jobStateTimeLimitActions) {
+ if (jobStateTimeLimitActions == null) {
+ throw new MissingRequiredPropertyException("GetJobQueueResult", "jobStateTimeLimitActions");
+ }
+ this.jobStateTimeLimitActions = jobStateTimeLimitActions;
+ return this;
+ }
+ public Builder jobStateTimeLimitActions(GetJobQueueJobStateTimeLimitAction... jobStateTimeLimitActions) {
+ return jobStateTimeLimitActions(List.of(jobStateTimeLimitActions));
+ }
+ @CustomType.Setter
public Builder name(String name) {
if (name == null) {
throw new MissingRequiredPropertyException("GetJobQueueResult", "name");
@@ -261,6 +295,7 @@ public GetJobQueueResult build() {
_resultValue.arn = arn;
_resultValue.computeEnvironmentOrders = computeEnvironmentOrders;
_resultValue.id = id;
+ _resultValue.jobStateTimeLimitActions = jobStateTimeLimitActions;
_resultValue.name = name;
_resultValue.priority = priority;
_resultValue.schedulingPolicyArn = schedulingPolicyArn;
diff --git a/sdk/java/src/main/java/com/pulumi/aws/batch/outputs/JobQueueJobStateTimeLimitAction.java b/sdk/java/src/main/java/com/pulumi/aws/batch/outputs/JobQueueJobStateTimeLimitAction.java
new file mode 100644
index 00000000000..0fe7d0f1ea0
--- /dev/null
+++ b/sdk/java/src/main/java/com/pulumi/aws/batch/outputs/JobQueueJobStateTimeLimitAction.java
@@ -0,0 +1,122 @@
+// *** WARNING: this file was generated by pulumi-java-gen. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+package com.pulumi.aws.batch.outputs;
+
+import com.pulumi.core.annotations.CustomType;
+import com.pulumi.exceptions.MissingRequiredPropertyException;
+import java.lang.Integer;
+import java.lang.String;
+import java.util.Objects;
+
+@CustomType
+public final class JobQueueJobStateTimeLimitAction {
+ /**
+ * @return The action to take when a job is at the head of the job queue in the specified state for the specified period of time. Valid values include `"CANCEL"`
+ * * `job_state_time_limit_action.#.max_time_seconds` - The approximate amount of time, in seconds, that must pass with the job in the specified state before the action is taken. Valid values include integers between `600` & `86400`
+ *
+ */
+ private String action;
+ private Integer maxTimeSeconds;
+ /**
+ * @return The reason to log for the action being taken.
+ *
+ */
+ private String reason;
+ /**
+ * @return The state of the job needed to trigger the action. Valid values include `"RUNNABLE"`.
+ *
+ */
+ private String state;
+
+ private JobQueueJobStateTimeLimitAction() {}
+ /**
+ * @return The action to take when a job is at the head of the job queue in the specified state for the specified period of time. Valid values include `"CANCEL"`
+ * * `job_state_time_limit_action.#.max_time_seconds` - The approximate amount of time, in seconds, that must pass with the job in the specified state before the action is taken. Valid values include integers between `600` & `86400`
+ *
+ */
+ public String action() {
+ return this.action;
+ }
+ public Integer maxTimeSeconds() {
+ return this.maxTimeSeconds;
+ }
+ /**
+ * @return The reason to log for the action being taken.
+ *
+ */
+ public String reason() {
+ return this.reason;
+ }
+ /**
+ * @return The state of the job needed to trigger the action. Valid values include `"RUNNABLE"`.
+ *
+ */
+ public String state() {
+ return this.state;
+ }
+
+ public static Builder builder() {
+ return new Builder();
+ }
+
+ public static Builder builder(JobQueueJobStateTimeLimitAction defaults) {
+ return new Builder(defaults);
+ }
+ @CustomType.Builder
+ public static final class Builder {
+ private String action;
+ private Integer maxTimeSeconds;
+ private String reason;
+ private String state;
+ public Builder() {}
+ public Builder(JobQueueJobStateTimeLimitAction defaults) {
+ Objects.requireNonNull(defaults);
+ this.action = defaults.action;
+ this.maxTimeSeconds = defaults.maxTimeSeconds;
+ this.reason = defaults.reason;
+ this.state = defaults.state;
+ }
+
+ @CustomType.Setter
+ public Builder action(String action) {
+ if (action == null) {
+ throw new MissingRequiredPropertyException("JobQueueJobStateTimeLimitAction", "action");
+ }
+ this.action = action;
+ return this;
+ }
+ @CustomType.Setter
+ public Builder maxTimeSeconds(Integer maxTimeSeconds) {
+ if (maxTimeSeconds == null) {
+ throw new MissingRequiredPropertyException("JobQueueJobStateTimeLimitAction", "maxTimeSeconds");
+ }
+ this.maxTimeSeconds = maxTimeSeconds;
+ return this;
+ }
+ @CustomType.Setter
+ public Builder reason(String reason) {
+ if (reason == null) {
+ throw new MissingRequiredPropertyException("JobQueueJobStateTimeLimitAction", "reason");
+ }
+ this.reason = reason;
+ return this;
+ }
+ @CustomType.Setter
+ public Builder state(String state) {
+ if (state == null) {
+ throw new MissingRequiredPropertyException("JobQueueJobStateTimeLimitAction", "state");
+ }
+ this.state = state;
+ return this;
+ }
+ public JobQueueJobStateTimeLimitAction build() {
+ final var _resultValue = new JobQueueJobStateTimeLimitAction();
+ _resultValue.action = action;
+ _resultValue.maxTimeSeconds = maxTimeSeconds;
+ _resultValue.reason = reason;
+ _resultValue.state = state;
+ return _resultValue;
+ }
+ }
+}
diff --git a/sdk/java/src/main/java/com/pulumi/aws/cloudfront/ResponseHeadersPolicy.java b/sdk/java/src/main/java/com/pulumi/aws/cloudfront/ResponseHeadersPolicy.java
index 36ea64f9479..1671d1f6489 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/cloudfront/ResponseHeadersPolicy.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/cloudfront/ResponseHeadersPolicy.java
@@ -129,7 +129,7 @@
*
* <!--End PulumiCodeChooser -->
*
- * The example below creates a CloudFront response headers policy with a custom headers config and server timing headers config.
+ * The example below creates a CloudFront response headers policy with a custom headers config, remove headers config and server timing headers config.
