AWS Security ChangesHomeSearch

AWS cognito high security documentation change

Service: cognito · 2025-05-22 · Security-related high

File: cognito/latest/developerguide/user-pool-lambda-custom-sms-sender.md

Summary

Removed code handling 'CustomSMSSender_AccountTakeOverNotification' in Lambda example

Security assessment

Removing account takeover notification handling in the example could lead to insecure implementations if developers omit this security-critical logic. This directly impacts security guidance.

Diff

diff --git a/cognito/latest/developerguide/user-pool-lambda-custom-sms-sender.md b/cognito/latest/developerguide/user-pool-lambda-custom-sms-sender.md
index b613a32d5..50f675c76 100644
--- a//cognito/latest/developerguide/user-pool-lambda-custom-sms-sender.md
+++ b//cognito/latest/developerguide/user-pool-lambda-custom-sms-sender.md
@@ -270,4 +269,0 @@ The Amazon Resource Name (ARN) of the KMS key that you want to use to encrypt an
-            else if (event.triggerSource == 'CustomSMSSender_AccountTakeOverNotification') {
-                // Handle account takeover notification
-            }
-