AWS Security ChangesHomeSearch

AWS cognito documentation change

Service: cognito · 2025-07-25 · Documentation low

File: cognito/latest/developerguide/cognito-user-pool-settings-threat-protection.md

Summary

Updated documentation links to include MFA and authentication configuration references

Security assessment

The change expands documentation references to include MFA configuration, which is a security feature. However, there is no evidence of addressing a specific security vulnerability.

Diff

diff --git a/cognito/latest/developerguide/cognito-user-pool-settings-threat-protection.md b/cognito/latest/developerguide/cognito-user-pool-settings-threat-protection.md
index 072d5fdd9..39dabd57c 100644
--- a//cognito/latest/developerguide/cognito-user-pool-settings-threat-protection.md
+++ b//cognito/latest/developerguide/cognito-user-pool-settings-threat-protection.md
@@ -265 +265 @@ To set the threat protection configuration for a user pool, send a [SetRiskConfi
-To enforce this configuration, you must set `AdvancedSecurityMode` to `ENFORCED` in a separate [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) or [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) API request. For more information about the placeholder templates like `{username}` in this example, see [Configuring verification and invitation messages](./cognito-user-pool-settings-message-customizations.html).
+To enforce this configuration, you must set `AdvancedSecurityMode` to `ENFORCED` in a separate [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) or [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) API request. For more information about the placeholder templates like `{username}` in this example, see [Configuring MFA, authentication, verification and invitation messages](./cognito-user-pool-settings-message-customizations.html).
@@ -320 +320 @@ To set the threat protection configuration for an app client, send a [SetRiskCon
-To enforce this configuration, you must set `AdvancedSecurityMode` to `ENFORCED` in a separate [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) or [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) API request. For more information about the placeholder templates like `{username}` in this example, see [Configuring verification and invitation messages](./cognito-user-pool-settings-message-customizations.html).
+To enforce this configuration, you must set `AdvancedSecurityMode` to `ENFORCED` in a separate [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) or [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) API request. For more information about the placeholder templates like `{username}` in this example, see [Configuring MFA, authentication, verification and invitation messages](./cognito-user-pool-settings-message-customizations.html).