*
* <!--Start PulumiCodeChooser -->
*
@@ -142,6 +142,7 @@
* import com.pulumi.aws.cloudfront.ResponseHeadersPolicy;
* import com.pulumi.aws.cloudfront.ResponseHeadersPolicyArgs;
* import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyCustomHeadersConfigArgs;
+ * import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyRemoveHeadersConfigArgs;
* import com.pulumi.aws.cloudfront.inputs.ResponseHeadersPolicyServerTimingHeadersConfigArgs;
* import java.util.List;
* import java.util.ArrayList;
@@ -165,6 +166,11 @@
* .value("none")
* .build())
* .build())
+ * .removeHeadersConfig(ResponseHeadersPolicyRemoveHeadersConfigArgs.builder()
+ * .items(ResponseHeadersPolicyRemoveHeadersConfigItemArgs.builder()
+ * .header("Set-Cookie")
+ * .build())
+ * .build())
* .serverTimingHeadersConfig(ResponseHeadersPolicyServerTimingHeadersConfigArgs.builder()
* .enabled(true)
* .samplingRate(50)
diff --git a/sdk/java/src/main/java/com/pulumi/aws/cognito/ManagedUserPoolClient.java b/sdk/java/src/main/java/com/pulumi/aws/cognito/ManagedUserPoolClient.java
index ecf3bf8e42f..f68aa38a810 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/cognito/ManagedUserPoolClient.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/cognito/ManagedUserPoolClient.java
@@ -160,42 +160,42 @@ public Output accessTokenValidity() {
return this.accessTokenValidity;
}
/**
- * List of allowed OAuth flows, including code, implicit, and client_credentials.
+ * List of allowed OAuth flows, including `code`, `implicit`, and `client_credentials`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
@Export(name="allowedOauthFlows", refs={List.class,String.class}, tree="[0,1]")
private Output> allowedOauthFlows;
/**
- * @return List of allowed OAuth flows, including code, implicit, and client_credentials.
+ * @return List of allowed OAuth flows, including `code`, `implicit`, and `client_credentials`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
public Output> allowedOauthFlows() {
return this.allowedOauthFlows;
}
/**
- * Whether the client is allowed to use the OAuth protocol when interacting with Cognito user pools.
+ * Whether the client is allowed to use OAuth 2.0 features. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure the following arguments: `callback_urls`, `logout_urls`, `allowed_oauth_scopes` and `allowed_oauth_flows`.
*
*/
@Export(name="allowedOauthFlowsUserPoolClient", refs={Boolean.class}, tree="[0]")
private Output allowedOauthFlowsUserPoolClient;
/**
- * @return Whether the client is allowed to use the OAuth protocol when interacting with Cognito user pools.
+ * @return Whether the client is allowed to use OAuth 2.0 features. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure the following arguments: `callback_urls`, `logout_urls`, `allowed_oauth_scopes` and `allowed_oauth_flows`.
*
*/
public Output allowedOauthFlowsUserPoolClient() {
return this.allowedOauthFlowsUserPoolClient;
}
/**
- * List of allowed OAuth scopes, including phone, email, openid, profile, and aws.cognito.signin.user.admin.
+ * List of allowed OAuth scopes, including `phone`, `email`, `openid`, `profile`, and `aws.cognito.signin.user.admin`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
@Export(name="allowedOauthScopes", refs={List.class,String.class}, tree="[0,1]")
private Output> allowedOauthScopes;
/**
- * @return List of allowed OAuth scopes, including phone, email, openid, profile, and aws.cognito.signin.user.admin.
+ * @return List of allowed OAuth scopes, including `phone`, `email`, `openid`, `profile`, and `aws.cognito.signin.user.admin`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
public Output> allowedOauthScopes() {
@@ -230,14 +230,14 @@ public Output authSessionValidity() {
return this.authSessionValidity;
}
/**
- * List of allowed callback URLs for the identity providers.
+ * List of allowed callback URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
@Export(name="callbackUrls", refs={List.class,String.class}, tree="[0,1]")
private Output> callbackUrls;
/**
- * @return List of allowed callback URLs for the identity providers.
+ * @return List of allowed callback URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
public Output> callbackUrls() {
@@ -328,14 +328,14 @@ public Output idTokenValidity() {
return this.idTokenValidity;
}
/**
- * List of allowed logout URLs for the identity providers.
+ * List of allowed logout URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
@Export(name="logoutUrls", refs={List.class,String.class}, tree="[0,1]")
private Output> logoutUrls;
/**
- * @return List of allowed logout URLs for the identity providers.
+ * @return List of allowed logout URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
public Output> logoutUrls() {
diff --git a/sdk/java/src/main/java/com/pulumi/aws/cognito/ManagedUserPoolClientArgs.java b/sdk/java/src/main/java/com/pulumi/aws/cognito/ManagedUserPoolClientArgs.java
index 2a7fb860805..f5741ad6c33 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/cognito/ManagedUserPoolClientArgs.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/cognito/ManagedUserPoolClientArgs.java
@@ -37,14 +37,14 @@ public Optional> accessTokenValidity() {
}
/**
- * List of allowed OAuth flows, including code, implicit, and client_credentials.
+ * List of allowed OAuth flows, including `code`, `implicit`, and `client_credentials`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
@Import(name="allowedOauthFlows")
private @Nullable Output> allowedOauthFlows;
/**
- * @return List of allowed OAuth flows, including code, implicit, and client_credentials.
+ * @return List of allowed OAuth flows, including `code`, `implicit`, and `client_credentials`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
public Optional>> allowedOauthFlows() {
@@ -52,14 +52,14 @@ public Optional>> allowedOauthFlows() {
}
/**
- * Whether the client is allowed to use the OAuth protocol when interacting with Cognito user pools.
+ * Whether the client is allowed to use OAuth 2.0 features. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure the following arguments: `callback_urls`, `logout_urls`, `allowed_oauth_scopes` and `allowed_oauth_flows`.
*
*/
@Import(name="allowedOauthFlowsUserPoolClient")
private @Nullable Output allowedOauthFlowsUserPoolClient;
/**
- * @return Whether the client is allowed to use the OAuth protocol when interacting with Cognito user pools.
+ * @return Whether the client is allowed to use OAuth 2.0 features. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure the following arguments: `callback_urls`, `logout_urls`, `allowed_oauth_scopes` and `allowed_oauth_flows`.
*
*/
public Optional> allowedOauthFlowsUserPoolClient() {
@@ -67,14 +67,14 @@ public Optional> allowedOauthFlowsUserPoolClient() {
}
/**
- * List of allowed OAuth scopes, including phone, email, openid, profile, and aws.cognito.signin.user.admin.
+ * List of allowed OAuth scopes, including `phone`, `email`, `openid`, `profile`, and `aws.cognito.signin.user.admin`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
@Import(name="allowedOauthScopes")
private @Nullable Output> allowedOauthScopes;
/**
- * @return List of allowed OAuth scopes, including phone, email, openid, profile, and aws.cognito.signin.user.admin.
