleattachment-rolemapping-type PrimitiveType: String UpdateType: Mutable .PARAMETER AmbiguousRoleResolution Specifies the action to be taken if either no rules match the claim value for the Rules type, or there is no cognito:preferred_role claim and there are multiple cognito:roles matches for the Token type. If you specify Token or Rules as the Type, AmbiguousRoleResolution is required. Valid values are AuthenticatedRole or Deny. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html#cfn-cognito-identitypoolroleattachment-rolemapping-ambiguousroleresolution PrimitiveType: String UpdateType: Mutable .PARAMETER RulesConfiguration The rules to be used for mapping users to roles. If you specify "Rules" as the role-mapping type, RulesConfiguration is required. Type: RulesConfigurationType Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html#cfn-cognito-identitypoolroleattachment-rolemapping-rulesconfiguration UpdateType: Mutable .PARAMETER IdentityProvider Identifier for the identity provider for which the role is mapped. For example: "graph.facebook.com" or "cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id http://cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id". This is the identity provider that is used by the user for authentication. If the identity provider property isn't provided, the key of the entry in the RoleMappings map is used as the identity provider. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html#cfn-cognito-identitypoolroleattachment-rolemapping-identityprovider PrimitiveType: String UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoIdentityPoolRoleAttachmentRoleMapping])] [cmdletbinding()] Param( [parameter(Mandatory = $true)] [object] $Type, [parameter(Mandatory = $false)] [object] $AmbiguousRoleResolution, [parameter(Mandatory = $false)] $RulesConfiguration, [parameter(Mandatory = $false)] [object] $IdentityProvider ) Process { $obj = [CognitoIdentityPoolRoleAttachmentRoleMapping]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoIdentityPoolRoleAttachmentRoleMapping' function Add-VSCognitoIdentityPoolRoleAttachmentRulesConfigurationType { <# .SYNOPSIS Adds an AWS::Cognito::IdentityPoolRoleAttachment.RulesConfigurationType resource property to the template. RulesConfigurationType is a subproperty of the RoleMapping: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html property that defines the rules to be used for mapping users to roles. .DESCRIPTION Adds an AWS::Cognito::IdentityPoolRoleAttachment.RulesConfigurationType resource property to the template. RulesConfigurationType is a subproperty of the RoleMapping: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html property that defines the rules to be used for mapping users to roles. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rulesconfigurationtype.html .PARAMETER Rules The rules. You can specify up to 25 rules per identity provider. Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rulesconfigurationtype.html#cfn-cognito-identitypoolroleattachment-rulesconfigurationtype-rules ItemType: MappingRule UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoIdentityPoolRoleAttachmentRulesConfigurationType])] [cmdletbinding()] Param( [parameter(Mandatory = $true)] [object] $Rules ) Process { $obj = [CognitoIdentityPoolRoleAttachmentRulesConfigurationType]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoIdentityPoolRoleAttachmentRulesConfigurationType' function Add-VSCognitoUserPoolAccountRecoverySetting { <# .SYNOPSIS Adds an AWS::Cognito::UserPool.AccountRecoverySetting resource property to the template. Use this setting to define which verified available method a user can use to recover their password when they call ForgotPassword. It allows you to define a preferred method when a user has more than one method available. With this setting, SMS does not qualify for a valid password recovery mechanism if the user also has SMS MFA enabled. In the absence of this setting, Cognito uses the legacy behavior to determine the recovery method where SMS is preferred over email. .DESCRIPTION Adds an AWS::Cognito::UserPool.AccountRecoverySetting resource property to the template. Use this setting to define which verified available method a user can use to recover their password when they call ForgotPassword. It allows you to define a preferred method when a user has more than one method available. With this setting, SMS does not qualify for a valid password recovery mechanism if the user also has SMS MFA enabled. In the absence of this setting, Cognito uses the legacy behavior to determine the recovery method where SMS is preferred over email. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-accountrecoverysetting.html .PARAMETER RecoveryMechanisms The list of RecoveryOptionTypes. Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-accountrecoverysetting.html#cfn-cognito-userpool-accountrecoverysetting-recoverymechanisms ItemType: RecoveryOption UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolAccountRecoverySetting])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] [object] $RecoveryMechanisms ) Process { $obj = [CognitoUserPoolAccountRecoverySetting]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolAccountRecoverySetting' function Add-VSCognitoUserPoolAdminCreateUserConfig { <# .SYNOPSIS Adds an AWS::Cognito::UserPool.AdminCreateUserConfig resource property to the template. The configuration for AdminCreateUser requests. .DESCRIPTION Adds an AWS::Cognito::UserPool.AdminCreateUserConfig resource property to the template. The configuration for AdminCreateUser requests. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-admincreateuserconfig.html .PARAMETER InviteMessageTemplate The message template to be used for the welcome message to new users. See also Customizing User Invitation Messages: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-message-customizations.html#cognito-user-pool-settings-user-invitation-message-customization. Type: InviteMessageTemplate Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-admincreateuserconfig.html#cfn-cognito-userpool-admincreateuserconfig-invitemessagetemplate UpdateType: Mutable .PARAMETER UnusedAccountValidityDays The user account expiration limit, in days, after which the account is no longer usable. To reset the account after that time limit, you must call AdminCreateUser again, specifying "RESEND" for the MessageAction parameter. The default value for this parameter is 7. If you set a value for TemporaryPasswordValidityDays in PasswordPolicy, that value will be used and UnusedAccountValidityDays will be deprecated for that user pool. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-admincreateuserconfig.html#cfn-cognito-userpool-admincreateuserconfig-unusedaccountvaliditydays PrimitiveType: Integer UpdateType: Mutable .PARAMETER AllowAdminCreateUserOnly Set to True if only the administrator is allowed to create user profiles. Set to False if users can sign themselves up via an app. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-admincreateuserconfig.html#cfn-cognito-userpool-admincreateuserconfig-allowadmincreateuseronly PrimitiveType: Boolean UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolAdminCreateUserConfig])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] $InviteMessageTemplate, [parameter(Mandatory = $false)] [object] $UnusedAccountValidityDays, [parameter(Mandatory = $false)] [object] $AllowAdminCreateUserOnly ) Process { $obj = [CognitoUserPoolAdminCreateUserConfig]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolAdminCreateUserConfig' function Add-VSCognitoUserPoolClientAnalyticsConfiguration { <# .SYNOPSIS Adds an AWS::Cognito::UserPoolClient.AnalyticsConfiguration resource property to the template. The Amazon Pinpoint analytics configuration for collecting metrics for a user pool. .DESCRIPTION Adds an AWS::Cognito::UserPoolClient.AnalyticsConfiguration resource property to the template. The Amazon Pinpoint analytics configuration for collecting metrics for a user pool. **Note** Cognito User Pools only supports sending events to Amazon Pinpoint projects in the US East (N. Virginia us-east-1 Region, regardless of the region in which the user pool resides. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolclient-analyticsconfiguration.html .PARAMETER ApplicationArn *Update requires*: No interruption: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolclient-analyticsconfiguration.html#cfn-cognito-userpoolclient-analyticsconfiguration-applicationarn PrimitiveType: String UpdateType: Mutable .PARAMETER UserDataShared If UserDataShared is true, Amazon Cognito will include user data in the events it publishes to Amazon Pinpoint analytics. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolclient-analyticsconfiguration.html#cfn-cognito-userpoolclient-analyticsconfiguration-userdatashared PrimitiveType: Boolean UpdateType: Mutable .PARAMETER ExternalId The external ID. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolclient-analyticsconfiguration.html#cfn-cognito-userpoolclient-analyticsconfiguration-externalid PrimitiveType: String UpdateType: Mutable .PARAMETER ApplicationId The application ID for an Amazon Pinpoint application. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolclient-analyticsconfiguration.html#cfn-cognito-userpoolclient-analyticsconfiguration-applicationid PrimitiveType: String UpdateType: Mutable .PARAMETER RoleArn The ARN of an IAM role that authorizes Amazon Cognito to publish events to Amazon Pinpoint analytics. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolclient-analyticsconfiguration.html#cfn-cognito-userpoolclient-analyticsconfiguration-rolearn PrimitiveType: String UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolClientAnalyticsConfiguration])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] [object] $ApplicationArn, [parameter(Mandatory = $false)] [object] $UserDataShared, [parameter(Mandatory = $false)] [object] $ExternalId, [parameter(Mandatory = $false)] [object] $ApplicationId, [parameter(Mandatory = $false)] [object] $RoleArn ) Process { $obj = [CognitoUserPoolClientAnalyticsConfiguration]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolClientAnalyticsConfiguration' function Add-VSCognitoUserPoolClientTokenValidityUnits { <# .SYNOPSIS Adds an AWS::Cognito::UserPoolClient.TokenValidityUnits resource property to the template. .DESCRIPTION Adds an AWS::Cognito::UserPoolClient.TokenValidityUnits resource property to the template. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolclient-tokenvalidityunits.html .PARAMETER IdToken Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolclient-tokenvalidityunits.html#cfn-cognito-userpoolclient-tokenvalidityunits-idtoken PrimitiveType: String UpdateType: Mutable .PARAMETER RefreshToken Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolclient-tokenvalidityunits.html#cfn-cognito-userpoolclient-tokenvalidityunits-refreshtoken PrimitiveType: String UpdateType: Mutable .PARAMETER AccessToken Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolclient-tokenvalidityunits.html#cfn-cognito-userpoolclient-tokenvalidityunits-accesstoken PrimitiveType: String UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolClientTokenValidityUnits])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] [object] $IdToken, [parameter(Mandatory = $false)] [object] $RefreshToken, [parameter(Mandatory = $false)] [object] $AccessToken ) Process { $obj = [CognitoUserPoolClientTokenValidityUnits]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolClientTokenValidityUnits' function Add-VSCognitoUserPoolCustomEmailSender { <# .SYNOPSIS Adds an AWS::Cognito::UserPool.CustomEmailSender resource property to the template. .DESCRIPTION Adds an AWS::Cognito::UserPool.CustomEmailSender resource property to the template. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-customemailsender.html .PARAMETER LambdaArn Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-customemailsender.html#cfn-cognito-userpool-customemailsender-lambdaarn PrimitiveType: String UpdateType: Mutable .PARAMETER LambdaVersion Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-customemailsender.html#cfn-cognito-userpool-customemailsender-lambdaversion PrimitiveType: String UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolCustomEmailSender])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] [object] $LambdaArn, [parameter(Mandatory = $false)] [object] $LambdaVersion ) Process { $obj = [CognitoUserPoolCustomEmailSender]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolCustomEmailSender' function Add-VSCognitoUserPoolCustomSMSSender { <# .SYNOPSIS Adds an AWS::Cognito::UserPool.CustomSMSSender resource property to the template. .DESCRIPTION Adds an AWS::Cognito::UserPool.CustomSMSSender resource property to the template. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-customsmssender.html .PARAMETER LambdaArn Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-customsmssender.html#cfn-cognito-userpool-customsmssender-lambdaarn PrimitiveType: String UpdateType: Mutable .PARAMETER LambdaVersion Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-customsmssender.html#cfn-cognito-userpool-customsmssender-lambdaversion PrimitiveType: String UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolCustomSMSSender])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] [object] $LambdaArn, [parameter(Mandatory = $false)] [object] $LambdaVersion ) Process { $obj = [CognitoUserPoolCustomSMSSender]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolCustomSMSSender' function Add-VSCognitoUserPoolDeviceConfiguration { <# .SYNOPSIS Adds an AWS::Cognito::UserPool.DeviceConfiguration resource property to the template. The configuration for the user pool's device tracking. .DESCRIPTION Adds an AWS::Cognito::UserPool.DeviceConfiguration resource property to the template. The configuration for the user pool's device tracking. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-deviceconfiguration.html .PARAMETER DeviceOnlyRememberedOnUserPrompt If true, a device is only remembered on user prompt. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-deviceconfiguration.html#cfn-cognito-userpool-deviceconfiguration-deviceonlyrememberedonuserprompt PrimitiveType: Boolean UpdateType: Mutable .PARAMETER ChallengeRequiredOnNewDevice Indicates whether a challenge is required on a new device. Only applicable to a new device. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-deviceconfiguration.html#cfn-cognito-userpool-deviceconfiguration-challengerequiredonnewdevice PrimitiveType: Boolean UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolDeviceConfiguration])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] [object] $DeviceOnlyRememberedOnUserPrompt, [parameter(Mandatory = $false)] [object] $ChallengeRequiredOnNewDevice ) Process { $obj = [CognitoUserPoolDeviceConfiguration]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolDeviceConfiguration' function Add-VSCognitoUserPoolDomainCustomDomainConfigType { <# .SYNOPSIS Adds an AWS::Cognito::UserPoolDomain.CustomDomainConfigType resource property to the template. The configuration for a custom domain that hosts the sign-up and sign-in webpages for your application. .DESCRIPTION Adds an AWS::Cognito::UserPoolDomain.CustomDomainConfigType resource property to the template. The configuration for a custom domain that hosts the sign-up and sign-in webpages for your application. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpooldomain-customdomainconfigtype.html .PARAMETER CertificateArn The Amazon Resource Name ARN of an AWS Certificate Manager SSL certificate. You use this certificate for the subdomain of your custom domain. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpooldomain-customdomainconfigtype.html#cfn-cognito-userpooldomain-customdomainconfigtype-certificatearn PrimitiveType: String UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolDomainCustomDomainConfigType])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] [object] $CertificateArn ) Process { $obj = [CognitoUserPoolDomainCustomDomainConfigType]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolDomainCustomDomainConfigType' function Add-VSCognitoUserPoolEmailConfiguration { <# .SYNOPSIS Adds an AWS::Cognito::UserPool.EmailConfiguration resource property to the template. The email configuration. .DESCRIPTION Adds an AWS::Cognito::UserPool.EmailConfiguration resource property to the template. The email configuration. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-emailconfiguration.html .PARAMETER ReplyToEmailAddress The destination to which the receiver of the email should reply to. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-emailconfiguration.html#cfn-cognito-userpool-emailconfiguration-replytoemailaddress PrimitiveType: String UpdateType: Mutable .PARAMETER ConfigurationSet The set of configuration rules that can be applied to emails sent using Amazon SES. A configuration set is applied to an email by including a reference to the configuration set in the headers of the email. Once applied, all of the rules in that configuration set are applied to the email. Configuration sets can be used to apply the following types of rules to emails: + Event publishing – Amazon SES can track the number of send, delivery, open, click, bounce, and complaint events for each email sent. Use event publishing to send information about these events to other AWS services such as SNS and CloudWatch. + IP pool management – When leasing dedicated IP addresses with Amazon SES, you can create groups of IP addresses, called dedicated IP pools. You can then associate the dedicated IP pools with configuration sets. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-emailconfiguration.html#cfn-cognito-userpool-emailconfiguration-configurationset PrimitiveType: String UpdateType: Mutable .PARAMETER EmailSendingAccount Specifies whether Amazon Cognito emails your users by using its built-in email functionality or your Amazon SES email configuration. Specify one of the following values: COGNITO_DEFAULT When Amazon Cognito emails your users, it uses its built-in email functionality. When you use the default option, Amazon Cognito allows only a limited number of emails each day for your user pool. For typical production environments, the default email limit is below the required delivery volume. To achieve a higher delivery volume, specify DEVELOPER to use your Amazon SES email configuration. To look up the email delivery limit for the default option, see Limits in Amazon Cognito: https://docs.aws.amazon.com/cognito/latest/developerguide/limits.html in the *Amazon Cognito Developer Guide*. The default FROM address is no-reply@verificationemail.com. To customize the FROM address, provide the ARN of an Amazon SES verified email address for the SourceArn parameter. DEVELOPER When Amazon Cognito emails your users, it uses your Amazon SES configuration. Amazon Cognito calls Amazon SES on your behalf to send email from your verified email address. When you use this option, the email delivery limits are the same limits that apply to your Amazon SES verified email address in your AWS account. If you use this option, you must provide the ARN of an Amazon SES verified email address for the SourceArn parameter. Before Amazon Cognito can email your users, it requires additional permissions to call Amazon SES on your behalf. When you update your user pool with this option, Amazon Cognito creates a *service-linked role*, which is a type of IAM role, in your AWS account. This role contains the permissions that allow Amazon Cognito to access Amazon SES and send email messages with your address. For more information about the service-linked role that Amazon Cognito creates, see Using Service-Linked Roles for Amazon Cognito: https://docs.aws.amazon.com/cognito/latest/developerguide/using-service-linked-roles.html in the *Amazon Cognito Developer Guide*. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-emailconfiguration.html#cfn-cognito-userpool-emailconfiguration-emailsendingaccount PrimitiveType: String UpdateType: Mutable .PARAMETER SourceArn The Amazon Resource Name ARN of a verified email address in Amazon SES. This email address is used in one of the following ways, depending on the value that you specify for the EmailSendingAccount parameter: + If you specify COGNITO_DEFAULT, Amazon Cognito uses this address as the custom FROM address when it emails your users by using its built-in email account. + If you specify DEVELOPER, Amazon Cognito emails your users with this address by calling Amazon SES on your behalf. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-emailconfiguration.html#cfn-cognito-userpool-emailconfiguration-sourcearn PrimitiveType: String UpdateType: Mutable .PARAMETER From Identifies either the sender's email address or the sender's name with their email address. For example, testuser@example.com or Test User <testuser@example.com>. This address appears before the body of the email. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-emailconfiguration.html#cfn-cognito-userpool-emailconfiguration-from PrimitiveType: String UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolEmailConfiguration])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] [object] $ReplyToEmailAddress, [parameter(Mandatory = $false)] [object] $ConfigurationSet, [parameter(Mandatory = $false)] [object] $EmailSendingAccount, [parameter(Mandatory = $false)] [object] $SourceArn, [parameter(Mandatory = $false)] [object] $From ) Process { $obj = [CognitoUserPoolEmailConfiguration]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolEmailConfiguration' function Add-VSCognitoUserPoolInviteMessageTemplate { <# .SYNOPSIS Adds an AWS::Cognito::UserPool.InviteMessageTemplate resource property to the template. The message template to be used for the welcome message to new users. .DESCRIPTION Adds an AWS::Cognito::UserPool.InviteMessageTemplate resource property to the template. The message template to be used for the welcome message to new users. See also Customizing User Invitation Messages: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-message-customizations.html#cognito-user-pool-settings-user-invitation-message-customization. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-invitemessagetemplate.html .PARAMETER EmailMessage The message template for email messages. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-invitemessagetemplate.html#cfn-cognito-userpool-invitemessagetemplate-emailmessage PrimitiveType: String UpdateType: Mutable .PARAMETER SMSMessage The message template for SMS messages. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-invitemessagetemplate.html#cfn-cognito-userpool-invitemessagetemplate-smsmessage PrimitiveType: String UpdateType: Mutable .PARAMETER EmailSubject The subject line for email messages. