AWS cognito documentation change
Summary
Updated documentation links to include MFA and authentication configuration references
Security assessment
The change expands documentation references to include MFA configuration, which is a security feature. However, there is no evidence of addressing a specific security vulnerability.
Diff
diff --git a/cognito/latest/developerguide/cognito-user-pool-settings-threat-protection.md b/cognito/latest/developerguide/cognito-user-pool-settings-threat-protection.md index 072d5fdd9..39dabd57c 100644 --- a//cognito/latest/developerguide/cognito-user-pool-settings-threat-protection.md +++ b//cognito/latest/developerguide/cognito-user-pool-settings-threat-protection.md @@ -265 +265 @@ To set the threat protection configuration for a user pool, send a [SetRiskConfi -To enforce this configuration, you must set `AdvancedSecurityMode` to `ENFORCED` in a separate [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) or [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) API request. For more information about the placeholder templates like `{username}` in this example, see [Configuring verification and invitation messages](./cognito-user-pool-settings-message-customizations.html). +To enforce this configuration, you must set `AdvancedSecurityMode` to `ENFORCED` in a separate [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) or [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) API request. For more information about the placeholder templates like `{username}` in this example, see [Configuring MFA, authentication, verification and invitation messages](./cognito-user-pool-settings-message-customizations.html). @@ -320 +320 @@ To set the threat protection configuration for an app client, send a [SetRiskCon -To enforce this configuration, you must set `AdvancedSecurityMode` to `ENFORCED` in a separate [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) or [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) API request. For more information about the placeholder templates like `{username}` in this example, see [Configuring verification and invitation messages](./cognito-user-pool-settings-message-customizations.html). +To enforce this configuration, you must set `AdvancedSecurityMode` to `ENFORCED` in a separate [CreateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) or [UpdateUserPool](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html) API request. For more information about the placeholder templates like `{username}` in this example, see [Configuring MFA, authentication, verification and invitation messages](./cognito-user-pool-settings-message-customizations.html).