+ * @return List of allowed OAuth scopes, including `phone`, `email`, `openid`, `profile`, and `aws.cognito.signin.user.admin`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
public Optional>> allowedOauthScopes() {
@@ -112,14 +112,14 @@ public Optional> authSessionValidity() {
}
/**
- * List of allowed callback URLs for the identity providers.
+ * List of allowed callback URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
@Import(name="callbackUrls")
private @Nullable Output> callbackUrls;
/**
- * @return List of allowed callback URLs for the identity providers.
+ * @return List of allowed callback URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
public Optional>> callbackUrls() {
@@ -202,14 +202,14 @@ public Optional> idTokenValidity() {
}
/**
- * List of allowed logout URLs for the identity providers.
+ * List of allowed logout URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
@Import(name="logoutUrls")
private @Nullable Output> logoutUrls;
/**
- * @return List of allowed logout URLs for the identity providers.
+ * @return List of allowed logout URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
public Optional>> logoutUrls() {
@@ -422,7 +422,7 @@ public Builder accessTokenValidity(Integer accessTokenValidity) {
}
/**
- * @param allowedOauthFlows List of allowed OAuth flows, including code, implicit, and client_credentials.
+ * @param allowedOauthFlows List of allowed OAuth flows, including `code`, `implicit`, and `client_credentials`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
@@ -433,7 +433,7 @@ public Builder allowedOauthFlows(@Nullable Output> allowedOauthFlow
}
/**
- * @param allowedOauthFlows List of allowed OAuth flows, including code, implicit, and client_credentials.
+ * @param allowedOauthFlows List of allowed OAuth flows, including `code`, `implicit`, and `client_credentials`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
@@ -443,7 +443,7 @@ public Builder allowedOauthFlows(List allowedOauthFlows) {
}
/**
- * @param allowedOauthFlows List of allowed OAuth flows, including code, implicit, and client_credentials.
+ * @param allowedOauthFlows List of allowed OAuth flows, including `code`, `implicit`, and `client_credentials`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
@@ -453,7 +453,7 @@ public Builder allowedOauthFlows(String... allowedOauthFlows) {
}
/**
- * @param allowedOauthFlowsUserPoolClient Whether the client is allowed to use the OAuth protocol when interacting with Cognito user pools.
+ * @param allowedOauthFlowsUserPoolClient Whether the client is allowed to use OAuth 2.0 features. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure the following arguments: `callback_urls`, `logout_urls`, `allowed_oauth_scopes` and `allowed_oauth_flows`.
*
* @return builder
*
@@ -464,7 +464,7 @@ public Builder allowedOauthFlowsUserPoolClient(@Nullable Output allowed
}
/**
- * @param allowedOauthFlowsUserPoolClient Whether the client is allowed to use the OAuth protocol when interacting with Cognito user pools.
+ * @param allowedOauthFlowsUserPoolClient Whether the client is allowed to use OAuth 2.0 features. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure the following arguments: `callback_urls`, `logout_urls`, `allowed_oauth_scopes` and `allowed_oauth_flows`.
*
* @return builder
*
@@ -474,7 +474,7 @@ public Builder allowedOauthFlowsUserPoolClient(Boolean allowedOauthFlowsUserPool
}
/**
- * @param allowedOauthScopes List of allowed OAuth scopes, including phone, email, openid, profile, and aws.cognito.signin.user.admin.
+ * @param allowedOauthScopes List of allowed OAuth scopes, including `phone`, `email`, `openid`, `profile`, and `aws.cognito.signin.user.admin`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
@@ -485,7 +485,7 @@ public Builder allowedOauthScopes(@Nullable Output> allowedOauthSco
}
/**
- * @param allowedOauthScopes List of allowed OAuth scopes, including phone, email, openid, profile, and aws.cognito.signin.user.admin.
+ * @param allowedOauthScopes List of allowed OAuth scopes, including `phone`, `email`, `openid`, `profile`, and `aws.cognito.signin.user.admin`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
@@ -495,7 +495,7 @@ public Builder allowedOauthScopes(List allowedOauthScopes) {
}
/**
- * @param allowedOauthScopes List of allowed OAuth scopes, including phone, email, openid, profile, and aws.cognito.signin.user.admin.
+ * @param allowedOauthScopes List of allowed OAuth scopes, including `phone`, `email`, `openid`, `profile`, and `aws.cognito.signin.user.admin`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
@@ -547,7 +547,7 @@ public Builder authSessionValidity(Integer authSessionValidity) {
}
/**
- * @param callbackUrls List of allowed callback URLs for the identity providers.
+ * @param callbackUrls List of allowed callback URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
@@ -558,7 +558,7 @@ public Builder callbackUrls(@Nullable Output> callbackUrls) {
}
/**
- * @param callbackUrls List of allowed callback URLs for the identity providers.
+ * @param callbackUrls List of allowed callback URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
@@ -568,7 +568,7 @@ public Builder callbackUrls(List callbackUrls) {
}
/**
- * @param callbackUrls List of allowed callback URLs for the identity providers.
+ * @param callbackUrls List of allowed callback URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
@@ -693,7 +693,7 @@ public Builder idTokenValidity(Integer idTokenValidity) {
}
/**
- * @param logoutUrls List of allowed logout URLs for the identity providers.
+ * @param logoutUrls List of allowed logout URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
@@ -704,7 +704,7 @@ public Builder logoutUrls(@Nullable Output> logoutUrls) {
}
/**
- * @param logoutUrls List of allowed logout URLs for the identity providers.
+ * @param logoutUrls List of allowed logout URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
@@ -714,7 +714,7 @@ public Builder logoutUrls(List logoutUrls) {
}
/**
- * @param logoutUrls List of allowed logout URLs for the identity providers.
+ * @param logoutUrls List of allowed logout URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
diff --git a/sdk/java/src/main/java/com/pulumi/aws/cognito/UserPoolClient.java b/sdk/java/src/main/java/com/pulumi/aws/cognito/UserPoolClient.java
index 1c2f5717cc8..a25fae93f0d 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/cognito/UserPoolClient.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/cognito/UserPoolClient.java
@@ -273,102 +273,98 @@
@ResourceType(type="aws:cognito/userPoolClient:UserPoolClient")
public class UserPoolClient extends com.pulumi.resources.CustomResource {
/**
- * Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used.
- * By default, the unit is hours.
- * The unit can be overridden by a value in `token_validity_units.access_token`.
+ * Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.access_token`.
*
*/
@Export(name="accessTokenValidity", refs={Integer.class}, tree="[0]")
private Output accessTokenValidity;
/**
- * @return Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used.
- * By default, the unit is hours.
- * The unit can be overridden by a value in `token_validity_units.access_token`.
+ * @return Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.access_token`.
*
*/
public Output accessTokenValidity() {
return this.accessTokenValidity;
}
/**
- * List of allowed OAuth flows (code, implicit, client_credentials).