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-invitemessagetemplate.html#cfn-cognito-userpool-invitemessagetemplate-emailsubject PrimitiveType: String UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolInviteMessageTemplate])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] [object] $EmailMessage, [parameter(Mandatory = $false)] [object] $SMSMessage, [parameter(Mandatory = $false)] [object] $EmailSubject ) Process { $obj = [CognitoUserPoolInviteMessageTemplate]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolInviteMessageTemplate' function Add-VSCognitoUserPoolLambdaConfig { <# .SYNOPSIS Adds an AWS::Cognito::UserPool.LambdaConfig resource property to the template. Specifies the configuration for AWS Lambda triggers. .DESCRIPTION Adds an AWS::Cognito::UserPool.LambdaConfig resource property to the template. Specifies the configuration for AWS Lambda triggers. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-lambdaconfig.html .PARAMETER CreateAuthChallenge Creates an authentication challenge. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-lambdaconfig.html#cfn-cognito-userpool-lambdaconfig-createauthchallenge PrimitiveType: String UpdateType: Mutable .PARAMETER PreSignUp A pre-registration AWS Lambda trigger. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-lambdaconfig.html#cfn-cognito-userpool-lambdaconfig-presignup PrimitiveType: String UpdateType: Mutable .PARAMETER KMSKeyID *Update requires*: No interruption: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-lambdaconfig.html#cfn-cognito-userpool-lambdaconfig-kmskeyid PrimitiveType: String UpdateType: Mutable .PARAMETER UserMigration The user migration Lambda config type. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-lambdaconfig.html#cfn-cognito-userpool-lambdaconfig-usermigration PrimitiveType: String UpdateType: Mutable .PARAMETER PostAuthentication A post-authentication AWS Lambda trigger. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-lambdaconfig.html#cfn-cognito-userpool-lambdaconfig-postauthentication PrimitiveType: String UpdateType: Mutable .PARAMETER VerifyAuthChallengeResponse Verifies the authentication challenge response. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-lambdaconfig.html#cfn-cognito-userpool-lambdaconfig-verifyauthchallengeresponse PrimitiveType: String UpdateType: Mutable .PARAMETER PreAuthentication A pre-authentication AWS Lambda trigger. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-lambdaconfig.html#cfn-cognito-userpool-lambdaconfig-preauthentication PrimitiveType: String UpdateType: Mutable .PARAMETER DefineAuthChallenge Defines the authentication challenge. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-lambdaconfig.html#cfn-cognito-userpool-lambdaconfig-defineauthchallenge PrimitiveType: String UpdateType: Mutable .PARAMETER PreTokenGeneration A Lambda trigger that is invoked before token generation. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-lambdaconfig.html#cfn-cognito-userpool-lambdaconfig-pretokengeneration PrimitiveType: String UpdateType: Mutable .PARAMETER CustomSMSSender *Update requires*: No interruption: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt Type: CustomSMSSender Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-lambdaconfig.html#cfn-cognito-userpool-lambdaconfig-customsmssender UpdateType: Mutable .PARAMETER PostConfirmation A post-confirmation AWS Lambda trigger. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-lambdaconfig.html#cfn-cognito-userpool-lambdaconfig-postconfirmation PrimitiveType: String UpdateType: Mutable .PARAMETER CustomMessage A custom Message AWS Lambda trigger. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-lambdaconfig.html#cfn-cognito-userpool-lambdaconfig-custommessage PrimitiveType: String UpdateType: Mutable .PARAMETER CustomEmailSender *Update requires*: No interruption: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt Type: CustomEmailSender Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-lambdaconfig.html#cfn-cognito-userpool-lambdaconfig-customemailsender UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolLambdaConfig])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] [object] $CreateAuthChallenge, [parameter(Mandatory = $false)] [object] $PreSignUp, [parameter(Mandatory = $false)] [object] $KMSKeyID, [parameter(Mandatory = $false)] [object] $UserMigration, [parameter(Mandatory = $false)] [object] $PostAuthentication, [parameter(Mandatory = $false)] [object] $VerifyAuthChallengeResponse, [parameter(Mandatory = $false)] [object] $PreAuthentication, [parameter(Mandatory = $false)] [object] $DefineAuthChallenge, [parameter(Mandatory = $false)] [object] $PreTokenGeneration, [parameter(Mandatory = $false)] $CustomSMSSender, [parameter(Mandatory = $false)] [object] $PostConfirmation, [parameter(Mandatory = $false)] [object] $CustomMessage, [parameter(Mandatory = $false)] $CustomEmailSender ) Process { $obj = [CognitoUserPoolLambdaConfig]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolLambdaConfig' function Add-VSCognitoUserPoolNumberAttributeConstraints { <# .SYNOPSIS Adds an AWS::Cognito::UserPool.NumberAttributeConstraints resource property to the template. The minimum and maximum value of an attribute that is of the number data type. .DESCRIPTION Adds an AWS::Cognito::UserPool.NumberAttributeConstraints resource property to the template. The minimum and maximum value of an attribute that is of the number data type. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-numberattributeconstraints.html .PARAMETER MinValue The minimum value of an attribute that is of the number data type. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-numberattributeconstraints.html#cfn-cognito-userpool-numberattributeconstraints-minvalue PrimitiveType: String UpdateType: Mutable .PARAMETER MaxValue The maximum value of an attribute that is of the number data type. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-numberattributeconstraints.html#cfn-cognito-userpool-numberattributeconstraints-maxvalue PrimitiveType: String UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolNumberAttributeConstraints])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] [object] $MinValue, [parameter(Mandatory = $false)] [object] $MaxValue ) Process { $obj = [CognitoUserPoolNumberAttributeConstraints]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolNumberAttributeConstraints' function Add-VSCognitoUserPoolPasswordPolicy { <# .SYNOPSIS Adds an AWS::Cognito::UserPool.PasswordPolicy resource property to the template. The password policy type. .DESCRIPTION Adds an AWS::Cognito::UserPool.PasswordPolicy resource property to the template. The password policy type. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-passwordpolicy.html .PARAMETER RequireNumbers In the password policy that you have set, refers to whether you have required users to use at least one number in their password. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-passwordpolicy.html#cfn-cognito-userpool-passwordpolicy-requirenumbers PrimitiveType: Boolean UpdateType: Mutable .PARAMETER MinimumLength The minimum length of the password policy that you have set. Cannot be less than 6. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-passwordpolicy.html#cfn-cognito-userpool-passwordpolicy-minimumlength PrimitiveType: Integer UpdateType: Mutable .PARAMETER TemporaryPasswordValidityDays In the password policy you have set, refers to the number of days a temporary password is valid. If the user does not sign-in during this time, their password will need to be reset by an administrator. When you set TemporaryPasswordValidityDays for a user pool, you will no longer be able to set the deprecated UnusedAccountValidityDays value for that user pool. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-passwordpolicy.html#cfn-cognito-userpool-passwordpolicy-temporarypasswordvaliditydays PrimitiveType: Integer UpdateType: Mutable .PARAMETER RequireUppercase In the password policy that you have set, refers to whether you have required users to use at least one uppercase letter in their password. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-passwordpolicy.html#cfn-cognito-userpool-passwordpolicy-requireuppercase PrimitiveType: Boolean UpdateType: Mutable .PARAMETER RequireLowercase In the password policy that you have set, refers to whether you have required users to use at least one lowercase letter in their password. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-passwordpolicy.html#cfn-cognito-userpool-passwordpolicy-requirelowercase PrimitiveType: Boolean UpdateType: Mutable .PARAMETER RequireSymbols In the password policy that you have set, refers to whether you have required users to use at least one symbol in their password. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-passwordpolicy.html#cfn-cognito-userpool-passwordpolicy-requiresymbols PrimitiveType: Boolean UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolPasswordPolicy])] [cmdletbinding()] [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingPlainTextForPassword","TemporaryPasswordValidityDays")] [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingUserNameAndPasswordParams","TemporaryPasswordValidityDays")] Param( [parameter(Mandatory = $false)] [object] $RequireNumbers, [parameter(Mandatory = $false)] [object] $MinimumLength, [parameter(Mandatory = $false)] [object] $TemporaryPasswordValidityDays, [parameter(Mandatory = $false)] [object] $RequireUppercase, [parameter(Mandatory = $false)] [object] $RequireLowercase, [parameter(Mandatory = $false)] [object] $RequireSymbols ) Process { $obj = [CognitoUserPoolPasswordPolicy]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolPasswordPolicy' function Add-VSCognitoUserPoolPolicies { <# .SYNOPSIS Adds an AWS::Cognito::UserPool.Policies resource property to the template. The policy associated with a user pool. .DESCRIPTION Adds an AWS::Cognito::UserPool.Policies resource property to the template. The policy associated with a user pool. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-policies.html .PARAMETER PasswordPolicy The password policy. Type: PasswordPolicy Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-policies.html#cfn-cognito-userpool-policies-passwordpolicy UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolPolicies])] [cmdletbinding()] [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingPlainTextForPassword","PasswordPolicy")] [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingUserNameAndPasswordParams","PasswordPolicy")] Param( [parameter(Mandatory = $false)] $PasswordPolicy ) Process { $obj = [CognitoUserPoolPolicies]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolPolicies' function Add-VSCognitoUserPoolRecoveryOption { <# .SYNOPSIS Adds an AWS::Cognito::UserPool.RecoveryOption resource property to the template. A map containing a priority as a key, and recovery method name as a value. .DESCRIPTION Adds an AWS::Cognito::UserPool.RecoveryOption resource property to the template. A map containing a priority as a key, and recovery method name as a value. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-recoveryoption.html .PARAMETER Priority A positive integer specifying priority of a method with 1 being the highest priority. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-recoveryoption.html#cfn-cognito-userpool-recoveryoption-priority PrimitiveType: Integer UpdateType: Mutable .PARAMETER Name Specifies the recovery method for a user. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-recoveryoption.html#cfn-cognito-userpool-recoveryoption-name PrimitiveType: String UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolRecoveryOption])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] [object] $Priority, [parameter(Mandatory = $false)] [object] $Name ) Process { $obj = [CognitoUserPoolRecoveryOption]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolRecoveryOption' function Add-VSCognitoUserPoolResourceServerResourceServerScopeType { <# .SYNOPSIS Adds an AWS::Cognito::UserPoolResourceServer.ResourceServerScopeType resource property to the template. A resource server scope. .DESCRIPTION Adds an AWS::Cognito::UserPoolResourceServer.ResourceServerScopeType resource property to the template. A resource server scope. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolresourceserver-resourceserverscopetype.html .PARAMETER ScopeName The name of the scope. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolresourceserver-resourceserverscopetype.html#cfn-cognito-userpoolresourceserver-resourceserverscopetype-scopename PrimitiveType: String UpdateType: Mutable .PARAMETER ScopeDescription A description of the scope. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolresourceserver-resourceserverscopetype.html#cfn-cognito-userpoolresourceserver-resourceserverscopetype-scopedescription PrimitiveType: String UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolResourceServerResourceServerScopeType])] [cmdletbinding()] Param( [parameter(Mandatory = $true)] [object] $ScopeName, [parameter(Mandatory = $true)] [object] $ScopeDescription ) Process { $obj = [CognitoUserPoolResourceServerResourceServerScopeType]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolResourceServerResourceServerScopeType' function Add-VSCognitoUserPoolRiskConfigurationAttachmentAccountTakeoverActionsType { <# .SYNOPSIS Adds an AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionsType resource property to the template. Account takeover actions type. .DESCRIPTION Adds an AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionsType resource property to the template. Account takeover actions type. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-accounttakeoveractionstype.html .PARAMETER HighAction Action to take for a high risk. Type: AccountTakeoverActionType Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-accounttakeoveractionstype.html#cfn-cognito-userpoolriskconfigurationattachment-accounttakeoveractionstype-highaction UpdateType: Mutable .PARAMETER LowAction Action to take for a low risk. Type: AccountTakeoverActionType Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-accounttakeoveractionstype.html#cfn-cognito-userpoolriskconfigurationattachment-accounttakeoveractionstype-lowaction UpdateType: Mutable .PARAMETER MediumAction Action to take for a medium risk. Type: AccountTakeoverActionType Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-accounttakeoveractionstype.html#cfn-cognito-userpoolriskconfigurationattachment-accounttakeoveractionstype-mediumaction UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolRiskConfigurationAttachmentAccountTakeoverActionsType])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] $HighAction, [parameter(Mandatory = $false)] $LowAction, [parameter(Mandatory = $false)] $MediumAction ) Process { $obj = [CognitoUserPoolRiskConfigurationAttachmentAccountTakeoverActionsType]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolRiskConfigurationAttachmentAccountTakeoverActionsType' function Add-VSCognitoUserPoolRiskConfigurationAttachmentAccountTakeoverActionType { <# .SYNOPSIS Adds an AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType resource property to the template. Account takeover action type. .DESCRIPTION Adds an AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverActionType resource property to the template. Account takeover action type. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-accounttakeoveractiontype.html .PARAMETER Notify Flag specifying whether to send a notification. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-accounttakeoveractiontype.html#cfn-cognito-userpoolriskconfigurationattachment-accounttakeoveractiontype-notify PrimitiveType: Boolean UpdateType: Mutable .PARAMETER EventAction The event action. + BLOCK Choosing this action will block the request. + MFA_IF_CONFIGURED Throw MFA challenge if user has configured it, else allow the request. + MFA_REQUIRED Throw MFA challenge if user has configured it, else block the request. + NO_ACTION Allow the user sign-in. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-accounttakeoveractiontype.html#cfn-cognito-userpoolriskconfigurationattachment-accounttakeoveractiontype-eventaction PrimitiveType: String UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolRiskConfigurationAttachmentAccountTakeoverActionType])] [cmdletbinding()] Param( [parameter(Mandatory = $true)] [object] $Notify, [parameter(Mandatory = $true)] [object] $EventAction ) Process { $obj = [CognitoUserPoolRiskConfigurationAttachmentAccountTakeoverActionType]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolRiskConfigurationAttachmentAccountTakeoverActionType' function Add-VSCognitoUserPoolRiskConfigurationAttachmentAccountTakeoverRiskConfigurationType { <# .SYNOPSIS Adds an AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverRiskConfigurationType resource property to the template. Configuration for mitigation actions and notification for different levels of risk detected for a potential account takeover. .DESCRIPTION Adds an AWS::Cognito::UserPoolRiskConfigurationAttachment.AccountTakeoverRiskConfigurationType resource property to the template. Configuration for mitigation actions and notification for different levels of risk detected for a potential account takeover. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-accounttakeoverriskconfigurationtype.html .PARAMETER Actions Account takeover risk configuration actions Type: AccountTakeoverActionsType Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-accounttakeoverriskconfigurationtype.html#cfn-cognito-userpoolriskconfigurationattachment-accounttakeoverriskconfigurationtype-actions UpdateType: Mutable .PARAMETER NotifyConfiguration The notify configuration used to construct email notifications. Type: NotifyConfigurationType Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-accounttakeoverriskconfigurationtype.html#cfn-cognito-userpoolriskconfigurationattachment-accounttakeoverriskconfigurationtype-notifyconfiguration UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolRiskConfigurationAttachmentAccountTakeoverRiskConfigurationType])] [cmdletbinding()] Param( [parameter(Mandatory = $true)] $Actions, [parameter(Mandatory = $false)] $NotifyConfiguration ) Process { $obj = [CognitoUserPoolRiskConfigurationAttachmentAccountTakeoverRiskConfigurationType]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolRiskConfigurationAttachmentAccountTakeoverRiskConfigurationType' function Add-VSCognitoUserPoolRiskConfigurationAttachmentCompromisedCredentialsActionsType { <# .SYNOPSIS Adds an AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsActionsType resource property to the template. The compromised credentials actions type .DESCRIPTION Adds an AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsActionsType resource property to the template. The compromised credentials actions type .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-compromisedcredentialsactionstype.html .PARAMETER EventAction The event action. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-compromisedcredentialsactionstype.html#cfn-cognito-userpoolriskconfigurationattachment-compromisedcredentialsactionstype-eventaction PrimitiveType: String UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolRiskConfigurationAttachmentCompromisedCredentialsActionsType])] [cmdletbinding()] Param( [parameter(Mandatory = $true)] [object] $EventAction ) Process { $obj = [CognitoUserPoolRiskConfigurationAttachmentCompromisedCredentialsActionsType]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolRiskConfigurationAttachmentCompromisedCredentialsActionsType' function Add-VSCognitoUserPoolRiskConfigurationAttachmentCompromisedCredentialsRiskConfigurationType { <# .SYNOPSIS Adds an AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsRiskConfigurationType resource property to the template. The compromised credentials risk configuration type. .DESCRIPTION Adds an AWS::Cognito::UserPoolRiskConfigurationAttachment.CompromisedCredentialsRiskConfigurationType resource property to the template. The compromised credentials risk configuration type. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-compromisedcredentialsriskconfigurationtype.html .PARAMETER Actions The compromised credentials risk configuration actions. Type: CompromisedCredentialsActionsType Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-compromisedcredentialsriskconfigurationtype.html#cfn-cognito-userpoolriskconfigurationattachment-compromisedcredentialsriskconfigurationtype-actions UpdateType: Mutable .PARAMETER EventFilter Perform the action for these events. The default is to perform all events if no event filter is specified. PrimitiveItemType: String Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-compromisedcredentialsriskconfigurationtype.html#cfn-cognito-userpoolriskconfigurationattachment-compromisedcredentialsriskconfigurationtype-eventfilter UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolRiskConfigurationAttachmentCompromisedCredentialsRiskConfigurationType])] [cmdletbinding()] Param( [parameter(Mandatory = $true)] $Actions, [parameter(Mandatory = $false)] $EventFilter ) Process { $obj = [CognitoUserPoolRiskConfigurationAttachmentCompromisedCredentialsRiskConfigurationType]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolRiskConfigurationAttachmentCompromisedCredentialsRiskConfigurationType' function Add-VSCognitoUserPoolRiskConfigurationAttachmentNotifyConfigurationType { <# .SYNOPSIS Adds an AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyConfigurationType resource property to the template. The notify configuration type. .DESCRIPTION Adds an AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyConfigurationType resource property to the template. The notify configuration type. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype.html .PARAMETER BlockEmail Email template used when a detected risk event is blocked. Type: NotifyEmailType Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype.html#cfn-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype-blockemail UpdateType: Mutable .PARAMETER ReplyTo The destination to which the receiver of an email should reply to. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype.html#cfn-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype-replyto PrimitiveType: String UpdateType: Mutable .PARAMETER SourceArn The Amazon Resource Name ARN of the identity that is associated with the sending authorization policy. It permits Amazon Cognito to send for the email address specified in the From parameter. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype.html#cfn-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype-sourcearn PrimitiveType: String UpdateType: Mutable .PARAMETER NoActionEmail The email template used when a detected risk event is allowed. Type: NotifyEmailType Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype.html#cfn-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype-noactionemail UpdateType: Mutable .PARAMETER From The email address that is sending the email. It must be either individually verified with Amazon SES, or from a domain that has been verified with Amazon SES. