AWS cognito high security documentation change
Summary
Removed code handling 'CustomSMSSender_AccountTakeOverNotification' in Lambda example
Security assessment
Removing account takeover notification handling in the example could lead to insecure implementations if developers omit this security-critical logic. This directly impacts security guidance.
Diff
diff --git a/cognito/latest/developerguide/user-pool-lambda-custom-sms-sender.md b/cognito/latest/developerguide/user-pool-lambda-custom-sms-sender.md index b613a32d5..50f675c76 100644 --- a//cognito/latest/developerguide/user-pool-lambda-custom-sms-sender.md +++ b//cognito/latest/developerguide/user-pool-lambda-custom-sms-sender.md @@ -270,4 +269,0 @@ The Amazon Resource Name (ARN) of the KMS key that you want to use to encrypt an - else if (event.triggerSource == 'CustomSMSSender_AccountTakeOverNotification') { - // Handle account takeover notification - } -