+ * List of allowed OAuth flows, including `code`, `implicit`, and `client_credentials`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
@Export(name="allowedOauthFlows", refs={List.class,String.class}, tree="[0,1]")
private Output> allowedOauthFlows;
/**
- * @return List of allowed OAuth flows (code, implicit, client_credentials).
+ * @return List of allowed OAuth flows, including `code`, `implicit`, and `client_credentials`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
public Output> allowedOauthFlows() {
return this.allowedOauthFlows;
}
/**
- * Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.
+ * Whether the client is allowed to use OAuth 2.0 features. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure the following arguments: `callback_urls`, `logout_urls`, `allowed_oauth_scopes` and `allowed_oauth_flows`.
*
*/
@Export(name="allowedOauthFlowsUserPoolClient", refs={Boolean.class}, tree="[0]")
private Output allowedOauthFlowsUserPoolClient;
/**
- * @return Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.
+ * @return Whether the client is allowed to use OAuth 2.0 features. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure the following arguments: `callback_urls`, `logout_urls`, `allowed_oauth_scopes` and `allowed_oauth_flows`.
*
*/
public Output allowedOauthFlowsUserPoolClient() {
return this.allowedOauthFlowsUserPoolClient;
}
/**
- * List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).
+ * List of allowed OAuth scopes, including `phone`, `email`, `openid`, `profile`, and `aws.cognito.signin.user.admin`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
@Export(name="allowedOauthScopes", refs={List.class,String.class}, tree="[0,1]")
private Output> allowedOauthScopes;
/**
- * @return List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).
+ * @return List of allowed OAuth scopes, including `phone`, `email`, `openid`, `profile`, and `aws.cognito.signin.user.admin`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
public Output> allowedOauthScopes() {
return this.allowedOauthScopes;
}
/**
- * Configuration block for Amazon Pinpoint analytics for collecting metrics for this user pool. Detailed below.
+ * Configuration block for Amazon Pinpoint analytics that collects metrics for this user pool. See details below.
*
*/
@Export(name="analyticsConfiguration", refs={UserPoolClientAnalyticsConfiguration.class}, tree="[0]")
private Output analyticsConfiguration;
/**
- * @return Configuration block for Amazon Pinpoint analytics for collecting metrics for this user pool. Detailed below.
+ * @return Configuration block for Amazon Pinpoint analytics that collects metrics for this user pool. See details below.
*
*/
public Output> analyticsConfiguration() {
return Codegen.optional(this.analyticsConfiguration);
}
/**
- * Amazon Cognito creates a session token for each API request in an authentication flow. AuthSessionValidity is the duration, in minutes, of that session token. Your user pool native user must respond to each authentication challenge before the session expires. Valid values between `3` and `15`. Default value is `3`.
+ * Duration, in minutes, of the session token created by Amazon Cognito for each API request in an authentication flow. The session token must be responded to by the native user of the user pool before it expires. Valid values for `auth_session_validity` are between `3` and `15`, with a default value of `3`.
*
*/
@Export(name="authSessionValidity", refs={Integer.class}, tree="[0]")
private Output authSessionValidity;
/**
- * @return Amazon Cognito creates a session token for each API request in an authentication flow. AuthSessionValidity is the duration, in minutes, of that session token. Your user pool native user must respond to each authentication challenge before the session expires. Valid values between `3` and `15`. Default value is `3`.
+ * @return Duration, in minutes, of the session token created by Amazon Cognito for each API request in an authentication flow. The session token must be responded to by the native user of the user pool before it expires. Valid values for `auth_session_validity` are between `3` and `15`, with a default value of `3`.
*
*/
public Output authSessionValidity() {
return this.authSessionValidity;
}
/**
- * List of allowed callback URLs for the identity providers.
+ * List of allowed callback URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
@Export(name="callbackUrls", refs={List.class,String.class}, tree="[0,1]")
private Output> callbackUrls;
/**
- * @return List of allowed callback URLs for the identity providers.
+ * @return List of allowed callback URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
public Output> callbackUrls() {
@@ -389,28 +385,28 @@ public Output clientSecret() {
return this.clientSecret;
}
/**
- * Default redirect URI. Must be in the list of callback URLs.
+ * Default redirect URI and must be included in the list of callback URLs.
*
*/
@Export(name="defaultRedirectUri", refs={String.class}, tree="[0]")
private Output defaultRedirectUri;
/**
- * @return Default redirect URI. Must be in the list of callback URLs.
+ * @return Default redirect URI and must be included in the list of callback URLs.
*
*/
public Output defaultRedirectUri() {
return this.defaultRedirectUri;
}
/**
- * Activates the propagation of additional user context data.
+ * Enables the propagation of additional user context data.
*
*/
@Export(name="enablePropagateAdditionalUserContextData", refs={Boolean.class}, tree="[0]")
private Output enablePropagateAdditionalUserContextData;
/**
- * @return Activates the propagation of additional user context data.
+ * @return Enables the propagation of additional user context data.
*
*/
public Output enablePropagateAdditionalUserContextData() {
@@ -431,60 +427,56 @@ public Output enableTokenRevocation() {
return this.enableTokenRevocation;
}
/**
- * List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, ALLOW_REFRESH_TOKEN_AUTH).
+ * List of authentication flows. The available options include ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_REFRESH_TOKEN_AUTH.
*
*/
@Export(name="explicitAuthFlows", refs={List.class,String.class}, tree="[0,1]")
private Output> explicitAuthFlows;
/**
- * @return List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, ALLOW_REFRESH_TOKEN_AUTH).
+ * @return List of authentication flows. The available options include ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_REFRESH_TOKEN_AUTH.
*
*/
public Output> explicitAuthFlows() {
return this.explicitAuthFlows;
}
/**
- * Should an application secret be generated.
+ * Boolean flag indicating whether an application secret should be generated.
*
*/
@Export(name="generateSecret", refs={Boolean.class}, tree="[0]")
private Output generateSecret;
/**
- * @return Should an application secret be generated.
+ * @return Boolean flag indicating whether an application secret should be generated.
*
*/
public Output> generateSecret() {
return Codegen.optional(this.generateSecret);
}
/**
- * Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used.
- * By default, the unit is hours.
- * The unit can be overridden by a value in `token_validity_units.id_token`.
+ * Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.id_token`.
*
*/
@Export(name="idTokenValidity", refs={Integer.class}, tree="[0]")
private Output idTokenValidity;
/**
- * @return Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used.
- * By default, the unit is hours.
- * The unit can be overridden by a value in `token_validity_units.id_token`.
+ * @return Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.id_token`.
*
*/
public Output idTokenValidity() {
return this.idTokenValidity;
}
/**
- * List of allowed logout URLs for the identity providers.
