AWS Security ChangesHomeSearch

AWS cli documentation change

Service: cli · 2026-02-28 · Documentation low

File: cli/latest/reference/cognito-idp/admin-respond-to-auth-challenge.md

Summary

Updated documentation with clarified Lambda trigger integration details, added CLI error format options, and version bump to 2.34.0

Security assessment

Changes focus on documentation clarity around Lambda workflows and CLI formatting options. No concrete evidence of security vulnerability fixes. ClientMetadata/Lambda trigger explanations enhance understanding but don't introduce new security features.

Diff

diff --git a/cli/latest/reference/cognito-idp/admin-respond-to-auth-challenge.md b/cli/latest/reference/cognito-idp/admin-respond-to-auth-challenge.md
index ceb9186d3..ec966cc13 100644
--- a//cli/latest/reference/cognito-idp/admin-respond-to-auth-challenge.md
+++ b//cli/latest/reference/cognito-idp/admin-respond-to-auth-challenge.md
@@ -15 +15 @@
-  * [AWS CLI 2.33.29 Command Reference](../../index.html) »
+  * [AWS CLI 2.34.0 Command Reference](../../index.html) »
@@ -114,0 +115 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/cognit
+    [--cli-error-format <value>]
@@ -474 +475 @@ JSON Syntax:
-> A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers.
+> A map of custom key-value pairs that you can provide as input for any custom workflows that this action triggers. You create custom workflows by assigning Lambda functions to user pool triggers.
@@ -476 +477 @@ JSON Syntax:
-> You create custom workflows by assigning Lambda functions to user pool triggers. When you use the AdminRespondToAuthChallenge API action, Amazon Cognito invokes any functions that you have assigned to the following triggers:
+> When Amazon Cognito invokes any of these functions, it passes a JSON payload, which the function receives as input. This payload contains a `clientMetadata` attribute that provides the data that you assigned to the ClientMetadata parameter in your request. In your function code, you can process the `clientMetadata` value to enhance your workflow for your specific needs.
@@ -478,14 +479 @@ JSON Syntax:
->   * Pre sign-up
->   * custom message
->   * Post authentication
->   * User migration
->   * Pre token generation
->   * Define auth challenge
->   * Create auth challenge
->   * Verify auth challenge response
-> 
-
-> 
-> When Amazon Cognito invokes any of these functions, it passes a JSON payload, which the function receives as input. This payload contains a `clientMetadata` attribute that provides the data that you assigned to the ClientMetadata parameter in your AdminRespondToAuthChallenge request. In your function code in Lambda, you can process the `clientMetadata` value to enhance your workflow for your specific needs.
-> 
-> For more information, see [Using Lambda triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools-working-with-aws-lambda-triggers.html) in the _Amazon Cognito Developer Guide_ .
+> To review the Lambda trigger types that Amazon Cognito invokes at runtime with API requests, see [Connecting API actions to Lambda triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-working-with-lambda-triggers.html#lambda-triggers-by-event) in the _Amazon Cognito Developer Guide_ .
@@ -564,0 +553 @@ The formatting style for command output.
+  * off
@@ -630,0 +620,13 @@ Disable automatically prompt for CLI input parameters.
+`--cli-error-format` (string)
+
+The formatting style for error output. By default, errors are displayed in enhanced format.
+
+  * legacy
+  * json
+  * yaml
+  * text
+  * table
+  * enhanced
+
+
+
@@ -849 +851 @@ AuthenticationResult -> (structure)
-  * [AWS CLI 2.33.29 Command Reference](../../index.html) »
+  * [AWS CLI 2.34.0 Command Reference](../../index.html) »