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype.html#cfn-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype-from PrimitiveType: String UpdateType: Mutable .PARAMETER MfaEmail The MFA email template used when MFA is challenged as part of a detected risk. Type: NotifyEmailType Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype.html#cfn-cognito-userpoolriskconfigurationattachment-notifyconfigurationtype-mfaemail UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolRiskConfigurationAttachmentNotifyConfigurationType])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] $BlockEmail, [parameter(Mandatory = $false)] [object] $ReplyTo, [parameter(Mandatory = $true)] [object] $SourceArn, [parameter(Mandatory = $false)] $NoActionEmail, [parameter(Mandatory = $false)] [object] $From, [parameter(Mandatory = $false)] $MfaEmail ) Process { $obj = [CognitoUserPoolRiskConfigurationAttachmentNotifyConfigurationType]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolRiskConfigurationAttachmentNotifyConfigurationType' function Add-VSCognitoUserPoolRiskConfigurationAttachmentNotifyEmailType { <# .SYNOPSIS Adds an AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType resource property to the template. The notify email type. .DESCRIPTION Adds an AWS::Cognito::UserPoolRiskConfigurationAttachment.NotifyEmailType resource property to the template. The notify email type. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-notifyemailtype.html .PARAMETER TextBody The text body. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-notifyemailtype.html#cfn-cognito-userpoolriskconfigurationattachment-notifyemailtype-textbody PrimitiveType: String UpdateType: Mutable .PARAMETER HtmlBody The HTML body. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-notifyemailtype.html#cfn-cognito-userpoolriskconfigurationattachment-notifyemailtype-htmlbody PrimitiveType: String UpdateType: Mutable .PARAMETER Subject The subject. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-notifyemailtype.html#cfn-cognito-userpoolriskconfigurationattachment-notifyemailtype-subject PrimitiveType: String UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolRiskConfigurationAttachmentNotifyEmailType])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] [object] $TextBody, [parameter(Mandatory = $false)] [object] $HtmlBody, [parameter(Mandatory = $true)] [object] $Subject ) Process { $obj = [CognitoUserPoolRiskConfigurationAttachmentNotifyEmailType]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolRiskConfigurationAttachmentNotifyEmailType' function Add-VSCognitoUserPoolRiskConfigurationAttachmentRiskExceptionConfigurationType { <# .SYNOPSIS Adds an AWS::Cognito::UserPoolRiskConfigurationAttachment.RiskExceptionConfigurationType resource property to the template. The type of the configuration to override the risk decision. .DESCRIPTION Adds an AWS::Cognito::UserPoolRiskConfigurationAttachment.RiskExceptionConfigurationType resource property to the template. The type of the configuration to override the risk decision. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-riskexceptionconfigurationtype.html .PARAMETER BlockedIPRangeList Overrides the risk decision to always block the pre-authentication requests. The IP range is in CIDR notation: a compact representation of an IP address and its associated routing prefix. PrimitiveItemType: String Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-riskexceptionconfigurationtype.html#cfn-cognito-userpoolriskconfigurationattachment-riskexceptionconfigurationtype-blockediprangelist UpdateType: Mutable .PARAMETER SkippedIPRangeList Risk detection is not performed on the IP addresses in the range list. The IP range is in CIDR notation. PrimitiveItemType: String Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpoolriskconfigurationattachment-riskexceptionconfigurationtype.html#cfn-cognito-userpoolriskconfigurationattachment-riskexceptionconfigurationtype-skippediprangelist UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolRiskConfigurationAttachmentRiskExceptionConfigurationType])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] $BlockedIPRangeList, [parameter(Mandatory = $false)] $SkippedIPRangeList ) Process { $obj = [CognitoUserPoolRiskConfigurationAttachmentRiskExceptionConfigurationType]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolRiskConfigurationAttachmentRiskExceptionConfigurationType' function Add-VSCognitoUserPoolSchemaAttribute { <# .SYNOPSIS Adds an AWS::Cognito::UserPool.SchemaAttribute resource property to the template. Contains information about the schema attribute. .DESCRIPTION Adds an AWS::Cognito::UserPool.SchemaAttribute resource property to the template. Contains information about the schema attribute. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-schemaattribute.html .PARAMETER DeveloperOnlyAttribute We recommend that you use WriteAttributes: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UserPoolClientType.html#CognitoUserPools-Type-UserPoolClientType-WriteAttributes in the user pool client to control how attributes can be mutated for new use cases instead of using DeveloperOnlyAttribute. Specifies whether the attribute type is developer only. This attribute can only be modified by an administrator. Users will not be able to modify this attribute using their access token. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-schemaattribute.html#cfn-cognito-userpool-schemaattribute-developeronlyattribute PrimitiveType: Boolean UpdateType: Mutable .PARAMETER Mutable Specifies whether the value of the attribute can be changed. For any user pool attribute that's mapped to an identity provider attribute, you must set this parameter to true. Amazon Cognito updates mapped attributes when users sign in to your application through an identity provider. If an attribute is immutable, Amazon Cognito throws an error when it attempts to update the attribute. For more information, see Specifying Identity Provider Attribute Mappings for Your User Pool: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-schemaattribute.html#cfn-cognito-userpool-schemaattribute-mutable PrimitiveType: Boolean UpdateType: Mutable .PARAMETER AttributeDataType The attribute data type. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-schemaattribute.html#cfn-cognito-userpool-schemaattribute-attributedatatype PrimitiveType: String UpdateType: Mutable .PARAMETER StringAttributeConstraints Specifies the constraints for an attribute of the string type. Type: StringAttributeConstraints Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-schemaattribute.html#cfn-cognito-userpool-schemaattribute-stringattributeconstraints UpdateType: Mutable .PARAMETER Required Specifies whether a user pool attribute is required. If the attribute is required and the user does not provide a value, registration or sign-in will fail. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-schemaattribute.html#cfn-cognito-userpool-schemaattribute-required PrimitiveType: Boolean UpdateType: Mutable .PARAMETER NumberAttributeConstraints Specifies the constraints for an attribute of the number type. Type: NumberAttributeConstraints Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-schemaattribute.html#cfn-cognito-userpool-schemaattribute-numberattributeconstraints UpdateType: Mutable .PARAMETER Name A schema attribute of the name type. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-schemaattribute.html#cfn-cognito-userpool-schemaattribute-name PrimitiveType: String UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolSchemaAttribute])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] [object] $DeveloperOnlyAttribute, [parameter(Mandatory = $false)] [object] $Mutable, [parameter(Mandatory = $false)] [object] $AttributeDataType, [parameter(Mandatory = $false)] $StringAttributeConstraints, [parameter(Mandatory = $false)] [object] $Required, [parameter(Mandatory = $false)] $NumberAttributeConstraints, [parameter(Mandatory = $false)] [object] $Name ) Process { $obj = [CognitoUserPoolSchemaAttribute]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolSchemaAttribute' function Add-VSCognitoUserPoolSmsConfiguration { <# .SYNOPSIS Adds an AWS::Cognito::UserPool.SmsConfiguration resource property to the template. The SMS configuration type that includes the settings the Cognito User Pool needs to call for the Amazon SNS service to send an SMS message from your AWS account. The Cognito User Pool makes the request to the Amazon SNS Service by using an AWS IAM role that you provide for your AWS account. .DESCRIPTION Adds an AWS::Cognito::UserPool.SmsConfiguration resource property to the template. The SMS configuration type that includes the settings the Cognito User Pool needs to call for the Amazon SNS service to send an SMS message from your AWS account. The Cognito User Pool makes the request to the Amazon SNS Service by using an AWS IAM role that you provide for your AWS account. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-smsconfiguration.html .PARAMETER ExternalId The external ID is a value. We recommend you use ExternalIdto add security to your IAM role, which is used to call Amazon SNS to send SMS messages for your user pool. If you provide an ExternalId, the Cognito User Pool uses it when attempting to assume your IAM role. You can also set your roles trust policy to require the ExternalID. If you use the Cognito Management Console to create a role for SMS MFA, Cognito creates a role with the required permissions and a trust policy that uses ExternalId. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-smsconfiguration.html#cfn-cognito-userpool-smsconfiguration-externalid PrimitiveType: String UpdateType: Mutable .PARAMETER SnsCallerArn The Amazon Resource Name ARN of the Amazon Simple Notification Service SNS caller. This is the ARN of the IAM role in your AWS account which Cognito will use to send SMS messages. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-smsconfiguration.html#cfn-cognito-userpool-smsconfiguration-snscallerarn PrimitiveType: String UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolSmsConfiguration])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] [object] $ExternalId, [parameter(Mandatory = $false)] [object] $SnsCallerArn ) Process { $obj = [CognitoUserPoolSmsConfiguration]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolSmsConfiguration' function Add-VSCognitoUserPoolStringAttributeConstraints { <# .SYNOPSIS Adds an AWS::Cognito::UserPool.StringAttributeConstraints resource property to the template. The StringAttributeConstraints property type defines the string attribute constraints of an Amazon Cognito user pool. StringAttributeConstraints is a subproperty of the SchemaAttribute: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-schemaattribute.html property type. .DESCRIPTION Adds an AWS::Cognito::UserPool.StringAttributeConstraints resource property to the template. The StringAttributeConstraints property type defines the string attribute constraints of an Amazon Cognito user pool. StringAttributeConstraints is a subproperty of the SchemaAttribute: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-schemaattribute.html property type. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-stringattributeconstraints.html .PARAMETER MinLength The minimum length. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-stringattributeconstraints.html#cfn-cognito-userpool-stringattributeconstraints-minlength PrimitiveType: String UpdateType: Mutable .PARAMETER MaxLength The maximum length. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-stringattributeconstraints.html#cfn-cognito-userpool-stringattributeconstraints-maxlength PrimitiveType: String UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolStringAttributeConstraints])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] [object] $MinLength, [parameter(Mandatory = $false)] [object] $MaxLength ) Process { $obj = [CognitoUserPoolStringAttributeConstraints]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolStringAttributeConstraints' function Add-VSCognitoUserPoolUserAttributeType { <# .SYNOPSIS Adds an AWS::Cognito::UserPoolUser.AttributeType resource property to the template. Specifies whether the attribute is standard or custom. .DESCRIPTION Adds an AWS::Cognito::UserPoolUser.AttributeType resource property to the template. Specifies whether the attribute is standard or custom. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpooluser-attributetype.html .PARAMETER Value The value of the attribute. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpooluser-attributetype.html#cfn-cognito-userpooluser-attributetype-value PrimitiveType: String UpdateType: Mutable .PARAMETER Name The name of the attribute. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpooluser-attributetype.html#cfn-cognito-userpooluser-attributetype-name PrimitiveType: String UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolUserAttributeType])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] [object] $Value, [parameter(Mandatory = $false)] [object] $Name ) Process { $obj = [CognitoUserPoolUserAttributeType]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolUserAttributeType' function Add-VSCognitoUserPoolUsernameConfiguration { <# .SYNOPSIS Adds an AWS::Cognito::UserPool.UsernameConfiguration resource property to the template. The UsernameConfiguration property type specifies case sensitivity on the username input for the selected sign-in option. .DESCRIPTION Adds an AWS::Cognito::UserPool.UsernameConfiguration resource property to the template. The UsernameConfiguration property type specifies case sensitivity on the username input for the selected sign-in option. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-usernameconfiguration.html .PARAMETER CaseSensitive Specifies whether username case sensitivity will be applied for all users in the user pool through Cognito APIs. Valid values include: + ** True **: Enables case sensitivity for all username input. When this option is set to True, users must sign in using the exact capitalization of their given username. For example, “UserName”. This is the default value. + ** False **: Enables case insensitivity for all username input. For example, when this option is set to False, users will be able to sign in using either "username" or "Username". This option also enables both preferred_username and email alias to be case insensitive, in addition to the username attribute. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-usernameconfiguration.html#cfn-cognito-userpool-usernameconfiguration-casesensitive PrimitiveType: Boolean UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolUsernameConfiguration])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] [object] $CaseSensitive ) Process { $obj = [CognitoUserPoolUsernameConfiguration]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolUsernameConfiguration' function Add-VSCognitoUserPoolUserPoolAddOns { <# .SYNOPSIS Adds an AWS::Cognito::UserPool.UserPoolAddOns resource property to the template. The user pool add-ons type. .DESCRIPTION Adds an AWS::Cognito::UserPool.UserPoolAddOns resource property to the template. The user pool add-ons type. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-userpooladdons.html .PARAMETER AdvancedSecurityMode The advanced security mode. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-userpooladdons.html#cfn-cognito-userpool-userpooladdons-advancedsecuritymode PrimitiveType: String UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolUserPoolAddOns])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] [object] $AdvancedSecurityMode ) Process { $obj = [CognitoUserPoolUserPoolAddOns]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolUserPoolAddOns' function Add-VSCognitoUserPoolVerificationMessageTemplate { <# .SYNOPSIS Adds an AWS::Cognito::UserPool.VerificationMessageTemplate resource property to the template. The template for verification messages. .DESCRIPTION Adds an AWS::Cognito::UserPool.VerificationMessageTemplate resource property to the template. The template for verification messages. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html .PARAMETER EmailMessageByLink The email message template for sending a confirmation link to the user. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html#cfn-cognito-userpool-verificationmessagetemplate-emailmessagebylink PrimitiveType: String UpdateType: Mutable .PARAMETER EmailMessage The email message template. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html#cfn-cognito-userpool-verificationmessagetemplate-emailmessage PrimitiveType: String UpdateType: Mutable .PARAMETER SmsMessage The SMS message template. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html#cfn-cognito-userpool-verificationmessagetemplate-smsmessage PrimitiveType: String UpdateType: Mutable .PARAMETER EmailSubject The subject line for the email message template. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html#cfn-cognito-userpool-verificationmessagetemplate-emailsubject PrimitiveType: String UpdateType: Mutable .PARAMETER DefaultEmailOption The default email option. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html#cfn-cognito-userpool-verificationmessagetemplate-defaultemailoption PrimitiveType: String UpdateType: Mutable .PARAMETER EmailSubjectByLink The subject line for the email message template for sending a confirmation link to the user. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-userpool-verificationmessagetemplate.html#cfn-cognito-userpool-verificationmessagetemplate-emailsubjectbylink PrimitiveType: String UpdateType: Mutable .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolVerificationMessageTemplate])] [cmdletbinding()] Param( [parameter(Mandatory = $false)] [object] $EmailMessageByLink, [parameter(Mandatory = $false)] [object] $EmailMessage, [parameter(Mandatory = $false)] [object] $SmsMessage, [parameter(Mandatory = $false)] [object] $EmailSubject, [parameter(Mandatory = $false)] [object] $DefaultEmailOption, [parameter(Mandatory = $false)] [object] $EmailSubjectByLink ) Process { $obj = [CognitoUserPoolVerificationMessageTemplate]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'Add-VSCognitoUserPoolVerificationMessageTemplate' function New-VSCognitoIdentityPool { <# .SYNOPSIS Adds an AWS::Cognito::IdentityPool resource to the template. The AWS::Cognito::IdentityPool resource creates an Amazon Cognito identity pool. .DESCRIPTION Adds an AWS::Cognito::IdentityPool resource to the template. The AWS::Cognito::IdentityPool resource creates an Amazon Cognito identity pool. To avoid deleting the resource accidentally from AWS CloudFormation, use DeletionPolicy Attribute: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html and the UpdateReplacePolicy Attribute: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html to retain the resource on deletion or replacement. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypool.html .PARAMETER LogicalId The logical ID must be alphanumeric (A-Za-z0-9) and unique within the template. Use the logical name to reference the resource in other parts of the template. For example, if you want to map an Amazon Elastic Block Store volume to an Amazon EC2 instance, you reference the logical IDs to associate the block stores with the instance. .PARAMETER PushSync The configuration options to be applied to the identity pool. Type: PushSync Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypool.html#cfn-cognito-identitypool-pushsync UpdateType: Mutable .PARAMETER CognitoIdentityProviders The Amazon Cognito user pools and their client IDs. Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypool.html#cfn-cognito-identitypool-cognitoidentityproviders ItemType: CognitoIdentityProvider UpdateType: Mutable .PARAMETER CognitoEvents The events to configure. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypool.html#cfn-cognito-identitypool-cognitoevents PrimitiveType: Json UpdateType: Mutable .PARAMETER DeveloperProviderName The "domain" Amazon Cognito uses when referencing your users. This name acts as a placeholder that allows your backend and the Amazon Cognito service to communicate about the developer provider. For the DeveloperProviderName, you can use letters and periods ., underscores _, and dashes -. *Minimum length*: 1 *Maximum length*: 100 Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypool.html#cfn-cognito-identitypool-developerprovidername PrimitiveType: String UpdateType: Mutable .PARAMETER CognitoStreams Configuration options for configuring Amazon Cognito streams. Type: CognitoStreams Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypool.html#cfn-cognito-identitypool-cognitostreams UpdateType: Mutable .PARAMETER IdentityPoolName The name of your Amazon Cognito identity pool. *Minimum length*: 1 *Maximum length*: 128 *Pattern*: ws+=,.@-]+ Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypool.html#cfn-cognito-identitypool-identitypoolname PrimitiveType: String UpdateType: Mutable .PARAMETER AllowUnauthenticatedIdentities Specifies whether the identity pool supports unauthenticated logins. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypool.html#cfn-cognito-identitypool-allowunauthenticatedidentities PrimitiveType: Boolean UpdateType: Mutable .PARAMETER SupportedLoginProviders Key-value pairs that map provider names to provider app IDs. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypool.html#cfn-cognito-identitypool-supportedloginproviders PrimitiveType: Json UpdateType: Mutable .PARAMETER SamlProviderARNs The Amazon Resource Names ARNs of the Security Assertion Markup Language SAML providers. PrimitiveItemType: String Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypool.html#cfn-cognito-identitypool-samlproviderarns UpdateType: Mutable .PARAMETER OpenIdConnectProviderARNs The Amazon Resource Names ARNs of the OpenID connect providers. PrimitiveItemType: String Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypool.html#cfn-cognito-identitypool-openidconnectproviderarns UpdateType: Mutable .PARAMETER AllowClassicFlow Enables the Basic Classic authentication flow. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypool.html#cfn-cognito-identitypool-allowclassicflow PrimitiveType: Boolean UpdateType: Mutable .PARAMETER DeletionPolicy With the DeletionPolicy attribute you can preserve or (in some cases) backup a resource when its stack is deleted. You specify a DeletionPolicy attribute for each resource that you want to control. If a resource has no DeletionPolicy attribute, AWS CloudFormation deletes the resource by default. To keep a resource when its stack is deleted, specify Retain for that resource. You can use retain for any resource. For example, you can retain a nested stack, S3 bucket, or EC2 instance so that you can continue to use or modify those resources after you delete their stacks. You must use one of the following options: "Delete","Retain","Snapshot" .PARAMETER UpdateReplacePolicy Use the UpdateReplacePolicy attribute to retain or (in some cases) backup the existing physical instance of a resource when it is replaced during a stack update operation. When you initiate a stack update, AWS CloudFormation updates resources based on differences between what you submit and the stack's current template and parameters. If you update a resource property that requires that the resource be replaced, AWS CloudFormation recreates the resource during the update. Recreating the resource generates a new physical ID. AWS CloudFormation creates the replacement resource first, and then changes references from other dependent resources to point to the replacement resource. By default, AWS CloudFormation then deletes the old resource. Using the UpdateReplacePolicy, you can specify that AWS CloudFormation retain or (in some cases) create a snapshot of the old resource. For resources that support snapshots, such as AWS::EC2::Volume, specify Snapshot to have AWS CloudFormation create a snapshot before deleting the old resource instance. You can apply the UpdateReplacePolicy attribute to any resource. UpdateReplacePolicy is only executed if you update a resource property whose update behavior is specified as Replacement, thereby causing AWS CloudFormation to replace the old resource with a new one with a new physical ID. For example, if you update the Engine property of an AWS::RDS::DBInstance resource type, AWS CloudFormation creates a new resource and replaces the current DB instance resource with the new one. The UpdateReplacePolicy attribute would then dictate whether AWS CloudFormation deleted, retained, or created a snapshot of the old DB instance. The update behavior for each property of a resource is specified in the reference topic for that resource in the AWS Resource and Property Types Reference. For more information on resource update behavior, see Update Behaviors of Stack Resources. The UpdateReplacePolicy attribute applies to stack updates you perform directly, as well as stack updates performed using change sets. Note Resources that are retained continue to exist and continue to incur applicable charges until you delete those resources. Snapshots that are created with this policy continue to exist and continue to incur applicable charges until you delete those snapshots. UpdateReplacePolicy retains the old physical resource or snapshot, but removes it from AWS CloudFormation's scope. UpdateReplacePolicy differs from the DeletionPolicy attribute in that it only applies to resources replaced during stack updates. Use DeletionPolicy for resources deleted when a stack is deleted, or when the resource definition itself is deleted from the template as part of a stack update. You must use one of the following options: "Delete","Retain","Snapshot" .PARAMETER DependsOn With the DependsOn attribute you can specify that the creation of a specific resource follows another. When you add a DependsOn attribute to a resource, that resource is created only after the creation of the resource specified in the DependsOn attribute. This parameter takes a string or list of strings representing Logical IDs of resources that must be created prior to this resource being created. .PARAMETER Metadata The Metadata attribute enables you to associate structured data with a resource. By adding a Metadata attribute to a resource, you can add data in JSON or YAML to the resource declaration. In addition, you can use intrinsic functions (such as GetAtt and Ref), parameters, and pseudo parameters within the Metadata attribute to add those interpreted values. This will be returned when describing the resource using AWS CLI. .PARAMETER UpdatePolicy Use the UpdatePolicy attribute to specify how AWS CloudFormation handles updates to the AWS::AutoScaling::AutoScalingGroup resource. AWS CloudFormation invokes one of three update policies depending on the type of change you make or whether a scheduled action is associated with the Auto Scaling group. You must use the "Add-UpdatePolicy" function or the [UpdatePolicy] class here. .PARAMETER Condition Logical ID of the condition that this resource needs to be true in order for this resource to be provisioned. .FUNCTIONALITY Vaporshell #> [OutputType([CognitoIdentityPool])] [cmdletbinding()] Param( [parameter(Mandatory = $true,Position = 0)] [ValidateLogicalId()] [string] $LogicalId, [parameter(Mandatory = $false)] $PushSync, [parameter(Mandatory = $false)] [object] $CognitoIdentityProviders, [parameter(Mandatory = $false)] [VSJson] $CognitoEvents, [parameter(Mandatory = $false)] [object] $DeveloperProviderName, [parameter(Mandatory = $false)] $CognitoStreams, [parameter(Mandatory = $false)] [object] $IdentityPoolName, [parameter(Mandatory = $true)] [object] $AllowUnauthenticatedIdentities, [parameter(Mandatory = $false)] [VSJson] $SupportedLoginProviders, [parameter(Mandatory = $false)] $SamlProviderARNs, [parameter(Mandatory = $false)] $OpenIdConnectProviderARNs, [parameter(Mandatory = $false)] [object] $AllowClassicFlow, [parameter()] [DeletionPolicy] $DeletionPolicy, [parameter()] [UpdateReplacePolicy] $UpdateReplacePolicy, [parameter(Mandatory = $false)] [string[]] $DependsOn, [parameter(Mandatory = $false)] [VSJson] $Metadata, [parameter(Mandatory = $false)] [UpdatePolicy] $UpdatePolicy, [parameter(Mandatory = $false)] [string] $Condition ) Process { $obj = [CognitoIdentityPool]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'New-VSCognitoIdentityPool' function New-VSCognitoIdentityPoolRoleAttachment { <# .SYNOPSIS Adds an AWS::Cognito::IdentityPoolRoleAttachment resource to the template. The AWS::Cognito::IdentityPoolRoleAttachment resource manages the role configuration for an Amazon Cognito identity pool. .DESCRIPTION Adds an AWS::Cognito::IdentityPoolRoleAttachment resource to the template. The AWS::Cognito::IdentityPoolRoleAttachment resource manages the role configuration for an Amazon Cognito identity pool. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypoolroleattachment.html .PARAMETER LogicalId The logical ID must be alphanumeric (A-Za-z0-9) and unique within the template. Use the logical name to reference the resource in other parts of the template. For example, if you want to map an Amazon Elastic Block Store volume to an Amazon EC2 instance, you reference the logical IDs to associate the block stores with the instance. .PARAMETER RoleMappings How users for a specific identity provider are mapped to roles. This is a string to the RoleMapping object map. The string identifies the identity provider. For example: "graph.facebook.com" or "cognito-idp.us-east-1.amazonaws.com/us-east-1_abcdefghi:app_client_id". If the IdentityProvider field isn't provided in this object, the string is used as the identity provider name. For more information, see the RoleMapping property: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cognito-identitypoolroleattachment-rolemapping.html. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypoolroleattachment.html#cfn-cognito-identitypoolroleattachment-rolemappings PrimitiveType: Json UpdateType: Mutable .PARAMETER IdentityPoolId An identity pool ID in the format REGION:GUID. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypoolroleattachment.html#cfn-cognito-identitypoolroleattachment-identitypoolid PrimitiveType: String UpdateType: Immutable .PARAMETER Roles The map of the roles associated with this pool. For a given role, the key is either "authenticated" or "unauthenticated". The value is the role ARN. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-identitypoolroleattachment.html#cfn-cognito-identitypoolroleattachment-roles PrimitiveType: Json UpdateType: Mutable .PARAMETER DeletionPolicy With the DeletionPolicy attribute you can preserve or (in some cases) backup a resource when its stack is deleted. You specify a DeletionPolicy attribute for each resource that you want to control. If a resource has no DeletionPolicy attribute, AWS CloudFormation deletes the resource by default. To keep a resource when its stack is deleted, specify Retain for that resource. You can use retain for any resource. For example, you can retain a nested stack, S3 bucket, or EC2 instance so that you can continue to use or modify those resources after you delete their stacks. You must use one of the following options: "Delete","Retain","Snapshot" .PARAMETER UpdateReplacePolicy Use the UpdateReplacePolicy attribute to retain or (in some cases) backup the existing physical instance of a resource when it is replaced during a stack update operation. When you initiate a stack update, AWS CloudFormation updates resources based on differences between what you submit and the stack's current template and parameters. If you update a resource property that requires that the resource be replaced, AWS CloudFormation recreates the resource during the update. Recreating the resource generates a new physical ID. AWS CloudFormation creates the replacement resource first, and then changes references from other dependent resources to point to the replacement resource. By default, AWS CloudFormation then deletes the old resource. Using the UpdateReplacePolicy, you can specify that AWS CloudFormation retain or (in some cases) create a snapshot of the old resource. For resources that support snapshots, such as AWS::EC2::Volume, specify Snapshot to have AWS CloudFormation create a snapshot before deleting the old resource instance. You can apply the UpdateReplacePolicy attribute to any resource. UpdateReplacePolicy is only executed if you update a resource property whose update behavior is specified as Replacement, thereby causing AWS CloudFormation to replace the old resource with a new one with a new physical ID. For example, if you update the Engine property of an AWS::RDS::DBInstance resource type, AWS CloudFormation creates a new resource and replaces the current DB instance resource with the new one. The UpdateReplacePolicy attribute would then dictate whether AWS CloudFormation deleted, retained, or created a snapshot of the old DB instance. The update behavior for each property of a resource is specified in the reference topic for that resource in the AWS Resource and Property Types Reference. For more information on resource update behavior, see Update Behaviors of Stack Resources. The UpdateReplacePolicy attribute applies to stack updates you perform directly, as well as stack updates performed using change sets. Note Resources that are retained continue to exist and continue to incur applicable charges until you delete those resources. Snapshots that are created with this policy continue to exist and continue to incur applicable charges until you delete those snapshots. UpdateReplacePolicy retains the old physical resource or snapshot, but removes it from AWS CloudFormation's scope. UpdateReplacePolicy differs from the DeletionPolicy attribute in that it only applies to resources replaced during stack updates. Use DeletionPolicy for resources deleted when a stack is deleted, or when the resource definition itself is deleted from the template as part of a stack update. You must use one of the following options: "Delete","Retain","Snapshot" .PARAMETER DependsOn With the DependsOn attribute you can specify that the creation of a specific resource follows another. When you add a DependsOn attribute to a resource, that resource is created only after the creation of the resource specified in the DependsOn attribute. This parameter takes a string or list of strings representing Logical IDs of resources that must be created prior to this resource being created. .PARAMETER Metadata The Metadata attribute enables you to associate structured data with a resource. By adding a Metadata attribute to a resource, you can add data in JSON or YAML to the resource declaration. In addition, you can use intrinsic functions (such as GetAtt and Ref), parameters, and pseudo parameters within the Metadata attribute to add those interpreted values. This will be returned when describing the resource using AWS CLI. .PARAMETER UpdatePolicy Use the UpdatePolicy attribute to specify how AWS CloudFormation handles updates to the AWS::AutoScaling::AutoScalingGroup resource. AWS CloudFormation invokes one of three update policies depending on the type of change you make or whether a scheduled action is associated with the Auto Scaling group. You must use the "Add-UpdatePolicy" function or the [UpdatePolicy] class here. .PARAMETER Condition Logical ID of the condition that this resource needs to be true in order for this resource to be provisioned. .FUNCTIONALITY Vaporshell #> [OutputType([CognitoIdentityPoolRoleAttachment])] [cmdletbinding()] Param( [parameter(Mandatory = $true,Position = 0)] [ValidateLogicalId()] [string] $LogicalId, [parameter(Mandatory = $false)] [VSJson] $RoleMappings, [parameter(Mandatory = $true)] [object] $IdentityPoolId, [parameter(Mandatory = $false)] [VSJson] $Roles, [parameter()] [DeletionPolicy] $DeletionPolicy, [parameter()] [UpdateReplacePolicy] $UpdateReplacePolicy, [parameter(Mandatory = $false)] [string[]] $DependsOn, [parameter(Mandatory = $false)] [VSJson] $Metadata, [parameter(Mandatory = $false)] [UpdatePolicy] $UpdatePolicy, [parameter(Mandatory = $false)] [string] $Condition ) Process { $obj = [CognitoIdentityPoolRoleAttachment]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'New-VSCognitoIdentityPoolRoleAttachment' function New-VSCognitoUserPool { <# .SYNOPSIS Adds an AWS::Cognito::UserPool resource to the template. The AWS::Cognito::UserPool resource creates an Amazon Cognito user pool. For more information on working with Amazon Cognito user pools, see Amazon Cognito User Pools: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools.html and CreateUserPool: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html. .DESCRIPTION Adds an AWS::Cognito::UserPool resource to the template. The AWS::Cognito::UserPool resource creates an Amazon Cognito user pool. For more information on working with Amazon Cognito user pools, see Amazon Cognito User Pools: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools.html and CreateUserPool: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html .PARAMETER LogicalId The logical ID must be alphanumeric (A-Za-z0-9) and unique within the template. Use the logical name to reference the resource in other parts of the template. For example, if you want to map an Amazon Elastic Block Store volume to an Amazon EC2 instance, you reference the logical IDs to associate the block stores with the instance. .PARAMETER UserPoolTags The tag keys and values to assign to the user pool. A tag is a label that you can use to categorize and manage user pools in different ways, such as by purpose, owner, environment, or other criteria. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html#cfn-cognito-userpool-userpooltags PrimitiveType: Json UpdateType: Mutable .PARAMETER Policies The policy associated with a user pool. Type: Policies Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html#cfn-cognito-userpool-policies UpdateType: Mutable .PARAMETER VerificationMessageTemplate The template for the verification message that the user sees when the app requests permission to access the user's information. Type: VerificationMessageTemplate Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html#cfn-cognito-userpool-verificationmessagetemplate UpdateType: Mutable .PARAMETER MfaConfiguration The multi-factor MFA configuration. Valid values include: + OFF MFA will not be used for any users. + ON MFA is required for all users to sign in. + OPTIONAL MFA will be required only for individual users who have an MFA factor enabled. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html#cfn-cognito-userpool-mfaconfiguration PrimitiveType: String UpdateType: Mutable .PARAMETER Schema The schema attributes for the new user pool. These attributes can be standard or custom attributes. During a user pool update, you can add new schema attributes but you cannot modify or delete an existing schema attribute. Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html#cfn-cognito-userpool-schema ItemType: SchemaAttribute UpdateType: Mutable .PARAMETER AdminCreateUserConfig The configuration for creating a new user profile. Type: AdminCreateUserConfig Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html#cfn-cognito-userpool-admincreateuserconfig UpdateType: Mutable .PARAMETER SmsAuthenticationMessage A string representing the SMS authentication message. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html#cfn-cognito-userpool-smsauthenticationmessage PrimitiveType: String UpdateType: Mutable .PARAMETER UsernameConfiguration You can choose to set case sensitivity on the username input for the selected sign-in option. For example, when this is set to False, users will be able to sign in using either "username" or "Username". This configuration is immutable once it has been set. Type: UsernameConfiguration Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html#cfn-cognito-userpool-usernameconfiguration UpdateType: Mutable .PARAMETER UserPoolName A string used to name the user pool. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html#cfn-cognito-userpool-userpoolname PrimitiveType: String UpdateType: Mutable .PARAMETER SmsVerificationMessage A string representing the SMS verification message. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html#cfn-cognito-userpool-smsverificationmessage PrimitiveType: String UpdateType: Mutable .PARAMETER UserPoolAddOns Used to enable advanced security risk detection. Set the key AdvancedSecurityMode to the value "AUDIT". Type: UserPoolAddOns Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html#cfn-cognito-userpool-userpooladdons UpdateType: Mutable .PARAMETER EmailConfiguration The email configuration. Type: EmailConfiguration Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html#cfn-cognito-userpool-emailconfiguration UpdateType: Mutable .PARAMETER SmsConfiguration The SMS configuration. Type: SmsConfiguration Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html#cfn-cognito-userpool-smsconfiguration UpdateType: Mutable .PARAMETER AliasAttributes Attributes supported as an alias for this user pool. Possible values: **phone_number**, **email**, or **preferred_username**. This user pool property cannot be updated. PrimitiveItemType: String Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html#cfn-cognito-userpool-aliasattributes UpdateType: Mutable .PARAMETER EnabledMfas Enables MFA on a specified user pool. To disable all MFAs after it has been enabled, set MfaConfiguration to “OFF” and remove EnabledMfas. MFAs can only be all disabled if MfaConfiguration is OFF. Once SMS_MFA is enabled, SMS_MFA can only be disabled by setting MfaConfiguration to “OFF”. Can be one of the following values: + SMS_MFA - Enables SMS MFA for the user pool. SMS_MFA can only be enabled if SMS configuration is provided. + SOFTWARE_TOKEN_MFA - Enables software token MFA for the user pool. Allowed values: SMS_MFA | SOFTWARE_TOKEN_MFA PrimitiveItemType: String Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html#cfn-cognito-userpool-enabledmfas UpdateType: Mutable .PARAMETER EmailVerificationSubject A string representing the email verification subject. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html#cfn-cognito-userpool-emailverificationsubject PrimitiveType: String UpdateType: Mutable .PARAMETER LambdaConfig The Lambda trigger configuration information for the new user pool. In a push model, event sources such as Amazon S3 and custom applications need permission to invoke a function. So you will need to make an extra call to add permission for these event sources to invoke your Lambda function. For more information on using the Lambda API to add permission, see AddPermission : https://docs.aws.amazon.com/lambda/latest/dg/API_AddPermission.html. For adding permission using the AWS CLI, see add-permission : https://docs.aws.amazon.com/cli/latest/reference/lambda/add-permission.html. Type: LambdaConfig Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html#cfn-cognito-userpool-lambdaconfig UpdateType: Mutable .PARAMETER UsernameAttributes Determines whether email addresses or phone numbers can be specified as user names when a user signs up. Possible values: phone_number or email. This user pool property cannot be updated. PrimitiveItemType: String Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html#cfn-cognito-userpool-usernameattributes UpdateType: Mutable .PARAMETER AutoVerifiedAttributes The attributes to be auto-verified. Possible values: **email**, **phone_number**. PrimitiveItemType: String Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html#cfn-cognito-userpool-autoverifiedattributes UpdateType: Mutable .PARAMETER DeviceConfiguration The device configuration. Type: DeviceConfiguration Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html#cfn-cognito-userpool-deviceconfiguration UpdateType: Mutable .PARAMETER EmailVerificationMessage A string representing the email verification message. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html#cfn-cognito-userpool-emailverificationmessage PrimitiveType: String UpdateType: Mutable .PARAMETER AccountRecoverySetting Use this setting to define which verified available method a user can use to recover their password when they call ForgotPassword. It allows you to define a preferred method when a user has more than one method available. With this setting, SMS does not qualify for a valid password recovery mechanism if the user also has SMS MFA enabled. In the absence of this setting, Cognito uses the legacy behavior to determine the recovery method where SMS is preferred over email. Type: AccountRecoverySetting Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpool.html#cfn-cognito-userpool-accountrecoverysetting UpdateType: Mutable .PARAMETER DeletionPolicy With the DeletionPolicy attribute you can preserve or (in some cases) backup a resource when its stack is deleted. You specify a DeletionPolicy attribute for each resource that you want to control. If a resource has no DeletionPolicy attribute, AWS CloudFormation deletes the resource by default. To keep a resource when its stack is deleted, specify Retain for that resource. You can use retain for any resource. For example, you can retain a nested stack, S3 bucket, or EC2 instance so that you can continue to use or modify those resources after you delete their stacks. You must use one of the following options: "Delete","Retain","Snapshot" .PARAMETER UpdateReplacePolicy Use the UpdateReplacePolicy attribute to retain or (in some cases) backup the existing physical instance of a resource when it is replaced during a stack update operation. When you initiate a stack update, AWS CloudFormation updates resources based on differences between what you submit and the stack's current template and parameters. If you update a resource property that requires that the resource be replaced, AWS CloudFormation recreates the resource during the update. Recreating the resource generates a new physical ID. AWS CloudFormation creates the replacement resource first, and then changes references from other dependent resources to point to the replacement resource. By default, AWS CloudFormation then deletes the old resource. Using the UpdateReplacePolicy, you can specify that AWS CloudFormation retain or (in some cases) create a snapshot of the old resource. For resources that support snapshots, such as AWS::EC2::Volume, specify Snapshot to have AWS CloudFormation create a snapshot before deleting the old resource instance. You can apply the UpdateReplacePolicy attribute to any resource. UpdateReplacePolicy is only executed if you update a resource property whose update behavior is specified as Replacement, thereby causing AWS CloudFormation to replace the old resource with a new one with a new physical ID. For example, if you update the Engine property of an AWS::RDS::DBInstance resource type, AWS CloudFormation creates a new resource and replaces the current DB instance resource with the new one. The UpdateReplacePolicy attribute would then dictate whether AWS CloudFormation deleted, retained, or created a snapshot of the old DB instance. The update behavior for each property of a resource is specified in the reference topic for that resource in the AWS Resource and Property Types Reference. For more information on resource update behavior, see Update Behaviors of Stack Resources. The UpdateReplacePolicy attribute applies to stack updates you perform directly, as well as stack updates performed using change sets. Note Resources that are retained continue to exist and continue to incur applicable charges until you delete those resources. Snapshots that are created with this policy continue to exist and continue to incur applicable charges until you delete those snapshots. UpdateReplacePolicy retains the old physical resource or snapshot, but removes it from AWS CloudFormation's scope. UpdateReplacePolicy differs from the DeletionPolicy attribute in that it only applies to resources replaced during stack updates. Use DeletionPolicy for resources deleted when a stack is deleted, or when the resource definition itself is deleted from the template as part of a stack update. You must use one of the following options: "Delete","Retain","Snapshot" .PARAMETER DependsOn With the DependsOn attribute you can specify that the creation of a specific resource follows another. When you add a DependsOn attribute to a resource, that resource is created only after the creation of the resource specified in the DependsOn attribute. This parameter takes a string or list of strings representing Logical IDs of resources that must be created prior to this resource being created. .PARAMETER Metadata The Metadata attribute enables you to associate structured data with a resource. By adding a Metadata attribute to a resource, you can add data in JSON or YAML to the resource declaration. In addition, you can use intrinsic functions (such as GetAtt and Ref), parameters, and pseudo parameters within the Metadata attribute to add those interpreted values. This will be returned when describing the resource using AWS CLI. .PARAMETER UpdatePolicy Use the UpdatePolicy attribute to specify how AWS CloudFormation handles updates to the AWS::AutoScaling::AutoScalingGroup resource. AWS CloudFormation invokes one of three update policies depending on the type of change you make or whether a scheduled action is associated with the Auto Scaling group. You must use the "Add-UpdatePolicy" function or the [UpdatePolicy] class here. .PARAMETER Condition Logical ID of the condition that this resource needs to be true in order for this resource to be provisioned. .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPool])] [cmdletbinding()] Param( [parameter(Mandatory = $true,Position = 0)] [ValidateLogicalId()] [string] $LogicalId, [parameter(Mandatory = $false)] [VSJson] $UserPoolTags, [parameter(Mandatory = $false)] $Policies, [parameter(Mandatory = $false)] $VerificationMessageTemplate, [parameter(Mandatory = $false)] [object] $MfaConfiguration, [parameter(Mandatory = $false)] [object] $Schema, [parameter(Mandatory = $false)] $AdminCreateUserConfig, [parameter(Mandatory = $false)] [object] $SmsAuthenticationMessage, [parameter(Mandatory = $false)] $UsernameConfiguration, [parameter(Mandatory = $false)] [object] $UserPoolName, [parameter(Mandatory = $false)] [object] $SmsVerificationMessage, [parameter(Mandatory = $false)] $UserPoolAddOns, [parameter(Mandatory = $false)] $EmailConfiguration, [parameter(Mandatory = $false)] $SmsConfiguration, [parameter(Mandatory = $false)] $AliasAttributes, [parameter(Mandatory = $false)] $EnabledMfas, [parameter(Mandatory = $false)] [object] $EmailVerificationSubject, [parameter(Mandatory = $false)] $LambdaConfig, [parameter(Mandatory = $false)] $UsernameAttributes, [parameter(Mandatory = $false)] $AutoVerifiedAttributes, [parameter(Mandatory = $false)] $DeviceConfiguration, [parameter(Mandatory = $false)] [object] $EmailVerificationMessage, [parameter(Mandatory = $false)] $AccountRecoverySetting, [parameter()] [DeletionPolicy] $DeletionPolicy, [parameter()] [UpdateReplacePolicy] $UpdateReplacePolicy, [parameter(Mandatory = $false)] [string[]] $DependsOn, [parameter(Mandatory = $false)] [VSJson] $Metadata, [parameter(Mandatory = $false)] [UpdatePolicy] $UpdatePolicy, [parameter(Mandatory = $false)] [string] $Condition ) Process { $obj = [CognitoUserPool]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'New-VSCognitoUserPool' function New-VSCognitoUserPoolClient { <# .SYNOPSIS Adds an AWS::Cognito::UserPoolClient resource to the template. The AWS::Cognito::UserPoolClient resource specifies an Amazon Cognito user pool client. .DESCRIPTION Adds an AWS::Cognito::UserPoolClient resource to the template. The AWS::Cognito::UserPoolClient resource specifies an Amazon Cognito user pool client. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolclient.html .PARAMETER LogicalId The logical ID must be alphanumeric (A-Za-z0-9) and unique within the template. Use the logical name to reference the resource in other parts of the template. For example, if you want to map an Amazon Elastic Block Store volume to an Amazon EC2 instance, you reference the logical IDs to associate the block stores with the instance. .PARAMETER AnalyticsConfiguration The Amazon Pinpoint analytics configuration for collecting metrics for this user pool. Cognito User Pools only supports sending events to Amazon Pinpoint projects in the US East N. Virginia us-east-1 Region, regardless of the region in which the user pool resides. Type: AnalyticsConfiguration Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolclient.html#cfn-cognito-userpoolclient-analyticsconfiguration UpdateType: Mutable .PARAMETER GenerateSecret Boolean to specify whether you want to generate a secret for the user pool client being created. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolclient.html#cfn-cognito-userpoolclient-generatesecret PrimitiveType: Boolean UpdateType: Immutable .PARAMETER CallbackURLs A list of allowed redirect callback URLs for the identity providers. A redirect URI must: + Be an absolute URI. + Be registered with the authorization server. + Not include a fragment component. See OAuth 2.0 - Redirection Endpoint: https://tools.ietf.org/html/rfc6749#section-3.1.2. Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only. App callback URLs such as myapp://example are also supported. PrimitiveItemType: String Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolclient.html#cfn-cognito-userpoolclient-callbackurls UpdateType: Mutable .PARAMETER IdTokenValidity For more information about using the Ref function, see Ref: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolclient.html#cfn-cognito-userpoolclient-idtokenvalidity PrimitiveType: Integer UpdateType: Mutable .PARAMETER AllowedOAuthScopes The allowed OAuth scopes. Possible values provided by OAuth are: phone, email, openid, and profile. Possible values provided by AWS are: aws.cognito.signin.user.admin. Custom scopes created in Resource Servers are also supported. PrimitiveItemType: String Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolclient.html#cfn-cognito-userpoolclient-allowedoauthscopes UpdateType: Mutable .PARAMETER TokenValidityUnits For more information about using the Ref function, see Ref: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html. Type: TokenValidityUnits Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolclient.html#cfn-cognito-userpoolclient-tokenvalidityunits UpdateType: Mutable .PARAMETER ReadAttributes The read attributes. PrimitiveItemType: String Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolclient.html#cfn-cognito-userpoolclient-readattributes UpdateType: Mutable .PARAMETER AllowedOAuthFlowsUserPoolClient Set to true if the client is allowed to follow the OAuth protocol when interacting with Cognito user pools. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolclient.html#cfn-cognito-userpoolclient-allowedoauthflowsuserpoolclient PrimitiveType: Boolean UpdateType: Mutable .PARAMETER DefaultRedirectURI The default redirect URI. Must be in the CallbackURLs list. A redirect URI must: + Be an absolute URI. + Be registered with the authorization server. + Not include a fragment component. See OAuth 2.0 - Redirection Endpoint: https://tools.ietf.org/html/rfc6749#section-3.1.2. Amazon Cognito requires HTTPS over HTTP except for http://localhost for testing purposes only. App callback URLs such as myapp://example are also supported. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolclient.html#cfn-cognito-userpoolclient-defaultredirecturi PrimitiveType: String UpdateType: Mutable .PARAMETER SupportedIdentityProviders A list of provider names for the identity providers that are supported on this client. The following are supported: COGNITO, Facebook, Google and LoginWithAmazon. PrimitiveItemType: String Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolclient.html#cfn-cognito-userpoolclient-supportedidentityproviders UpdateType: Mutable .PARAMETER ClientName The client name for the user pool client you would like to create. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolclient.html#cfn-cognito-userpoolclient-clientname PrimitiveType: String UpdateType: Mutable .PARAMETER UserPoolId The user pool ID for the user pool where you want to create a user pool client. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolclient.html#cfn-cognito-userpoolclient-userpoolid PrimitiveType: String UpdateType: Immutable .PARAMETER AllowedOAuthFlows The allowed OAuth flows. Set to code to initiate a code grant flow, which provides an authorization code as the response. This code can be exchanged for access tokens with the token endpoint. Set to implicit to specify that the client should get the access token and, optionally, ID token, based on scopes directly. Set to client_credentials to specify that the client should get the access token and, optionally, ID token, based on scopes from the token endpoint using a combination of client and client_secret. PrimitiveItemType: String Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolclient.html#cfn-cognito-userpoolclient-allowedoauthflows UpdateType: Mutable .PARAMETER ExplicitAuthFlows The authentication flows that are supported by the user pool clients. Flow names without the ALLOW_ prefix are deprecated in favor of new names with the ALLOW_ prefix. Note that values with ALLOW_ prefix cannot be used along with values without ALLOW_ prefix. Valid values include: + ALLOW_ADMIN_USER_PASSWORD_AUTH: Enable admin based user password authentication flow ADMIN_USER_PASSWORD_AUTH. This setting replaces the ADMIN_NO_SRP_AUTH setting. With this authentication flow, Cognito receives the password in the request instead of using the SRP Secure Remote Password protocol protocol to verify passwords. + ALLOW_CUSTOM_AUTH: Enable Lambda trigger based authentication. + ALLOW_USER_PASSWORD_AUTH: Enable user password-based authentication. In this flow, Cognito receives the password in the request instead of using the SRP protocol to verify passwords. + ALLOW_USER_SRP_AUTH: Enable SRP based authentication. + ALLOW_REFRESH_TOKEN_AUTH: Enable authflow to refresh tokens. PrimitiveItemType: String Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolclient.html#cfn-cognito-userpoolclient-explicitauthflows UpdateType: Mutable .PARAMETER LogoutURLs A list of allowed logout URLs for the identity providers. PrimitiveItemType: String Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolclient.html#cfn-cognito-userpoolclient-logouturls UpdateType: Mutable .PARAMETER AccessTokenValidity For more information about using the Ref function, see Ref: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-ref.html. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolclient.html#cfn-cognito-userpoolclient-accesstokenvalidity PrimitiveType: Integer UpdateType: Mutable .PARAMETER RefreshTokenValidity The time limit, in days, after which the refresh token is no longer valid and cannot be used. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolclient.html#cfn-cognito-userpoolclient-refreshtokenvalidity PrimitiveType: Integer UpdateType: Mutable .PARAMETER WriteAttributes The user pool attributes that the app client can write to. If your app client allows users to sign in through an identity provider, this array must include all attributes that are mapped to identity provider attributes. Amazon Cognito updates mapped attributes when users sign in to your application through an identity provider. If your app client lacks write access to a mapped attribute, Amazon Cognito throws an error when it attempts to update the attribute. For more information, see Specifying Identity Provider Attribute Mappings for Your User Pool: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html. PrimitiveItemType: String Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolclient.html#cfn-cognito-userpoolclient-writeattributes UpdateType: Mutable .PARAMETER PreventUserExistenceErrors Use this setting to choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to ENABLED and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to LEGACY, those APIs will return a UserNotFoundException exception if the user does not exist in the user pool. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolclient.html#cfn-cognito-userpoolclient-preventuserexistenceerrors PrimitiveType: String UpdateType: Mutable .PARAMETER DeletionPolicy With the DeletionPolicy attribute you can preserve or (in some cases) backup a resource when its stack is deleted. You specify a DeletionPolicy attribute for each resource that you want to control. If a resource has no DeletionPolicy attribute, AWS CloudFormation deletes the resource by default. To keep a resource when its stack is deleted, specify Retain for that resource. You can use retain for any resource. For example, you can retain a nested stack, S3 bucket, or EC2 instance so that you can continue to use or modify those resources after you delete their stacks. You must use one of the following options: "Delete","Retain","Snapshot" .PARAMETER UpdateReplacePolicy Use the UpdateReplacePolicy attribute to retain or (in some cases) backup the existing physical instance of a resource when it is replaced during a stack update operation. When you initiate a stack update, AWS CloudFormation updates resources based on differences between what you submit and the stack's current template and parameters. If you update a resource property that requires that the resource be replaced, AWS CloudFormation recreates the resource during the update. Recreating the resource generates a new physical ID. AWS CloudFormation creates the replacement resource first, and then changes references from other dependent resources to point to the replacement resource. By default, AWS CloudFormation then deletes the old resource. Using the UpdateReplacePolicy, you can specify that AWS CloudFormation retain or (in some cases) create a snapshot of the old resource. For resources that support snapshots, such as AWS::EC2::Volume, specify Snapshot to have AWS CloudFormation create a snapshot before deleting the old resource instance. You can apply the UpdateReplacePolicy attribute to any resource. UpdateReplacePolicy is only executed if you update a resource property whose update behavior is specified as Replacement, thereby causing AWS CloudFormation to replace the old resource with a new one with a new physical ID. For example, if you update the Engine property of an AWS::RDS::DBInstance resource type, AWS CloudFormation creates a new resource and replaces the current DB instance resource with the new one. The UpdateReplacePolicy attribute would then dictate whether AWS CloudFormation deleted, retained, or created a snapshot of the old DB instance. The update behavior for each property of a resource is specified in the reference topic for that resource in the AWS Resource and Property Types Reference. For more information on resource update behavior, see Update Behaviors of Stack Resources. The UpdateReplacePolicy attribute applies to stack updates you perform directly, as well as stack updates performed using change sets. Note Resources that are retained continue to exist and continue to incur applicable charges until you delete those resources. Snapshots that are created with this policy continue to exist and continue to incur applicable charges until you delete those snapshots. UpdateReplacePolicy retains the old physical resource or snapshot, but removes it from AWS CloudFormation's scope. UpdateReplacePolicy differs from the DeletionPolicy attribute in that it only applies to resources replaced during stack updates. Use DeletionPolicy for resources deleted when a stack is deleted, or when the resource definition itself is deleted from the template as part of a stack update. You must use one of the following options: "Delete","Retain","Snapshot" .PARAMETER DependsOn With the DependsOn attribute you can specify that the creation of a specific resource follows another. When you add a DependsOn attribute to a resource, that resource is created only after the creation of the resource specified in the DependsOn attribute. This parameter takes a string or list of strings representing Logical IDs of resources that must be created prior to this resource being created. .PARAMETER Metadata The Metadata attribute enables you to associate structured data with a resource. By adding a Metadata attribute to a resource, you can add data in JSON or YAML to the resource declaration. In addition, you can use intrinsic functions (such as GetAtt and Ref), parameters, and pseudo parameters within the Metadata attribute to add those interpreted values. This will be returned when describing the resource using AWS CLI. .PARAMETER UpdatePolicy Use the UpdatePolicy attribute to specify how AWS CloudFormation handles updates to the AWS::AutoScaling::AutoScalingGroup resource. AWS CloudFormation invokes one of three update policies depending on the type of change you make or whether a scheduled action is associated with the Auto Scaling group. You must use the "Add-UpdatePolicy" function or the [UpdatePolicy] class here. .PARAMETER Condition Logical ID of the condition that this resource needs to be true in order for this resource to be provisioned. .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolClient])] [cmdletbinding()] Param( [parameter(Mandatory = $true,Position = 0)] [ValidateLogicalId()] [string] $LogicalId, [parameter(Mandatory = $false)] $AnalyticsConfiguration, [parameter(Mandatory = $false)] [object] $GenerateSecret, [parameter(Mandatory = $false)] $CallbackURLs, [parameter(Mandatory = $false)] [object] $IdTokenValidity, [parameter(Mandatory = $false)] $AllowedOAuthScopes, [parameter(Mandatory = $false)] $TokenValidityUnits, [parameter(Mandatory = $false)] $ReadAttributes, [parameter(Mandatory = $false)] [object] $AllowedOAuthFlowsUserPoolClient, [parameter(Mandatory = $false)] [object] $DefaultRedirectURI, [parameter(Mandatory = $false)] $SupportedIdentityProviders, [parameter(Mandatory = $false)] [object] $ClientName, [parameter(Mandatory = $true)] [object] $UserPoolId, [parameter(Mandatory = $false)] $AllowedOAuthFlows, [parameter(Mandatory = $false)] $ExplicitAuthFlows, [parameter(Mandatory = $false)] $LogoutURLs, [parameter(Mandatory = $false)] [object] $AccessTokenValidity, [parameter(Mandatory = $false)] [object] $RefreshTokenValidity, [parameter(Mandatory = $false)] $WriteAttributes, [parameter(Mandatory = $false)] [object] $PreventUserExistenceErrors, [parameter()] [DeletionPolicy] $DeletionPolicy, [parameter()] [UpdateReplacePolicy] $UpdateReplacePolicy, [parameter(Mandatory = $false)] [string[]] $DependsOn, [parameter(Mandatory = $false)] [VSJson] $Metadata, [parameter(Mandatory = $false)] [UpdatePolicy] $UpdatePolicy, [parameter(Mandatory = $false)] [string] $Condition ) Process { $obj = [CognitoUserPoolClient]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'New-VSCognitoUserPoolClient' function New-VSCognitoUserPoolDomain { <# .SYNOPSIS Adds an AWS::Cognito::UserPoolDomain resource to the template. The AWS::Cognito::UserPoolDomain resource creates a new domain for a user pool. .DESCRIPTION Adds an AWS::Cognito::UserPoolDomain resource to the template. The AWS::Cognito::UserPoolDomain resource creates a new domain for a user pool. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpooldomain.html .PARAMETER LogicalId The logical ID must be alphanumeric (A-Za-z0-9) and unique within the template. Use the logical name to reference the resource in other parts of the template. For example, if you want to map an Amazon Elastic Block Store volume to an Amazon EC2 instance, you reference the logical IDs to associate the block stores with the instance. .PARAMETER UserPoolId The user pool ID for the user pool where you want to associate a user pool domain. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpooldomain.html#cfn-cognito-userpooldomain-userpoolid PrimitiveType: String UpdateType: Immutable .PARAMETER CustomDomainConfig The configuration for a custom domain that hosts the sign-up and sign-in pages for your application. Use this object to specify an SSL certificate that is managed by ACM. Type: CustomDomainConfigType Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpooldomain.html#cfn-cognito-userpooldomain-customdomainconfig UpdateType: Mutable .PARAMETER Domain The domain name for the domain that hosts the sign-up and sign-in pages for your application. For example: auth.example.com. If you're using a prefix domain, this field denotes the first part of the domain before .auth.region].amazoncognito.com. This string can include only lowercase letters, numbers, and hyphens. Don't use a hyphen for the first or last character. Use periods to separate subdomain names. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpooldomain.html#cfn-cognito-userpooldomain-domain PrimitiveType: String UpdateType: Immutable .PARAMETER DeletionPolicy With the DeletionPolicy attribute you can preserve or (in some cases) backup a resource when its stack is deleted. You specify a DeletionPolicy attribute for each resource that you want to control. If a resource has no DeletionPolicy attribute, AWS CloudFormation deletes the resource by default. To keep a resource when its stack is deleted, specify Retain for that resource. You can use retain for any resource. For example, you can retain a nested stack, S3 bucket, or EC2 instance so that you can continue to use or modify those resources after you delete their stacks. You must use one of the following options: "Delete","Retain","Snapshot" .PARAMETER UpdateReplacePolicy Use the UpdateReplacePolicy attribute to retain or (in some cases) backup the existing physical instance of a resource when it is replaced during a stack update operation. When you initiate a stack update, AWS CloudFormation updates resources based on differences between what you submit and the stack's current template and parameters. If you update a resource property that requires that the resource be replaced, AWS CloudFormation recreates the resource during the update. Recreating the resource generates a new physical ID. AWS CloudFormation creates the replacement resource first, and then changes references from other dependent resources to point to the replacement resource. By default, AWS CloudFormation then deletes the old resource. Using the UpdateReplacePolicy, you can specify that AWS CloudFormation retain or (in some cases) create a snapshot of the old resource. For resources that support snapshots, such as AWS::EC2::Volume, specify Snapshot to have AWS CloudFormation create a snapshot before deleting the old resource instance. You can apply the UpdateReplacePolicy attribute to any resource. UpdateReplacePolicy is only executed if you update a resource property whose update behavior is specified as Replacement, thereby causing AWS CloudFormation to replace the old resource with a new one with a new physical ID. For example, if you update the Engine property of an AWS::RDS::DBInstance resource type, AWS CloudFormation creates a new resource and replaces the current DB instance resource with the new one. The UpdateReplacePolicy attribute would then dictate whether AWS CloudFormation deleted, retained, or created a snapshot of the old DB instance. The update behavior for each property of a resource is specified in the reference topic for that resource in the AWS Resource and Property Types Reference. For more information on resource update behavior, see Update Behaviors of Stack Resources. The UpdateReplacePolicy attribute applies to stack updates you perform directly, as well as stack updates performed using change sets. Note Resources that are retained continue to exist and continue to incur applicable charges until you delete those resources. Snapshots that are created with this policy continue to exist and continue to incur applicable charges until you delete those snapshots. UpdateReplacePolicy retains the old physical resource or snapshot, but removes it from AWS CloudFormation's scope. UpdateReplacePolicy differs from the DeletionPolicy attribute in that it only applies to resources replaced during stack updates. Use DeletionPolicy for resources deleted when a stack is deleted, or when the resource definition itself is deleted from the template as part of a stack update. You must use one of the following options: "Delete","Retain","Snapshot" .PARAMETER DependsOn With the DependsOn attribute you can specify that the creation of a specific resource follows another. When you add a DependsOn attribute to a resource, that resource is created only after the creation of the resource specified in the DependsOn attribute. This parameter takes a string or list of strings representing Logical IDs of resources that must be created prior to this resource being created. .PARAMETER Metadata The Metadata attribute enables you to associate structured data with a resource. By adding a Metadata attribute to a resource, you can add data in JSON or YAML to the resource declaration. In addition, you can use intrinsic functions (such as GetAtt and Ref), parameters, and pseudo parameters within the Metadata attribute to add those interpreted values. This will be returned when describing the resource using AWS CLI. .PARAMETER UpdatePolicy Use the UpdatePolicy attribute to specify how AWS CloudFormation handles updates to the AWS::AutoScaling::AutoScalingGroup resource. AWS CloudFormation invokes one of three update policies depending on the type of change you make or whether a scheduled action is associated with the Auto Scaling group. You must use the "Add-UpdatePolicy" function or the [UpdatePolicy] class here. .PARAMETER Condition Logical ID of the condition that this resource needs to be true in order for this resource to be provisioned. .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolDomain])] [cmdletbinding()] Param( [parameter(Mandatory = $true,Position = 0)] [ValidateLogicalId()] [string] $LogicalId, [parameter(Mandatory = $true)] [object] $UserPoolId, [parameter(Mandatory = $false)] $CustomDomainConfig, [parameter(Mandatory = $true)] [object] $Domain, [parameter()] [DeletionPolicy] $DeletionPolicy, [parameter()] [UpdateReplacePolicy] $UpdateReplacePolicy, [parameter(Mandatory = $false)] [string[]] $DependsOn, [parameter(Mandatory = $false)] [VSJson] $Metadata, [parameter(Mandatory = $false)] [UpdatePolicy] $UpdatePolicy, [parameter(Mandatory = $false)] [string] $Condition ) Process { $obj = [CognitoUserPoolDomain]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'New-VSCognitoUserPoolDomain' function New-VSCognitoUserPoolGroup { <# .SYNOPSIS Adds an AWS::Cognito::UserPoolGroup resource to the template. Specifies a new group in the identified user pool. .DESCRIPTION Adds an AWS::Cognito::UserPoolGroup resource to the template. Specifies a new group in the identified user pool. Calling this action requires developer credentials. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolgroup.html .PARAMETER LogicalId The logical ID must be alphanumeric (A-Za-z0-9) and unique within the template. Use the logical name to reference the resource in other parts of the template. For example, if you want to map an Amazon Elastic Block Store volume to an Amazon EC2 instance, you reference the logical IDs to associate the block stores with the instance. .PARAMETER GroupName The name of the group. Must be unique. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolgroup.html#cfn-cognito-userpoolgroup-groupname PrimitiveType: String UpdateType: Immutable .PARAMETER Description A string containing the description of the group. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolgroup.html#cfn-cognito-userpoolgroup-description PrimitiveType: String UpdateType: Mutable .PARAMETER UserPoolId The user pool ID for the user pool. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolgroup.html#cfn-cognito-userpoolgroup-userpoolid PrimitiveType: String UpdateType: Immutable .PARAMETER Precedence A nonnegative integer value that specifies the precedence of this group relative to the other groups that a user can belong to in the user pool. Zero is the highest precedence value. Groups with lower Precedence values take precedence over groups with higher or null Precedence values. If a user belongs to two or more groups, it is the group with the lowest precedence value whose role ARN will be used in the cognito:roles and cognito:preferred_role claims in the user's tokens. Two groups can have the same Precedence value. If this happens, neither group takes precedence over the other. If two groups with the same Precedence have the same role ARN, that role is used in the cognito:preferred_role claim in tokens for users in each group. If the two groups have different role ARNs, the cognito:preferred_role claim is not set in users' tokens. The default Precedence value is null. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolgroup.html#cfn-cognito-userpoolgroup-precedence PrimitiveType: Double UpdateType: Mutable .PARAMETER RoleArn The role ARN for the group. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolgroup.html#cfn-cognito-userpoolgroup-rolearn PrimitiveType: String UpdateType: Mutable .PARAMETER DeletionPolicy With the DeletionPolicy attribute you can preserve or (in some cases) backup a resource when its stack is deleted. You specify a DeletionPolicy attribute for each resource that you want to control. If a resource has no DeletionPolicy attribute, AWS CloudFormation deletes the resource by default. To keep a resource when its stack is deleted, specify Retain for that resource. You can use retain for any resource. For example, you can retain a nested stack, S3 bucket, or EC2 instance so that you can continue to use or modify those resources after you delete their stacks. You must use one of the following options: "Delete","Retain","Snapshot" .PARAMETER UpdateReplacePolicy Use the UpdateReplacePolicy attribute to retain or (in some cases) backup the existing physical instance of a resource when it is replaced during a stack update operation. When you initiate a stack update, AWS CloudFormation updates resources based on differences between what you submit and the stack's current template and parameters. If you update a resource property that requires that the resource be replaced, AWS CloudFormation recreates the resource during the update. Recreating the resource generates a new physical ID. AWS CloudFormation creates the replacement resource first, and then changes references from other dependent resources to point to the replacement resource. By default, AWS CloudFormation then deletes the old resource. Using the UpdateReplacePolicy, you can specify that AWS CloudFormation retain or (in some cases) create a snapshot of the old resource. For resources that support snapshots, such as AWS::EC2::Volume, specify Snapshot to have AWS CloudFormation create a snapshot before deleting the old resource instance. You can apply the UpdateReplacePolicy attribute to any resource. UpdateReplacePolicy is only executed if you update a resource property whose update behavior is specified as Replacement, thereby causing AWS CloudFormation to replace the old resource with a new one with a new physical ID. For example, if you update the Engine property of an AWS::RDS::DBInstance resource type, AWS CloudFormation creates a new resource and replaces the current DB instance resource with the new one. The UpdateReplacePolicy attribute would then dictate whether AWS CloudFormation deleted, retained, or created a snapshot of the old DB instance. The update behavior for each property of a resource is specified in the reference topic for that resource in the AWS Resource and Property Types Reference. For more information on resource update behavior, see Update Behaviors of Stack Resources. The UpdateReplacePolicy attribute applies to stack updates you perform directly, as well as stack updates performed using change sets. Note Resources that are retained continue to exist and continue to incur applicable charges until you delete those resources. Snapshots that are created with this policy continue to exist and continue to incur applicable charges until you delete those snapshots. UpdateReplacePolicy retains the old physical resource or snapshot, but removes it from AWS CloudFormation's scope. UpdateReplacePolicy differs from the DeletionPolicy attribute in that it only applies to resources replaced during stack updates. Use DeletionPolicy for resources deleted when a stack is deleted, or when the resource definition itself is deleted from the template as part of a stack update. You must use one of the following options: "Delete","Retain","Snapshot" .PARAMETER DependsOn With the DependsOn attribute you can specify that the creation of a specific resource follows another. When you add a DependsOn attribute to a resource, that resource is created only after the creation of the resource specified in the DependsOn attribute. This parameter takes a string or list of strings representing Logical IDs of resources that must be created prior to this resource being created. .PARAMETER Metadata The Metadata attribute enables you to associate structured data with a resource. By adding a Metadata attribute to a resource, you can add data in JSON or YAML to the resource declaration. In addition, you can use intrinsic functions (such as GetAtt and Ref), parameters, and pseudo parameters within the Metadata attribute to add those interpreted values. This will be returned when describing the resource using AWS CLI. .PARAMETER UpdatePolicy Use the UpdatePolicy attribute to specify how AWS CloudFormation handles updates to the AWS::AutoScaling::AutoScalingGroup resource. AWS CloudFormation invokes one of three update policies depending on the type of change you make or whether a scheduled action is associated with the Auto Scaling group. You must use the "Add-UpdatePolicy" function or the [UpdatePolicy] class here. .PARAMETER Condition Logical ID of the condition that this resource needs to be true in order for this resource to be provisioned. .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolGroup])] [cmdletbinding()] Param( [parameter(Mandatory = $true,Position = 0)] [ValidateLogicalId()] [string] $LogicalId, [parameter(Mandatory = $false)] [object] $GroupName, [parameter(Mandatory = $false)] [object] $Description, [parameter(Mandatory = $true)] [object] $UserPoolId, [parameter(Mandatory = $false)] [object] $Precedence, [parameter(Mandatory = $false)] [object] $RoleArn, [parameter()] [DeletionPolicy] $DeletionPolicy, [parameter()] [UpdateReplacePolicy] $UpdateReplacePolicy, [parameter(Mandatory = $false)] [string[]] $DependsOn, [parameter(Mandatory = $false)] [VSJson] $Metadata, [parameter(Mandatory = $false)] [UpdatePolicy] $UpdatePolicy, [parameter(Mandatory = $false)] [string] $Condition ) Process { $obj = [CognitoUserPoolGroup]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'New-VSCognitoUserPoolGroup' function New-VSCognitoUserPoolIdentityProvider { <# .SYNOPSIS Adds an AWS::Cognito::UserPoolIdentityProvider resource to the template. The AWS::Cognito::UserPoolIdentityProvider resource creates an identity provider for a user pool. .DESCRIPTION Adds an AWS::Cognito::UserPoolIdentityProvider resource to the template. The AWS::Cognito::UserPoolIdentityProvider resource creates an identity provider for a user pool. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolidentityprovider.html .PARAMETER LogicalId The logical ID must be alphanumeric (A-Za-z0-9) and unique within the template. Use the logical name to reference the resource in other parts of the template. For example, if you want to map an Amazon Elastic Block Store volume to an Amazon EC2 instance, you reference the logical IDs to associate the block stores with the instance. .PARAMETER ProviderName The identity provider name. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolidentityprovider.html#cfn-cognito-userpoolidentityprovider-providername PrimitiveType: String UpdateType: Immutable .PARAMETER UserPoolId The user pool ID. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolidentityprovider.html#cfn-cognito-userpoolidentityprovider-userpoolid PrimitiveType: String UpdateType: Immutable .PARAMETER AttributeMapping A mapping of identity provider attributes to standard and custom user pool attributes. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolidentityprovider.html#cfn-cognito-userpoolidentityprovider-attributemapping PrimitiveType: Json UpdateType: Mutable .PARAMETER ProviderDetails The identity provider details. The following list describes the provider detail keys for each identity provider type. + For Google and Login with Amazon: + client_id + client_secret + authorize_scopes + For Facebook: + client_id + client_secret + authorize_scopes + api_version + For Sign in with Apple: + client_id + team_id + key_id + private_key + authorize_scopes + For OIDC providers: + client_id + client_secret + attributes_request_method + oidc_issuer + authorize_scopes + authorize_url *if not available from discovery URL specified by oidc_issuer key* + token_url *if not available from discovery URL specified by oidc_issuer key* + attributes_url *if not available from discovery URL specified by oidc_issuer key* + jwks_uri *if not available from discovery URL specified by oidc_issuer key* + For SAML providers: + MetadataFile OR MetadataURL + IDPSignout *optional* Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolidentityprovider.html#cfn-cognito-userpoolidentityprovider-providerdetails PrimitiveType: Json UpdateType: Mutable .PARAMETER ProviderType The identity provider type. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolidentityprovider.html#cfn-cognito-userpoolidentityprovider-providertype PrimitiveType: String UpdateType: Immutable .PARAMETER IdpIdentifiers A list of identity provider identifiers. PrimitiveItemType: String Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolidentityprovider.html#cfn-cognito-userpoolidentityprovider-idpidentifiers UpdateType: Mutable .PARAMETER DeletionPolicy With the DeletionPolicy attribute you can preserve or (in some cases) backup a resource when its stack is deleted. You specify a DeletionPolicy attribute for each resource that you want to control. If a resource has no DeletionPolicy attribute, AWS CloudFormation deletes the resource by default. To keep a resource when its stack is deleted, specify Retain for that resource. You can use retain for any resource. For example, you can retain a nested stack, S3 bucket, or EC2 instance so that you can continue to use or modify those resources after you delete their stacks. You must use one of the following options: "Delete","Retain","Snapshot" .PARAMETER UpdateReplacePolicy Use the UpdateReplacePolicy attribute to retain or (in some cases) backup the existing physical instance of a resource when it is replaced during a stack update operation. When you initiate a stack update, AWS CloudFormation updates resources based on differences between what you submit and the stack's current template and parameters. If you update a resource property that requires that the resource be replaced, AWS CloudFormation recreates the resource during the update. Recreating the resource generates a new physical ID. AWS CloudFormation creates the replacement resource first, and then changes references from other dependent resources to point to the replacement resource. By default, AWS CloudFormation then deletes the old resource. Using the UpdateReplacePolicy, you can specify that AWS CloudFormation retain or (in some cases) create a snapshot of the old resource. For resources that support snapshots, such as AWS::EC2::Volume, specify Snapshot to have AWS CloudFormation create a snapshot before deleting the old resource instance. You can apply the UpdateReplacePolicy attribute to any resource. UpdateReplacePolicy is only executed if you update a resource property whose update behavior is specified as Replacement, thereby causing AWS CloudFormation to replace the old resource with a new one with a new physical ID. For example, if you update the Engine property of an AWS::RDS::DBInstance resource type, AWS CloudFormation creates a new resource and replaces the current DB instance resource with the new one. The UpdateReplacePolicy attribute would then dictate whether AWS CloudFormation deleted, retained, or created a snapshot of the old DB instance. The update behavior for each property of a resource is specified in the reference topic for that resource in the AWS Resource and Property Types Reference. For more information on resource update behavior, see Update Behaviors of Stack Resources. The UpdateReplacePolicy attribute applies to stack updates you perform directly, as well as stack updates performed using change sets. Note Resources that are retained continue to exist and continue to incur applicable charges until you delete those resources. Snapshots that are created with this policy continue to exist and continue to incur applicable charges until you delete those snapshots. UpdateReplacePolicy retains the old physical resource or snapshot, but removes it from AWS CloudFormation's scope. UpdateReplacePolicy differs from the DeletionPolicy attribute in that it only applies to resources replaced during stack updates. Use DeletionPolicy for resources deleted when a stack is deleted, or when the resource definition itself is deleted from the template as part of a stack update. You must use one of the following options: "Delete","Retain","Snapshot" .PARAMETER DependsOn With the DependsOn attribute you can specify that the creation of a specific resource follows another. When you add a DependsOn attribute to a resource, that resource is created only after the creation of the resource specified in the DependsOn attribute. This parameter takes a string or list of strings representing Logical IDs of resources that must be created prior to this resource being created. .PARAMETER Metadata The Metadata attribute enables you to associate structured data with a resource. By adding a Metadata attribute to a resource, you can add data in JSON or YAML to the resource declaration. In addition, you can use intrinsic functions (such as GetAtt and Ref), parameters, and pseudo parameters within the Metadata attribute to add those interpreted values. This will be returned when describing the resource using AWS CLI. .PARAMETER UpdatePolicy Use the UpdatePolicy attribute to specify how AWS CloudFormation handles updates to the AWS::AutoScaling::AutoScalingGroup resource. AWS CloudFormation invokes one of three update policies depending on the type of change you make or whether a scheduled action is associated with the Auto Scaling group. You must use the "Add-UpdatePolicy" function or the [UpdatePolicy] class here. .PARAMETER Condition Logical ID of the condition that this resource needs to be true in order for this resource to be provisioned. .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolIdentityProvider])] [cmdletbinding()] Param( [parameter(Mandatory = $true,Position = 0)] [ValidateLogicalId()] [string] $LogicalId, [parameter(Mandatory = $true)] [object] $ProviderName, [parameter(Mandatory = $true)] [object] $UserPoolId, [parameter(Mandatory = $false)] [VSJson] $AttributeMapping, [parameter(Mandatory = $false)] [VSJson] $ProviderDetails, [parameter(Mandatory = $true)] [object] $ProviderType, [parameter(Mandatory = $false)] $IdpIdentifiers, [parameter()] [DeletionPolicy] $DeletionPolicy, [parameter()] [UpdateReplacePolicy] $UpdateReplacePolicy, [parameter(Mandatory = $false)] [string[]] $DependsOn, [parameter(Mandatory = $false)] [VSJson] $Metadata, [parameter(Mandatory = $false)] [UpdatePolicy] $UpdatePolicy, [parameter(Mandatory = $false)] [string] $Condition ) Process { $obj = [CognitoUserPoolIdentityProvider]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'New-VSCognitoUserPoolIdentityProvider' function New-VSCognitoUserPoolResourceServer { <# .SYNOPSIS Adds an AWS::Cognito::UserPoolResourceServer resource to the template. The AWS::Cognito::UserPoolResourceServer resource creates a new OAuth2.0 resource server and defines custom scopes in it. .DESCRIPTION Adds an AWS::Cognito::UserPoolResourceServer resource to the template. The AWS::Cognito::UserPoolResourceServer resource creates a new OAuth2.0 resource server and defines custom scopes in it. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolresourceserver.html .PARAMETER LogicalId The logical ID must be alphanumeric (A-Za-z0-9) and unique within the template. Use the logical name to reference the resource in other parts of the template. For example, if you want to map an Amazon Elastic Block Store volume to an Amazon EC2 instance, you reference the logical IDs to associate the block stores with the instance. .PARAMETER UserPoolId The user pool ID for the user pool. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolresourceserver.html#cfn-cognito-userpoolresourceserver-userpoolid PrimitiveType: String UpdateType: Immutable .PARAMETER Identifier A unique resource server identifier for the resource server. This could be an HTTPS endpoint where the resource server is located. For example: https://my-weather-api.example.com. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolresourceserver.html#cfn-cognito-userpoolresourceserver-identifier PrimitiveType: String UpdateType: Immutable .PARAMETER Scopes The scopes. Each scope is a map, where the keys are name and the values are description for the scope. Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolresourceserver.html#cfn-cognito-userpoolresourceserver-scopes ItemType: ResourceServerScopeType UpdateType: Mutable .PARAMETER Name A friendly name for the resource server. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolresourceserver.html#cfn-cognito-userpoolresourceserver-name PrimitiveType: String UpdateType: Mutable .PARAMETER DeletionPolicy With the DeletionPolicy attribute you can preserve or (in some cases) backup a resource when its stack is deleted. You specify a DeletionPolicy attribute for each resource that you want to control. If a resource has no DeletionPolicy attribute, AWS CloudFormation deletes the resource by default. To keep a resource when its stack is deleted, specify Retain for that resource. You can use retain for any resource. For example, you can retain a nested stack, S3 bucket, or EC2 instance so that you can continue to use or modify those resources after you delete their stacks. You must use one of the following options: "Delete","Retain","Snapshot" .PARAMETER UpdateReplacePolicy Use the UpdateReplacePolicy attribute to retain or (in some cases) backup the existing physical instance of a resource when it is replaced during a stack update operation. When you initiate a stack update, AWS CloudFormation updates resources based on differences between what you submit and the stack's current template and parameters. If you update a resource property that requires that the resource be replaced, AWS CloudFormation recreates the resource during the update. Recreating the resource generates a new physical ID. AWS CloudFormation creates the replacement resource first, and then changes references from other dependent resources to point to the replacement resource. By default, AWS CloudFormation then deletes the old resource. Using the UpdateReplacePolicy, you can specify that AWS CloudFormation retain or (in some cases) create a snapshot of the old resource. For resources that support snapshots, such as AWS::EC2::Volume, specify Snapshot to have AWS CloudFormation create a snapshot before deleting the old resource instance. You can apply the UpdateReplacePolicy attribute to any resource. UpdateReplacePolicy is only executed if you update a resource property whose update behavior is specified as Replacement, thereby causing AWS CloudFormation to replace the old resource with a new one with a new physical ID. For example, if you update the Engine property of an AWS::RDS::DBInstance resource type, AWS CloudFormation creates a new resource and replaces the current DB instance resource with the new one. The UpdateReplacePolicy attribute would then dictate whether AWS CloudFormation deleted, retained, or created a snapshot of the old DB instance. The update behavior for each property of a resource is specified in the reference topic for that resource in the AWS Resource and Property Types Reference. For more information on resource update behavior, see Update Behaviors of Stack Resources. The UpdateReplacePolicy attribute applies to stack updates you perform directly, as well as stack updates performed using change sets. Note Resources that are retained continue to exist and continue to incur applicable charges until you delete those resources. Snapshots that are created with this policy continue to exist and continue to incur applicable charges until you delete those snapshots. UpdateReplacePolicy retains the old physical resource or snapshot, but removes it from AWS CloudFormation's scope. UpdateReplacePolicy differs from the DeletionPolicy attribute in that it only applies to resources replaced during stack updates. Use DeletionPolicy for resources deleted when a stack is deleted, or when the resource definition itself is deleted from the template as part of a stack update. You must use one of the following options: "Delete","Retain","Snapshot" .PARAMETER DependsOn With the DependsOn attribute you can specify that the creation of a specific resource follows another. When you add a DependsOn attribute to a resource, that resource is created only after the creation of the resource specified in the DependsOn attribute. This parameter takes a string or list of strings representing Logical IDs of resources that must be created prior to this resource being created. .PARAMETER Metadata The Metadata attribute enables you to associate structured data with a resource. By adding a Metadata attribute to a resource, you can add data in JSON or YAML to the resource declaration. In addition, you can use intrinsic functions (such as GetAtt and Ref), parameters, and pseudo parameters within the Metadata attribute to add those interpreted values. This will be returned when describing the resource using AWS CLI. .PARAMETER UpdatePolicy Use the UpdatePolicy attribute to specify how AWS CloudFormation handles updates to the AWS::AutoScaling::AutoScalingGroup resource. AWS CloudFormation invokes one of three update policies depending on the type of change you make or whether a scheduled action is associated with the Auto Scaling group. You must use the "Add-UpdatePolicy" function or the [UpdatePolicy] class here. .PARAMETER Condition Logical ID of the condition that this resource needs to be true in order for this resource to be provisioned. .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolResourceServer])] [cmdletbinding()] Param( [parameter(Mandatory = $true,Position = 0)] [ValidateLogicalId()] [string] $LogicalId, [parameter(Mandatory = $true)] [object] $UserPoolId, [parameter(Mandatory = $true)] [object] $Identifier, [parameter(Mandatory = $false)] [object] $Scopes, [parameter(Mandatory = $true)] [object] $Name, [parameter()] [DeletionPolicy] $DeletionPolicy, [parameter()] [UpdateReplacePolicy] $UpdateReplacePolicy, [parameter(Mandatory = $false)] [string[]] $DependsOn, [parameter(Mandatory = $false)] [VSJson] $Metadata, [parameter(Mandatory = $false)] [UpdatePolicy] $UpdatePolicy, [parameter(Mandatory = $false)] [string] $Condition ) Process { $obj = [CognitoUserPoolResourceServer]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'New-VSCognitoUserPoolResourceServer' function New-VSCognitoUserPoolRiskConfigurationAttachment { <# .SYNOPSIS Adds an AWS::Cognito::UserPoolRiskConfigurationAttachment resource to the template. The AWS::Cognito::UserPoolRiskConfigurationAttachment resource sets the risk configuration that is used for Amazon Cognito advanced security features. .DESCRIPTION Adds an AWS::Cognito::UserPoolRiskConfigurationAttachment resource to the template. The AWS::Cognito::UserPoolRiskConfigurationAttachment resource sets the risk configuration that is used for Amazon Cognito advanced security features. You can specify risk configuration for a single client (with a specific clientId or for all clients (by setting the clientId to ALL. If you specify ALL, the default configuration is used for every client that has had no risk configuration set previously. If you specify risk configuration for a particular client, it no longer falls back to the ALL configuration. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolriskconfigurationattachment.html .PARAMETER LogicalId The logical ID must be alphanumeric (A-Za-z0-9) and unique within the template. Use the logical name to reference the resource in other parts of the template. For example, if you want to map an Amazon Elastic Block Store volume to an Amazon EC2 instance, you reference the logical IDs to associate the block stores with the instance. .PARAMETER CompromisedCredentialsRiskConfiguration The compromised credentials risk configuration object including the EventFilter and the EventAction Type: CompromisedCredentialsRiskConfigurationType Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolriskconfigurationattachment.html#cfn-cognito-userpoolriskconfigurationattachment-compromisedcredentialsriskconfiguration UpdateType: Mutable .PARAMETER UserPoolId The user pool ID. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolriskconfigurationattachment.html#cfn-cognito-userpoolriskconfigurationattachment-userpoolid PrimitiveType: String UpdateType: Immutable .PARAMETER ClientId The app client ID. You can specify the risk configuration for a single client with a specific ClientId or for all clients by setting the ClientId to ALL. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolriskconfigurationattachment.html#cfn-cognito-userpoolriskconfigurationattachment-clientid PrimitiveType: String UpdateType: Immutable .PARAMETER AccountTakeoverRiskConfiguration The account takeover risk configuration object including the NotifyConfiguration object and Actions to take in the case of an account takeover. Type: AccountTakeoverRiskConfigurationType Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolriskconfigurationattachment.html#cfn-cognito-userpoolriskconfigurationattachment-accounttakeoverriskconfiguration UpdateType: Mutable .PARAMETER RiskExceptionConfiguration The configuration to override the risk decision. Type: RiskExceptionConfigurationType Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolriskconfigurationattachment.html#cfn-cognito-userpoolriskconfigurationattachment-riskexceptionconfiguration UpdateType: Mutable .PARAMETER DeletionPolicy With the DeletionPolicy attribute you can preserve or (in some cases) backup a resource when its stack is deleted. You specify a DeletionPolicy attribute for each resource that you want to control. If a resource has no DeletionPolicy attribute, AWS CloudFormation deletes the resource by default. To keep a resource when its stack is deleted, specify Retain for that resource. You can use retain for any resource. For example, you can retain a nested stack, S3 bucket, or EC2 instance so that you can continue to use or modify those resources after you delete their stacks. You must use one of the following options: "Delete","Retain","Snapshot" .PARAMETER UpdateReplacePolicy Use the UpdateReplacePolicy attribute to retain or (in some cases) backup the existing physical instance of a resource when it is replaced during a stack update operation. When you initiate a stack update, AWS CloudFormation updates resources based on differences between what you submit and the stack's current template and parameters. If you update a resource property that requires that the resource be replaced, AWS CloudFormation recreates the resource during the update. Recreating the resource generates a new physical ID. AWS CloudFormation creates the replacement resource first, and then changes references from other dependent resources to point to the replacement resource. By default, AWS CloudFormation then deletes the old resource. Using the UpdateReplacePolicy, you can specify that AWS CloudFormation retain or (in some cases) create a snapshot of the old resource. For resources that support snapshots, such as AWS::EC2::Volume, specify Snapshot to have AWS CloudFormation create a snapshot before deleting the old resource instance. You can apply the UpdateReplacePolicy attribute to any resource. UpdateReplacePolicy is only executed if you update a resource property whose update behavior is specified as Replacement, thereby causing AWS CloudFormation to replace the old resource with a new one with a new physical ID. For example, if you update the Engine property of an AWS::RDS::DBInstance resource type, AWS CloudFormation creates a new resource and replaces the current DB instance resource with the new one. The UpdateReplacePolicy attribute would then dictate whether AWS CloudFormation deleted, retained, or created a snapshot of the old DB instance. The update behavior for each property of a resource is specified in the reference topic for that resource in the AWS Resource and Property Types Reference. For more information on resource update behavior, see Update Behaviors of Stack Resources. The UpdateReplacePolicy attribute applies to stack updates you perform directly, as well as stack updates performed using change sets. Note Resources that are retained continue to exist and continue to incur applicable charges until you delete those resources. Snapshots that are created with this policy continue to exist and continue to incur applicable charges until you delete those snapshots. UpdateReplacePolicy retains the old physical resource or snapshot, but removes it from AWS CloudFormation's scope. UpdateReplacePolicy differs from the DeletionPolicy attribute in that it only applies to resources replaced during stack updates. Use DeletionPolicy for resources deleted when a stack is deleted, or when the resource definition itself is deleted from the template as part of a stack update. You must use one of the following options: "Delete","Retain","Snapshot" .PARAMETER DependsOn With the DependsOn attribute you can specify that the creation of a specific resource follows another. When you add a DependsOn attribute to a resource, that resource is created only after the creation of the resource specified in the DependsOn attribute. This parameter takes a string or list of strings representing Logical IDs of resources that must be created prior to this resource being created. .PARAMETER Metadata The Metadata attribute enables you to associate structured data with a resource. By adding a Metadata attribute to a resource, you can add data in JSON or YAML to the resource declaration. In addition, you can use intrinsic functions (such as GetAtt and Ref), parameters, and pseudo parameters within the Metadata attribute to add those interpreted values. This will be returned when describing the resource using AWS CLI. .PARAMETER UpdatePolicy Use the UpdatePolicy attribute to specify how AWS CloudFormation handles updates to the AWS::AutoScaling::AutoScalingGroup resource. AWS CloudFormation invokes one of three update policies depending on the type of change you make or whether a scheduled action is associated with the Auto Scaling group. You must use the "Add-UpdatePolicy" function or the [UpdatePolicy] class here. .PARAMETER Condition Logical ID of the condition that this resource needs to be true in order for this resource to be provisioned. .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolRiskConfigurationAttachment])] [cmdletbinding()] [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingPlainTextForPassword","CompromisedCredentialsRiskConfiguration")] [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSAvoidUsingUserNameAndPasswordParams","CompromisedCredentialsRiskConfiguration")] Param( [parameter(Mandatory = $true,Position = 0)] [ValidateLogicalId()] [string] $LogicalId, [parameter(Mandatory = $false)] $CompromisedCredentialsRiskConfiguration, [parameter(Mandatory = $true)] [object] $UserPoolId, [parameter(Mandatory = $true)] [object] $ClientId, [parameter(Mandatory = $false)] $AccountTakeoverRiskConfiguration, [parameter(Mandatory = $false)] $RiskExceptionConfiguration, [parameter()] [DeletionPolicy] $DeletionPolicy, [parameter()] [UpdateReplacePolicy] $UpdateReplacePolicy, [parameter(Mandatory = $false)] [string[]] $DependsOn, [parameter(Mandatory = $false)] [VSJson] $Metadata, [parameter(Mandatory = $false)] [UpdatePolicy] $UpdatePolicy, [parameter(Mandatory = $false)] [string] $Condition ) Process { $obj = [CognitoUserPoolRiskConfigurationAttachment]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'New-VSCognitoUserPoolRiskConfigurationAttachment' function New-VSCognitoUserPoolUICustomizationAttachment { <# .SYNOPSIS Adds an AWS::Cognito::UserPoolUICustomizationAttachment resource to the template. The AWS::Cognito::UserPoolUICustomizationAttachment resource sets the UI customization information for a user pool's built-in app UI. .DESCRIPTION Adds an AWS::Cognito::UserPoolUICustomizationAttachment resource to the template. The AWS::Cognito::UserPoolUICustomizationAttachment resource sets the UI customization information for a user pool's built-in app UI. You can specify app UI customization settings for a single client (with a specific clientId or for all clients (by setting the clientId to ALL. If you specify ALL, the default configuration is used for every client that has had no UI customization set previously. If you specify UI customization settings for a particular client, it no longer falls back to the ALL configuration. **Note** Before you create this resource, your user pool must have a domain associated with it. You can create an AWS::Cognito::UserPoolDomain resource first in this user pool. Setting a logo image isn't supported from AWS CloudFormation. Use the Amazon Cognito SetUICustomization: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUICustomization.html#API_SetUICustomization_RequestSyntax API operation to set the image. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpooluicustomizationattachment.html .PARAMETER LogicalId The logical ID must be alphanumeric (A-Za-z0-9) and unique within the template. Use the logical name to reference the resource in other parts of the template. For example, if you want to map an Amazon Elastic Block Store volume to an Amazon EC2 instance, you reference the logical IDs to associate the block stores with the instance. .PARAMETER CSS The CSS values in the UI customization. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpooluicustomizationattachment.html#cfn-cognito-userpooluicustomizationattachment-css PrimitiveType: String UpdateType: Mutable .PARAMETER UserPoolId The user pool ID for the user pool. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpooluicustomizationattachment.html#cfn-cognito-userpooluicustomizationattachment-userpoolid PrimitiveType: String UpdateType: Immutable .PARAMETER ClientId The client ID for the client app. You can specify the UI customization settings for a single client with a specific clientId or for all clients by setting the clientId to ALL. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpooluicustomizationattachment.html#cfn-cognito-userpooluicustomizationattachment-clientid PrimitiveType: String UpdateType: Immutable .PARAMETER DeletionPolicy With the DeletionPolicy attribute you can preserve or (in some cases) backup a resource when its stack is deleted. You specify a DeletionPolicy attribute for each resource that you want to control. If a resource has no DeletionPolicy attribute, AWS CloudFormation deletes the resource by default. To keep a resource when its stack is deleted, specify Retain for that resource. You can use retain for any resource. For example, you can retain a nested stack, S3 bucket, or EC2 instance so that you can continue to use or modify those resources after you delete their stacks. You must use one of the following options: "Delete","Retain","Snapshot" .PARAMETER UpdateReplacePolicy Use the UpdateReplacePolicy attribute to retain or (in some cases) backup the existing physical instance of a resource when it is replaced during a stack update operation. When you initiate a stack update, AWS CloudFormation updates resources based on differences between what you submit and the stack's current template and parameters. If you update a resource property that requires that the resource be replaced, AWS CloudFormation recreates the resource during the update. Recreating the resource generates a new physical ID. AWS CloudFormation creates the replacement resource first, and then changes references from other dependent resources to point to the replacement resource. By default, AWS CloudFormation then deletes the old resource. Using the UpdateReplacePolicy, you can specify that AWS CloudFormation retain or (in some cases) create a snapshot of the old resource. For resources that support snapshots, such as AWS::EC2::Volume, specify Snapshot to have AWS CloudFormation create a snapshot before deleting the old resource instance. You can apply the UpdateReplacePolicy attribute to any resource. UpdateReplacePolicy is only executed if you update a resource property whose update behavior is specified as Replacement, thereby causing AWS CloudFormation to replace the old resource with a new one with a new physical ID. For example, if you update the Engine property of an AWS::RDS::DBInstance resource type, AWS CloudFormation creates a new resource and replaces the current DB instance resource with the new one. The UpdateReplacePolicy attribute would then dictate whether AWS CloudFormation deleted, retained, or created a snapshot of the old DB instance. The update behavior for each property of a resource is specified in the reference topic for that resource in the AWS Resource and Property Types Reference. For more information on resource update behavior, see Update Behaviors of Stack Resources. The UpdateReplacePolicy attribute applies to stack updates you perform directly, as well as stack updates performed using change sets. Note Resources that are retained continue to exist and continue to incur applicable charges until you delete those resources. Snapshots that are created with this policy continue to exist and continue to incur applicable charges until you delete those snapshots. UpdateReplacePolicy retains the old physical resource or snapshot, but removes it from AWS CloudFormation's scope. UpdateReplacePolicy differs from the DeletionPolicy attribute in that it only applies to resources replaced during stack updates. Use DeletionPolicy for resources deleted when a stack is deleted, or when the resource definition itself is deleted from the template as part of a stack update. You must use one of the following options: "Delete","Retain","Snapshot" .PARAMETER DependsOn With the DependsOn attribute you can specify that the creation of a specific resource follows another. When you add a DependsOn attribute to a resource, that resource is created only after the creation of the resource specified in the DependsOn attribute. This parameter takes a string or list of strings representing Logical IDs of resources that must be created prior to this resource being created. .PARAMETER Metadata The Metadata attribute enables you to associate structured data with a resource. By adding a Metadata attribute to a resource, you can add data in JSON or YAML to the resource declaration. In addition, you can use intrinsic functions (such as GetAtt and Ref), parameters, and pseudo parameters within the Metadata attribute to add those interpreted values. This will be returned when describing the resource using AWS CLI. .PARAMETER UpdatePolicy Use the UpdatePolicy attribute to specify how AWS CloudFormation handles updates to the AWS::AutoScaling::AutoScalingGroup resource. AWS CloudFormation invokes one of three update policies depending on the type of change you make or whether a scheduled action is associated with the Auto Scaling group. You must use the "Add-UpdatePolicy" function or the [UpdatePolicy] class here. .PARAMETER Condition Logical ID of the condition that this resource needs to be true in order for this resource to be provisioned. .