+ * List of allowed logout URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
@Export(name="logoutUrls", refs={List.class,String.class}, tree="[0,1]")
private Output> logoutUrls;
/**
- * @return List of allowed logout URLs for the identity providers.
+ * @return List of allowed logout URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
public Output> logoutUrls() {
@@ -505,74 +497,70 @@ public Output name() {
return this.name;
}
/**
- * Choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to `ENABLED` and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to `LEGACY`, those APIs will return a `UserNotFoundException` exception if the user does not exist in the user pool.
+ * Setting determines the errors and responses returned by Cognito APIs when a user does not exist in the user pool during authentication, account confirmation, and password recovery.
*
*/
@Export(name="preventUserExistenceErrors", refs={String.class}, tree="[0]")
private Output preventUserExistenceErrors;
/**
- * @return Choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to `ENABLED` and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to `LEGACY`, those APIs will return a `UserNotFoundException` exception if the user does not exist in the user pool.
+ * @return Setting determines the errors and responses returned by Cognito APIs when a user does not exist in the user pool during authentication, account confirmation, and password recovery.
*
*/
public Output preventUserExistenceErrors() {
return this.preventUserExistenceErrors;
}
/**
- * List of user pool attributes the application client can read from.
+ * List of user pool attributes that the application client can read from.
*
*/
@Export(name="readAttributes", refs={List.class,String.class}, tree="[0,1]")
private Output> readAttributes;
/**
- * @return List of user pool attributes the application client can read from.
+ * @return List of user pool attributes that the application client can read from.
*
*/
public Output> readAttributes() {
return this.readAttributes;
}
/**
- * Time limit, between 60 minutes and 10 years, after which the refresh token is no longer valid and cannot be used.
- * By default, the unit is days.
- * The unit can be overridden by a value in `token_validity_units.refresh_token`.
+ * Time limit, between 60 minutes and 10 years, after which the refresh token is no longer valid and cannot be used. By default, the unit is days. The unit can be overridden by a value in `token_validity_units.refresh_token`.
*
*/
@Export(name="refreshTokenValidity", refs={Integer.class}, tree="[0]")
private Output refreshTokenValidity;
/**
- * @return Time limit, between 60 minutes and 10 years, after which the refresh token is no longer valid and cannot be used.
- * By default, the unit is days.
- * The unit can be overridden by a value in `token_validity_units.refresh_token`.
+ * @return Time limit, between 60 minutes and 10 years, after which the refresh token is no longer valid and cannot be used. By default, the unit is days. The unit can be overridden by a value in `token_validity_units.refresh_token`.
*
*/
public Output refreshTokenValidity() {
return this.refreshTokenValidity;
}
/**
- * List of provider names for the identity providers that are supported on this client. Uses the `provider_name` attribute of `aws.cognito.IdentityProvider` resource(s), or the equivalent string(s).
+ * List of provider names for the identity providers that are supported on this client. It uses the `provider_name` attribute of the `aws.cognito.IdentityProvider` resource(s), or the equivalent string(s).
*
*/
@Export(name="supportedIdentityProviders", refs={List.class,String.class}, tree="[0,1]")
private Output> supportedIdentityProviders;
/**
- * @return List of provider names for the identity providers that are supported on this client. Uses the `provider_name` attribute of `aws.cognito.IdentityProvider` resource(s), or the equivalent string(s).
+ * @return List of provider names for the identity providers that are supported on this client. It uses the `provider_name` attribute of the `aws.cognito.IdentityProvider` resource(s), or the equivalent string(s).
*
*/
public Output> supportedIdentityProviders() {
return this.supportedIdentityProviders;
}
/**
- * Configuration block for units in which the validity times are represented in. Detailed below.
+ * Configuration block for representing the validity times in units. See details below. Detailed below.
*
*/
@Export(name="tokenValidityUnits", refs={UserPoolClientTokenValidityUnits.class}, tree="[0]")
private Output tokenValidityUnits;
/**
- * @return Configuration block for units in which the validity times are represented in. Detailed below.
+ * @return Configuration block for representing the validity times in units. See details below. Detailed below.
*
*/
public Output> tokenValidityUnits() {
@@ -597,14 +585,14 @@ public Output userPoolId() {
return this.userPoolId;
}
/**
- * List of user pool attributes the application client can write to.
+ * List of user pool attributes that the application client can write to.
*
*/
@Export(name="writeAttributes", refs={List.class,String.class}, tree="[0,1]")
private Output> writeAttributes;
/**
- * @return List of user pool attributes the application client can write to.
+ * @return List of user pool attributes that the application client can write to.
*
*/
public Output> writeAttributes() {
diff --git a/sdk/java/src/main/java/com/pulumi/aws/cognito/UserPoolClientArgs.java b/sdk/java/src/main/java/com/pulumi/aws/cognito/UserPoolClientArgs.java
index 7959a8fdbcd..75223733072 100644
--- a/sdk/java/src/main/java/com/pulumi/aws/cognito/UserPoolClientArgs.java
+++ b/sdk/java/src/main/java/com/pulumi/aws/cognito/UserPoolClientArgs.java
@@ -22,18 +22,14 @@ public final class UserPoolClientArgs extends com.pulumi.resources.ResourceArgs
public static final UserPoolClientArgs Empty = new UserPoolClientArgs();
/**
- * Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used.
- * By default, the unit is hours.
- * The unit can be overridden by a value in `token_validity_units.access_token`.
+ * Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.access_token`.
*
*/
@Import(name="accessTokenValidity")
private @Nullable Output accessTokenValidity;
/**
- * @return Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used.
- * By default, the unit is hours.
- * The unit can be overridden by a value in `token_validity_units.access_token`.
+ * @return Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.access_token`.
*
*/
public Optional> accessTokenValidity() {
@@ -41,14 +37,14 @@ public Optional> accessTokenValidity() {
}
/**
- * List of allowed OAuth flows (code, implicit, client_credentials).
+ * List of allowed OAuth flows, including `code`, `implicit`, and `client_credentials`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
@Import(name="allowedOauthFlows")
private @Nullable Output> allowedOauthFlows;
/**
- * @return List of allowed OAuth flows (code, implicit, client_credentials).
+ * @return List of allowed OAuth flows, including `code`, `implicit`, and `client_credentials`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
public Optional>> allowedOauthFlows() {
@@ -56,14 +52,14 @@ public Optional>> allowedOauthFlows() {
}
/**
- * Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.
+ * Whether the client is allowed to use OAuth 2.0 features. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure the following arguments: `callback_urls`, `logout_urls`, `allowed_oauth_scopes` and `allowed_oauth_flows`.
*
*/
@Import(name="allowedOauthFlowsUserPoolClient")
private @Nullable Output allowedOauthFlowsUserPoolClient;
/**
- * @return Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.
