I’m trying to deploy a configuration allowing my Cognito User Pool to enable Advanced security with the following configuration.
The deployment doesn’t fail, cloudFormation shows “Update Complete”. But when I go to the AWS console and look at this Cognito User Pool, it’s still showing as “Advanced security” disabled.
Is this AWS::Cognito:: UserPoolRiskConfigurationAttachment implemented in Serverless v3?
myUserPool:
Type: AWS::Cognito::UserPool
...
myUserPoolClient:
Type: AWS::Cognito::UserPoolClient
DeletionPolicy: Retain
Properties:
ClientName: myClientName
GenerateSecret: False
UserPoolId:
Ref: myUserPool
PreventUserExistenceErrors: ENABLED
myUserPoolRiskConfigurationAttachment:
Type: AWS::Cognito::UserPoolRiskConfigurationAttachment
Properties:
UserPoolId:
Ref: myUserPool
ClientId:
Ref: myUserPoolClient
CompromisedCredentialsRiskConfiguration:
Actions:
EventAction: BLOCK
EventFilter:
- SIGN_IN
- PASSWORD_CHANGE
- SIGN_UP
AccountTakeoverRiskConfiguration:
Actions:
LowAction:
Notify: true
EventAction: NO_ACTION
MediumAction:
Notify: true
EventAction: BLOCK
HighAction:
Notify: true
EventAction: BLOCK