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolUICustomizationAttachment])] [cmdletbinding()] Param( [parameter(Mandatory = $true,Position = 0)] [ValidateLogicalId()] [string] $LogicalId, [parameter(Mandatory = $false)] [object] $CSS, [parameter(Mandatory = $true)] [object] $UserPoolId, [parameter(Mandatory = $true)] [object] $ClientId, [parameter()] [DeletionPolicy] $DeletionPolicy, [parameter()] [UpdateReplacePolicy] $UpdateReplacePolicy, [parameter(Mandatory = $false)] [string[]] $DependsOn, [parameter(Mandatory = $false)] [VSJson] $Metadata, [parameter(Mandatory = $false)] [UpdatePolicy] $UpdatePolicy, [parameter(Mandatory = $false)] [string] $Condition ) Process { $obj = [CognitoUserPoolUICustomizationAttachment]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'New-VSCognitoUserPoolUICustomizationAttachment' function New-VSCognitoUserPoolUser { <# .SYNOPSIS Adds an AWS::Cognito::UserPoolUser resource to the template. The AWS::Cognito::UserPoolUser resource creates an Amazon Cognito user pool user. .DESCRIPTION Adds an AWS::Cognito::UserPoolUser resource to the template. The AWS::Cognito::UserPoolUser resource creates an Amazon Cognito user pool user. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpooluser.html .PARAMETER LogicalId The logical ID must be alphanumeric (A-Za-z0-9) and unique within the template. Use the logical name to reference the resource in other parts of the template. For example, if you want to map an Amazon Elastic Block Store volume to an Amazon EC2 instance, you reference the logical IDs to associate the block stores with the instance. .PARAMETER ValidationData The user's validation data. This is an array of name-value pairs that contain user attributes and attribute values that you can use for custom validation, such as restricting the types of user accounts that can be registered. For example, you might choose to allow or disallow user sign-up based on the user's domain. To configure custom validation, you must create a Pre Sign-up Lambda trigger for the user pool as described in the Amazon Cognito Developer Guide. The Lambda trigger receives the validation data and uses it in the validation process. The user's validation data is not persisted. Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpooluser.html#cfn-cognito-userpooluser-validationdata ItemType: AttributeType UpdateType: Immutable .PARAMETER UserPoolId The user pool ID for the user pool where the user will be created. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpooluser.html#cfn-cognito-userpooluser-userpoolid PrimitiveType: String UpdateType: Immutable .PARAMETER Username The username for the user. Must be unique within the user pool. Must be a UTF-8 string between 1 and 128 characters. After the user is created, the username cannot be changed. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpooluser.html#cfn-cognito-userpooluser-username PrimitiveType: String UpdateType: Immutable .PARAMETER MessageAction Set to "RESEND" to resend the invitation message to a user that already exists and reset the expiration limit on the user's account. Set to "SUPPRESS" to suppress sending the message. Only one value can be specified. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpooluser.html#cfn-cognito-userpooluser-messageaction PrimitiveType: String UpdateType: Immutable .PARAMETER ClientMetadata A map of custom key-value pairs that you can provide as input for the custom workflow that is invoked by the *pre sign-up* trigger. You create custom workflows by assigning AWS Lambda functions to user pool triggers. When you create a UserPoolUser resource and include the ClientMetadata property, Amazon Cognito invokes the function that is assigned to the *pre sign-up* trigger. When Amazon Cognito invokes this function, it passes a JSON payload, which the function receives as input. This payload contains a clientMetadata attribute, which provides the data that you assigned to the ClientMetadata property. In your function code in AWS Lambda, you can process the clientMetadata value to enhance your workflow for your specific needs. For more information, see Customizing User Pool Workflows with Lambda Triggers: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html in the *Amazon Cognito Developer Guide*. Take the following limitations into consideration when you use the ClientMetadata parameter: + Amazon Cognito does not store the ClientMetadata value. This data is available only to AWS Lambda triggers that are assigned to a user pool to support custom workflows. If your user pool configuration does not include triggers, the ClientMetadata parameter serves no purpose. + Amazon Cognito does not validate the ClientMetadata value. + Amazon Cognito does not encrypt the the ClientMetadata value, so don't use it to provide sensitive information. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpooluser.html#cfn-cognito-userpooluser-clientmetadata PrimitiveType: Json UpdateType: Immutable .PARAMETER DesiredDeliveryMediums Specify "EMAIL" if email will be used to send the welcome message. Specify "SMS" if the phone number will be used. The default value is "SMS". More than one value can be specified. PrimitiveItemType: String Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpooluser.html#cfn-cognito-userpooluser-desireddeliverymediums UpdateType: Immutable .PARAMETER ForceAliasCreation This parameter is only used if the phone_number_verified or email_verified attribute is set to True. Otherwise, it is ignored. If this parameter is set to True and the phone number or email address specified in the UserAttributes parameter already exists as an alias with a different user, the API call will migrate the alias from the previous user to the newly created user. The previous user will no longer be able to log in using that alias. If this parameter is set to False, the API throws an AliasExistsException error if the alias already exists. The default value is False. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpooluser.html#cfn-cognito-userpooluser-forcealiascreation PrimitiveType: Boolean UpdateType: Immutable .PARAMETER UserAttributes The user attributes and attribute values to be set for the user to be created. These are name-value pairs You can create a user without specifying any attributes other than Username. However, any attributes that you specify as required in https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html or in the **Attributes** tab of the console must be supplied either by you in your call to AdminCreateUser or by the user when they sign up in response to your welcome message. For custom attributes, you must prepend the custom: prefix to the attribute name. To send a message inviting the user to sign up, you must specify the user's email address or phone number. This can be done in your call to AdminCreateUser or in the **Users** tab of the Amazon Cognito console for managing your user pools. In your call to AdminCreateUser, you can set the email_verified attribute to True, and you can set the phone_number_verified attribute to True. You can also do this by calling https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminUpdateUserAttributes.html: https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_AdminUpdateUserAttributes.html. + **email**: The email address of the user to whom the message that contains the code and user name will be sent. Required if the email_verified attribute is set to True, or if "EMAIL" is specified in the DesiredDeliveryMediums parameter. + **phone_number**: The phone number of the user to whom the message that contains the code and user name will be sent. Required if the phone_number_verified attribute is set to True, or if "SMS" is specified in the DesiredDeliveryMediums parameter. Type: List Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpooluser.html#cfn-cognito-userpooluser-userattributes ItemType: AttributeType UpdateType: Immutable .PARAMETER DeletionPolicy With the DeletionPolicy attribute you can preserve or (in some cases) backup a resource when its stack is deleted. You specify a DeletionPolicy attribute for each resource that you want to control. If a resource has no DeletionPolicy attribute, AWS CloudFormation deletes the resource by default. To keep a resource when its stack is deleted, specify Retain for that resource. You can use retain for any resource. For example, you can retain a nested stack, S3 bucket, or EC2 instance so that you can continue to use or modify those resources after you delete their stacks. You must use one of the following options: "Delete","Retain","Snapshot" .PARAMETER UpdateReplacePolicy Use the UpdateReplacePolicy attribute to retain or (in some cases) backup the existing physical instance of a resource when it is replaced during a stack update operation. When you initiate a stack update, AWS CloudFormation updates resources based on differences between what you submit and the stack's current template and parameters. If you update a resource property that requires that the resource be replaced, AWS CloudFormation recreates the resource during the update. Recreating the resource generates a new physical ID. AWS CloudFormation creates the replacement resource first, and then changes references from other dependent resources to point to the replacement resource. By default, AWS CloudFormation then deletes the old resource. Using the UpdateReplacePolicy, you can specify that AWS CloudFormation retain or (in some cases) create a snapshot of the old resource. For resources that support snapshots, such as AWS::EC2::Volume, specify Snapshot to have AWS CloudFormation create a snapshot before deleting the old resource instance. You can apply the UpdateReplacePolicy attribute to any resource. UpdateReplacePolicy is only executed if you update a resource property whose update behavior is specified as Replacement, thereby causing AWS CloudFormation to replace the old resource with a new one with a new physical ID. For example, if you update the Engine property of an AWS::RDS::DBInstance resource type, AWS CloudFormation creates a new resource and replaces the current DB instance resource with the new one. The UpdateReplacePolicy attribute would then dictate whether AWS CloudFormation deleted, retained, or created a snapshot of the old DB instance. The update behavior for each property of a resource is specified in the reference topic for that resource in the AWS Resource and Property Types Reference. For more information on resource update behavior, see Update Behaviors of Stack Resources. The UpdateReplacePolicy attribute applies to stack updates you perform directly, as well as stack updates performed using change sets. Note Resources that are retained continue to exist and continue to incur applicable charges until you delete those resources. Snapshots that are created with this policy continue to exist and continue to incur applicable charges until you delete those snapshots. UpdateReplacePolicy retains the old physical resource or snapshot, but removes it from AWS CloudFormation's scope. UpdateReplacePolicy differs from the DeletionPolicy attribute in that it only applies to resources replaced during stack updates. Use DeletionPolicy for resources deleted when a stack is deleted, or when the resource definition itself is deleted from the template as part of a stack update. You must use one of the following options: "Delete","Retain","Snapshot" .PARAMETER DependsOn With the DependsOn attribute you can specify that the creation of a specific resource follows another. When you add a DependsOn attribute to a resource, that resource is created only after the creation of the resource specified in the DependsOn attribute. This parameter takes a string or list of strings representing Logical IDs of resources that must be created prior to this resource being created. .PARAMETER Metadata The Metadata attribute enables you to associate structured data with a resource. By adding a Metadata attribute to a resource, you can add data in JSON or YAML to the resource declaration. In addition, you can use intrinsic functions (such as GetAtt and Ref), parameters, and pseudo parameters within the Metadata attribute to add those interpreted values. This will be returned when describing the resource using AWS CLI. .PARAMETER UpdatePolicy Use the UpdatePolicy attribute to specify how AWS CloudFormation handles updates to the AWS::AutoScaling::AutoScalingGroup resource. AWS CloudFormation invokes one of three update policies depending on the type of change you make or whether a scheduled action is associated with the Auto Scaling group. You must use the "Add-UpdatePolicy" function or the [UpdatePolicy] class here. .PARAMETER Condition Logical ID of the condition that this resource needs to be true in order for this resource to be provisioned. .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolUser])] [cmdletbinding()] Param( [parameter(Mandatory = $true,Position = 0)] [ValidateLogicalId()] [string] $LogicalId, [parameter(Mandatory = $false)] [object] $ValidationData, [parameter(Mandatory = $true)] [object] $UserPoolId, [parameter(Mandatory = $false)] [object] $Username, [parameter(Mandatory = $false)] [object] $MessageAction, [parameter(Mandatory = $false)] [VSJson] $ClientMetadata, [parameter(Mandatory = $false)] $DesiredDeliveryMediums, [parameter(Mandatory = $false)] [object] $ForceAliasCreation, [parameter(Mandatory = $false)] [object] $UserAttributes, [parameter()] [DeletionPolicy] $DeletionPolicy, [parameter()] [UpdateReplacePolicy] $UpdateReplacePolicy, [parameter(Mandatory = $false)] [string[]] $DependsOn, [parameter(Mandatory = $false)] [VSJson] $Metadata, [parameter(Mandatory = $false)] [UpdatePolicy] $UpdatePolicy, [parameter(Mandatory = $false)] [string] $Condition ) Process { $obj = [CognitoUserPoolUser]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'New-VSCognitoUserPoolUser' function New-VSCognitoUserPoolUserToGroupAttachment { <# .SYNOPSIS Adds an AWS::Cognito::UserPoolUserToGroupAttachment resource to the template. Adds the specified user to the specified group. .DESCRIPTION Adds an AWS::Cognito::UserPoolUserToGroupAttachment resource to the template. Adds the specified user to the specified group. Calling this action requires developer credentials. .LINK http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolusertogroupattachment.html .PARAMETER LogicalId The logical ID must be alphanumeric (A-Za-z0-9) and unique within the template. Use the logical name to reference the resource in other parts of the template. For example, if you want to map an Amazon Elastic Block Store volume to an Amazon EC2 instance, you reference the logical IDs to associate the block stores with the instance. .PARAMETER GroupName The group name. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolusertogroupattachment.html#cfn-cognito-userpoolusertogroupattachment-groupname PrimitiveType: String UpdateType: Immutable .PARAMETER UserPoolId The user pool ID for the user pool. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolusertogroupattachment.html#cfn-cognito-userpoolusertogroupattachment-userpoolid PrimitiveType: String UpdateType: Immutable .PARAMETER Username The username for the user. Documentation: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cognito-userpoolusertogroupattachment.html#cfn-cognito-userpoolusertogroupattachment-username PrimitiveType: String UpdateType: Immutable .PARAMETER DeletionPolicy With the DeletionPolicy attribute you can preserve or (in some cases) backup a resource when its stack is deleted. You specify a DeletionPolicy attribute for each resource that you want to control. If a resource has no DeletionPolicy attribute, AWS CloudFormation deletes the resource by default. To keep a resource when its stack is deleted, specify Retain for that resource. You can use retain for any resource. For example, you can retain a nested stack, S3 bucket, or EC2 instance so that you can continue to use or modify those resources after you delete their stacks. You must use one of the following options: "Delete","Retain","Snapshot" .PARAMETER UpdateReplacePolicy Use the UpdateReplacePolicy attribute to retain or (in some cases) backup the existing physical instance of a resource when it is replaced during a stack update operation. When you initiate a stack update, AWS CloudFormation updates resources based on differences between what you submit and the stack's current template and parameters. If you update a resource property that requires that the resource be replaced, AWS CloudFormation recreates the resource during the update. Recreating the resource generates a new physical ID. AWS CloudFormation creates the replacement resource first, and then changes references from other dependent resources to point to the replacement resource. By default, AWS CloudFormation then deletes the old resource. Using the UpdateReplacePolicy, you can specify that AWS CloudFormation retain or (in some cases) create a snapshot of the old resource. For resources that support snapshots, such as AWS::EC2::Volume, specify Snapshot to have AWS CloudFormation create a snapshot before deleting the old resource instance. You can apply the UpdateReplacePolicy attribute to any resource. UpdateReplacePolicy is only executed if you update a resource property whose update behavior is specified as Replacement, thereby causing AWS CloudFormation to replace the old resource with a new one with a new physical ID. For example, if you update the Engine property of an AWS::RDS::DBInstance resource type, AWS CloudFormation creates a new resource and replaces the current DB instance resource with the new one. The UpdateReplacePolicy attribute would then dictate whether AWS CloudFormation deleted, retained, or created a snapshot of the old DB instance. The update behavior for each property of a resource is specified in the reference topic for that resource in the AWS Resource and Property Types Reference. For more information on resource update behavior, see Update Behaviors of Stack Resources. The UpdateReplacePolicy attribute applies to stack updates you perform directly, as well as stack updates performed using change sets. Note Resources that are retained continue to exist and continue to incur applicable charges until you delete those resources. Snapshots that are created with this policy continue to exist and continue to incur applicable charges until you delete those snapshots. UpdateReplacePolicy retains the old physical resource or snapshot, but removes it from AWS CloudFormation's scope. UpdateReplacePolicy differs from the DeletionPolicy attribute in that it only applies to resources replaced during stack updates. Use DeletionPolicy for resources deleted when a stack is deleted, or when the resource definition itself is deleted from the template as part of a stack update. You must use one of the following options: "Delete","Retain","Snapshot" .PARAMETER DependsOn With the DependsOn attribute you can specify that the creation of a specific resource follows another. When you add a DependsOn attribute to a resource, that resource is created only after the creation of the resource specified in the DependsOn attribute. This parameter takes a string or list of strings representing Logical IDs of resources that must be created prior to this resource being created. .PARAMETER Metadata The Metadata attribute enables you to associate structured data with a resource. By adding a Metadata attribute to a resource, you can add data in JSON or YAML to the resource declaration. In addition, you can use intrinsic functions (such as GetAtt and Ref), parameters, and pseudo parameters within the Metadata attribute to add those interpreted values. This will be returned when describing the resource using AWS CLI. .PARAMETER UpdatePolicy Use the UpdatePolicy attribute to specify how AWS CloudFormation handles updates to the AWS::AutoScaling::AutoScalingGroup resource. AWS CloudFormation invokes one of three update policies depending on the type of change you make or whether a scheduled action is associated with the Auto Scaling group. You must use the "Add-UpdatePolicy" function or the [UpdatePolicy] class here. .PARAMETER Condition Logical ID of the condition that this resource needs to be true in order for this resource to be provisioned. .FUNCTIONALITY Vaporshell #> [OutputType([CognitoUserPoolUserToGroupAttachment])] [cmdletbinding()] Param( [parameter(Mandatory = $true,Position = 0)] [ValidateLogicalId()] [string] $LogicalId, [parameter(Mandatory = $true)] [object] $GroupName, [parameter(Mandatory = $true)] [object] $UserPoolId, [parameter(Mandatory = $true)] [object] $Username, [parameter()] [DeletionPolicy] $DeletionPolicy, [parameter()] [UpdateReplacePolicy] $UpdateReplacePolicy, [parameter(Mandatory = $false)] [string[]] $DependsOn, [parameter(Mandatory = $false)] [VSJson] $Metadata, [parameter(Mandatory = $false)] [UpdatePolicy] $UpdatePolicy, [parameter(Mandatory = $false)] [string] $Condition ) Process { $obj = [CognitoUserPoolUserToGroupAttachment]::new($PSBoundParameters) Write-Debug "$($MyInvocation.MyCommand) PSBoundParameters:`n$($PSBoundParameters | ConvertTo-Json -Depth 20 | Format-Json)" Write-Verbose "Resulting object from $($MyInvocation.MyCommand): `n$($obj.ToJson() | Format-Json)" $obj } } Export-ModuleMember -Function 'New-VSCognitoUserPoolUserToGroupAttachment' |