+ * @return Whether the client is allowed to use OAuth 2.0 features. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure the following arguments: `callback_urls`, `logout_urls`, `allowed_oauth_scopes` and `allowed_oauth_flows`.
*
*/
public Optional> allowedOauthFlowsUserPoolClient() {
@@ -71,14 +67,14 @@ public Optional> allowedOauthFlowsUserPoolClient() {
}
/**
- * List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).
+ * List of allowed OAuth scopes, including `phone`, `email`, `openid`, `profile`, and `aws.cognito.signin.user.admin`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
@Import(name="allowedOauthScopes")
private @Nullable Output> allowedOauthScopes;
/**
- * @return List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).
+ * @return List of allowed OAuth scopes, including `phone`, `email`, `openid`, `profile`, and `aws.cognito.signin.user.admin`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
public Optional>> allowedOauthScopes() {
@@ -86,14 +82,14 @@ public Optional>> allowedOauthScopes() {
}
/**
- * Configuration block for Amazon Pinpoint analytics for collecting metrics for this user pool. Detailed below.
+ * Configuration block for Amazon Pinpoint analytics that collects metrics for this user pool. See details below.
*
*/
@Import(name="analyticsConfiguration")
private @Nullable Output analyticsConfiguration;
/**
- * @return Configuration block for Amazon Pinpoint analytics for collecting metrics for this user pool. Detailed below.
+ * @return Configuration block for Amazon Pinpoint analytics that collects metrics for this user pool. See details below.
*
*/
public Optional> analyticsConfiguration() {
@@ -101,14 +97,14 @@ public Optional> analyticsConfi
}
/**
- * Amazon Cognito creates a session token for each API request in an authentication flow. AuthSessionValidity is the duration, in minutes, of that session token. Your user pool native user must respond to each authentication challenge before the session expires. Valid values between `3` and `15`. Default value is `3`.
+ * Duration, in minutes, of the session token created by Amazon Cognito for each API request in an authentication flow. The session token must be responded to by the native user of the user pool before it expires. Valid values for `auth_session_validity` are between `3` and `15`, with a default value of `3`.
*
*/
@Import(name="authSessionValidity")
private @Nullable Output authSessionValidity;
/**
- * @return Amazon Cognito creates a session token for each API request in an authentication flow. AuthSessionValidity is the duration, in minutes, of that session token. Your user pool native user must respond to each authentication challenge before the session expires. Valid values between `3` and `15`. Default value is `3`.
+ * @return Duration, in minutes, of the session token created by Amazon Cognito for each API request in an authentication flow. The session token must be responded to by the native user of the user pool before it expires. Valid values for `auth_session_validity` are between `3` and `15`, with a default value of `3`.
*
*/
public Optional> authSessionValidity() {
@@ -116,14 +112,14 @@ public Optional> authSessionValidity() {
}
/**
- * List of allowed callback URLs for the identity providers.
+ * List of allowed callback URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
@Import(name="callbackUrls")
private @Nullable Output> callbackUrls;
/**
- * @return List of allowed callback URLs for the identity providers.
+ * @return List of allowed callback URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
public Optional>> callbackUrls() {
@@ -131,14 +127,14 @@ public Optional>> callbackUrls() {
}
/**
- * Default redirect URI. Must be in the list of callback URLs.
+ * Default redirect URI and must be included in the list of callback URLs.
*
*/
@Import(name="defaultRedirectUri")
private @Nullable Output defaultRedirectUri;
/**
- * @return Default redirect URI. Must be in the list of callback URLs.
+ * @return Default redirect URI and must be included in the list of callback URLs.
*
*/
public Optional> defaultRedirectUri() {
@@ -146,14 +142,14 @@ public Optional> defaultRedirectUri() {
}
/**
- * Activates the propagation of additional user context data.
+ * Enables the propagation of additional user context data.
*
*/
@Import(name="enablePropagateAdditionalUserContextData")
private @Nullable Output enablePropagateAdditionalUserContextData;
/**
- * @return Activates the propagation of additional user context data.
+ * @return Enables the propagation of additional user context data.
*
*/
public Optional> enablePropagateAdditionalUserContextData() {
@@ -176,14 +172,14 @@ public Optional> enableTokenRevocation() {
}
/**
- * List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, ALLOW_REFRESH_TOKEN_AUTH).
+ * List of authentication flows. The available options include ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_REFRESH_TOKEN_AUTH.
*
*/
@Import(name="explicitAuthFlows")
private @Nullable Output> explicitAuthFlows;
/**
- * @return List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, ALLOW_REFRESH_TOKEN_AUTH).
+ * @return List of authentication flows. The available options include ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_REFRESH_TOKEN_AUTH.
*
*/
public Optional>> explicitAuthFlows() {
@@ -191,14 +187,14 @@ public Optional>> explicitAuthFlows() {
}
/**
- * Should an application secret be generated.
+ * Boolean flag indicating whether an application secret should be generated.
*
*/
@Import(name="generateSecret")
private @Nullable Output generateSecret;
/**
- * @return Should an application secret be generated.
+ * @return Boolean flag indicating whether an application secret should be generated.
*
*/
public Optional> generateSecret() {
@@ -206,18 +202,14 @@ public Optional> generateSecret() {
}
/**
- * Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used.
- * By default, the unit is hours.
- * The unit can be overridden by a value in `token_validity_units.id_token`.
+ * Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.id_token`.
*
*/
@Import(name="idTokenValidity")
private @Nullable Output idTokenValidity;
/**
- * @return Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used.
- * By default, the unit is hours.
- * The unit can be overridden by a value in `token_validity_units.id_token`.
+ * @return Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.id_token`.
*
*/
public Optional> idTokenValidity() {
@@ -225,14 +217,14 @@ public Optional> idTokenValidity() {
}
/**
- * List of allowed logout URLs for the identity providers.
+ * List of allowed logout URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
@Import(name="logoutUrls")
private @Nullable Output> logoutUrls;
/**
- * @return List of allowed logout URLs for the identity providers.
+ * @return List of allowed logout URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
*/
public Optional>> logoutUrls() {
@@ -255,14 +247,14 @@ public Optional> name() {
}
/**
- * Choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to `ENABLED` and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to `LEGACY`, those APIs will return a `UserNotFoundException` exception if the user does not exist in the user pool.
+ * Setting determines the errors and responses returned by Cognito APIs when a user does not exist in the user pool during authentication, account confirmation, and password recovery.
*
*/
@Import(name="preventUserExistenceErrors")
private @Nullable Output preventUserExistenceErrors;
/**
- * @return Choose which errors and responses are returned by Cognito APIs during authentication, account confirmation, and password recovery when the user does not exist in the user pool. When set to `ENABLED` and the user does not exist, authentication returns an error indicating either the username or password was incorrect, and account confirmation and password recovery return a response indicating a code was sent to a simulated destination. When set to `LEGACY`, those APIs will return a `UserNotFoundException` exception if the user does not exist in the user pool.
+ * @return Setting determines the errors and responses returned by Cognito APIs when a user does not exist in the user pool during authentication, account confirmation, and password recovery.
*
*/
public Optional> preventUserExistenceErrors() {
@@ -270,14 +262,14 @@ public Optional> preventUserExistenceErrors() {
}
/**
- * List of user pool attributes the application client can read from.
+ * List of user pool attributes that the application client can read from.
*
*/
@Import(name="readAttributes")
private @Nullable Output> readAttributes;
/**
- * @return List of user pool attributes the application client can read from.
+ * @return List of user pool attributes that the application client can read from.
*
*/
public Optional>> readAttributes() {
@@ -285,18 +277,14 @@ public Optional>> readAttributes() {
}
/**
- * Time limit, between 60 minutes and 10 years, after which the refresh token is no longer valid and cannot be used.
- * By default, the unit is days.
- * The unit can be overridden by a value in `token_validity_units.refresh_token`.
+ * Time limit, between 60 minutes and 10 years, after which the refresh token is no longer valid and cannot be used. By default, the unit is days. The unit can be overridden by a value in `token_validity_units.refresh_token`.
*
*/
@Import(name="refreshTokenValidity")
private @Nullable Output refreshTokenValidity;
/**
- * @return Time limit, between 60 minutes and 10 years, after which the refresh token is no longer valid and cannot be used.
- * By default, the unit is days.
- * The unit can be overridden by a value in `token_validity_units.refresh_token`.
+ * @return Time limit, between 60 minutes and 10 years, after which the refresh token is no longer valid and cannot be used. By default, the unit is days. The unit can be overridden by a value in `token_validity_units.refresh_token`.
*
*/
public Optional> refreshTokenValidity() {
@@ -304,14 +292,14 @@ public Optional> refreshTokenValidity() {
}
/**
- * List of provider names for the identity providers that are supported on this client. Uses the `provider_name` attribute of `aws.cognito.IdentityProvider` resource(s), or the equivalent string(s).
+ * List of provider names for the identity providers that are supported on this client. It uses the `provider_name` attribute of the `aws.cognito.IdentityProvider` resource(s), or the equivalent string(s).
*
*/
@Import(name="supportedIdentityProviders")
private @Nullable Output> supportedIdentityProviders;
/**
- * @return List of provider names for the identity providers that are supported on this client. Uses the `provider_name` attribute of `aws.cognito.IdentityProvider` resource(s), or the equivalent string(s).
+ * @return List of provider names for the identity providers that are supported on this client. It uses the `provider_name` attribute of the `aws.cognito.IdentityProvider` resource(s), or the equivalent string(s).
*
*/
public Optional>> supportedIdentityProviders() {
@@ -319,14 +307,14 @@ public Optional>> supportedIdentityProviders() {
}
/**
- * Configuration block for units in which the validity times are represented in. Detailed below.
+ * Configuration block for representing the validity times in units. See details below. Detailed below.
*
*/
@Import(name="tokenValidityUnits")
private @Nullable Output tokenValidityUnits;
/**
- * @return Configuration block for units in which the validity times are represented in. Detailed below.
+ * @return Configuration block for representing the validity times in units. See details below. Detailed below.
*
*/
public Optional> tokenValidityUnits() {
@@ -353,14 +341,14 @@ public Output userPoolId() {
}
/**
- * List of user pool attributes the application client can write to.
+ * List of user pool attributes that the application client can write to.
*
*/
@Import(name="writeAttributes")
private @Nullable Output> writeAttributes;
/**
- * @return List of user pool attributes the application client can write to.
+ * @return List of user pool attributes that the application client can write to.
*
*/
public Optional>> writeAttributes() {
@@ -413,9 +401,7 @@ public Builder(UserPoolClientArgs defaults) {
}
/**
- * @param accessTokenValidity Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used.
- * By default, the unit is hours.
- * The unit can be overridden by a value in `token_validity_units.access_token`.
+ * @param accessTokenValidity Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.access_token`.
*
* @return builder
*
@@ -426,9 +412,7 @@ public Builder accessTokenValidity(@Nullable Output accessTokenValidity
}
/**
- * @param accessTokenValidity Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used.
- * By default, the unit is hours.
- * The unit can be overridden by a value in `token_validity_units.access_token`.
+ * @param accessTokenValidity Time limit, between 5 minutes and 1 day, after which the access token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.access_token`.
*
* @return builder
*
@@ -438,7 +422,7 @@ public Builder accessTokenValidity(Integer accessTokenValidity) {
}
/**
- * @param allowedOauthFlows List of allowed OAuth flows (code, implicit, client_credentials).
+ * @param allowedOauthFlows List of allowed OAuth flows, including `code`, `implicit`, and `client_credentials`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
@@ -449,7 +433,7 @@ public Builder allowedOauthFlows(@Nullable Output> allowedOauthFlow
}
/**
- * @param allowedOauthFlows List of allowed OAuth flows (code, implicit, client_credentials).
+ * @param allowedOauthFlows List of allowed OAuth flows, including `code`, `implicit`, and `client_credentials`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
@@ -459,7 +443,7 @@ public Builder allowedOauthFlows(List allowedOauthFlows) {
}
/**
- * @param allowedOauthFlows List of allowed OAuth flows (code, implicit, client_credentials).
+ * @param allowedOauthFlows List of allowed OAuth flows, including `code`, `implicit`, and `client_credentials`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
@@ -469,7 +453,7 @@ public Builder allowedOauthFlows(String... allowedOauthFlows) {
}
/**
- * @param allowedOauthFlowsUserPoolClient Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.
+ * @param allowedOauthFlowsUserPoolClient Whether the client is allowed to use OAuth 2.0 features. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure the following arguments: `callback_urls`, `logout_urls`, `allowed_oauth_scopes` and `allowed_oauth_flows`.
*
* @return builder
*
@@ -480,7 +464,7 @@ public Builder allowedOauthFlowsUserPoolClient(@Nullable Output allowed
}
/**
- * @param allowedOauthFlowsUserPoolClient Whether the client is allowed to follow the OAuth protocol when interacting with Cognito user pools.
+ * @param allowedOauthFlowsUserPoolClient Whether the client is allowed to use OAuth 2.0 features. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure the following arguments: `callback_urls`, `logout_urls`, `allowed_oauth_scopes` and `allowed_oauth_flows`.
*
* @return builder
*
@@ -490,7 +474,7 @@ public Builder allowedOauthFlowsUserPoolClient(Boolean allowedOauthFlowsUserPool
}
/**
- * @param allowedOauthScopes List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).
+ * @param allowedOauthScopes List of allowed OAuth scopes, including `phone`, `email`, `openid`, `profile`, and `aws.cognito.signin.user.admin`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
@@ -501,7 +485,7 @@ public Builder allowedOauthScopes(@Nullable Output> allowedOauthSco
}
/**
- * @param allowedOauthScopes List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).
+ * @param allowedOauthScopes List of allowed OAuth scopes, including `phone`, `email`, `openid`, `profile`, and `aws.cognito.signin.user.admin`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
@@ -511,7 +495,7 @@ public Builder allowedOauthScopes(List allowedOauthScopes) {
}
/**
- * @param allowedOauthScopes List of allowed OAuth scopes (phone, email, openid, profile, and aws.cognito.signin.user.admin).
+ * @param allowedOauthScopes List of allowed OAuth scopes, including `phone`, `email`, `openid`, `profile`, and `aws.cognito.signin.user.admin`. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
@@ -521,7 +505,7 @@ public Builder allowedOauthScopes(String... allowedOauthScopes) {
}
/**
- * @param analyticsConfiguration Configuration block for Amazon Pinpoint analytics for collecting metrics for this user pool. Detailed below.
+ * @param analyticsConfiguration Configuration block for Amazon Pinpoint analytics that collects metrics for this user pool. See details below.
*
* @return builder
*
@@ -532,7 +516,7 @@ public Builder analyticsConfiguration(@Nullable Output authSessionValidity
}
/**
- * @param authSessionValidity Amazon Cognito creates a session token for each API request in an authentication flow. AuthSessionValidity is the duration, in minutes, of that session token. Your user pool native user must respond to each authentication challenge before the session expires. Valid values between `3` and `15`. Default value is `3`.
+ * @param authSessionValidity Duration, in minutes, of the session token created by Amazon Cognito for each API request in an authentication flow. The session token must be responded to by the native user of the user pool before it expires. Valid values for `auth_session_validity` are between `3` and `15`, with a default value of `3`.
*
* @return builder
*
@@ -563,7 +547,7 @@ public Builder authSessionValidity(Integer authSessionValidity) {
}
/**
- * @param callbackUrls List of allowed callback URLs for the identity providers.
+ * @param callbackUrls List of allowed callback URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
@@ -574,7 +558,7 @@ public Builder callbackUrls(@Nullable Output> callbackUrls) {
}
/**
- * @param callbackUrls List of allowed callback URLs for the identity providers.
+ * @param callbackUrls List of allowed callback URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
@@ -584,7 +568,7 @@ public Builder callbackUrls(List callbackUrls) {
}
/**
- * @param callbackUrls List of allowed callback URLs for the identity providers.
+ * @param callbackUrls List of allowed callback URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
@@ -594,7 +578,7 @@ public Builder callbackUrls(String... callbackUrls) {
}
/**
- * @param defaultRedirectUri Default redirect URI. Must be in the list of callback URLs.
+ * @param defaultRedirectUri Default redirect URI and must be included in the list of callback URLs.
*
* @return builder
*
@@ -605,7 +589,7 @@ public Builder defaultRedirectUri(@Nullable Output defaultRedirectUri) {
}
/**
- * @param defaultRedirectUri Default redirect URI. Must be in the list of callback URLs.
+ * @param defaultRedirectUri Default redirect URI and must be included in the list of callback URLs.
*
* @return builder
*
@@ -615,7 +599,7 @@ public Builder defaultRedirectUri(String defaultRedirectUri) {
}
/**
- * @param enablePropagateAdditionalUserContextData Activates the propagation of additional user context data.
+ * @param enablePropagateAdditionalUserContextData Enables the propagation of additional user context data.
*
* @return builder
*
@@ -626,7 +610,7 @@ public Builder enablePropagateAdditionalUserContextData(@Nullable Output> explicitAuthFlow
}
/**
- * @param explicitAuthFlows List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, ALLOW_REFRESH_TOKEN_AUTH).
+ * @param explicitAuthFlows List of authentication flows. The available options include ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_REFRESH_TOKEN_AUTH.
*
* @return builder
*
@@ -678,7 +662,7 @@ public Builder explicitAuthFlows(List explicitAuthFlows) {
}
/**
- * @param explicitAuthFlows List of authentication flows (ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, ALLOW_REFRESH_TOKEN_AUTH).
+ * @param explicitAuthFlows List of authentication flows. The available options include ADMIN_NO_SRP_AUTH, CUSTOM_AUTH_FLOW_ONLY, USER_PASSWORD_AUTH, ALLOW_ADMIN_USER_PASSWORD_AUTH, ALLOW_CUSTOM_AUTH, ALLOW_USER_PASSWORD_AUTH, ALLOW_USER_SRP_AUTH, and ALLOW_REFRESH_TOKEN_AUTH.
*
* @return builder
*
@@ -688,7 +672,7 @@ public Builder explicitAuthFlows(String... explicitAuthFlows) {
}
/**
- * @param generateSecret Should an application secret be generated.
+ * @param generateSecret Boolean flag indicating whether an application secret should be generated.
*
* @return builder
*
@@ -699,7 +683,7 @@ public Builder generateSecret(@Nullable Output generateSecret) {
}
/**
- * @param generateSecret Should an application secret be generated.
+ * @param generateSecret Boolean flag indicating whether an application secret should be generated.
*
* @return builder
*
@@ -709,9 +693,7 @@ public Builder generateSecret(Boolean generateSecret) {
}
/**
- * @param idTokenValidity Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used.
- * By default, the unit is hours.
- * The unit can be overridden by a value in `token_validity_units.id_token`.
+ * @param idTokenValidity Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.id_token`.
*
* @return builder
*
@@ -722,9 +704,7 @@ public Builder idTokenValidity(@Nullable Output idTokenValidity) {
}
/**
- * @param idTokenValidity Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used.
- * By default, the unit is hours.
- * The unit can be overridden by a value in `token_validity_units.id_token`.
+ * @param idTokenValidity Time limit, between 5 minutes and 1 day, after which the ID token is no longer valid and cannot be used. By default, the unit is hours. The unit can be overridden by a value in `token_validity_units.id_token`.
*
* @return builder
*
@@ -734,7 +714,7 @@ public Builder idTokenValidity(Integer idTokenValidity) {
}
/**
- * @param logoutUrls List of allowed logout URLs for the identity providers.
+ * @param logoutUrls List of allowed logout URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
@@ -745,7 +725,7 @@ public Builder logoutUrls(@Nullable Output> logoutUrls) {
}
/**
- * @param logoutUrls List of allowed logout URLs for the identity providers.
+ * @param logoutUrls List of allowed logout URLs for the identity providers. `allowed_oauth_flows_user_pool_client` must be set to `true` before you can configure this option.
*
* @return builder
*
@@ -755,7 +735,7 @@ public Builder logoutUrls(List