From 50f95d15cf49b822e388a5148327936994dbcae3 Mon Sep 17 00:00:00 2001 From: ci-robot Date: Wed, 19 Feb 2025 23:30:49 +0000 Subject: [PATCH] Update to ACK runtime `v0.43.0`, code-generator `v0.43.1` --- apis/v1alpha1/ack-generate-metadata.yaml | 10 +- apis/v1alpha1/user_pool.go | 27 ++- config/controller/kustomization.yaml | 2 +- ...typrovider.services.k8s.aws_userpools.yaml | 162 ++++++++++-------- helm/Chart.yaml | 4 +- ...typrovider.services.k8s.aws_userpools.yaml | 162 ++++++++++-------- helm/templates/NOTES.txt | 2 +- helm/values.yaml | 2 +- 8 files changed, 216 insertions(+), 155 deletions(-) diff --git a/apis/v1alpha1/ack-generate-metadata.yaml b/apis/v1alpha1/ack-generate-metadata.yaml index 32e4996..a038b6d 100755 --- a/apis/v1alpha1/ack-generate-metadata.yaml +++ b/apis/v1alpha1/ack-generate-metadata.yaml @@ -1,9 +1,9 @@ ack_generate_info: - build_date: "2025-02-18T00:10:42Z" - build_hash: 66c0f840b0bcf6f552be46cf5ee0fb95ad57053e - go_version: go1.23.6 - version: v0.43.0 -api_directory_checksum: 19f277b2e965f24f4767f039fdd17c6c5bc57617 + build_date: "2025-02-19T23:30:14Z" + build_hash: 8b426c490ff1984d8ce5577e11d6dabe1b6373b8 + go_version: go1.24.0 + version: v0.43.1 +api_directory_checksum: 57448d9b25fad5f283e725c6eda7e8677a80368a api_version: v1alpha1 aws_sdk_go_version: v1.32.6 generator_config_info: diff --git a/apis/v1alpha1/user_pool.go b/apis/v1alpha1/user_pool.go index a9f6abf..936adc1 100644 --- a/apis/v1alpha1/user_pool.go +++ b/apis/v1alpha1/user_pool.go @@ -30,13 +30,17 @@ type UserPoolSpec struct { // has SMS multi-factor authentication (MFA) activated. In the absence of this // setting, Amazon Cognito uses the legacy behavior to determine the recovery // method where SMS is preferred through email. + AccountRecoverySetting *AccountRecoverySettingType `json:"accountRecoverySetting,omitempty"` // The configuration for AdminCreateUser requests. + AdminCreateUserConfig *AdminCreateUserConfigType `json:"adminCreateUserConfig,omitempty"` // Attributes supported as an alias for this user pool. Possible values: phone_number, // email, or preferred_username. + AliasAttributes []*string `json:"aliasAttributes,omitempty"` // The attributes to be auto-verified. Possible values: email, phone_number. + AutoVerifiedAttributes []*string `json:"autoVerifiedAttributes,omitempty"` // When active, DeletionProtection prevents accidental deletion of your userpool. // Before you can delete a user pool that you have protected against deletion, @@ -46,36 +50,48 @@ type UserPoolSpec struct { // Amazon Cognito returns an InvalidParameterException error. To delete a protected // user pool, send a new DeleteUserPool request after you deactivate deletion // protection in an UpdateUserPool API request. + DeletionProtection *string `json:"deletionProtection,omitempty"` // The device-remembering configuration for a user pool. A null value indicates // that you have deactivated device remembering in your user pool. // // When you provide a value for any DeviceConfiguration field, you activate // the Amazon Cognito device-remembering feature. + DeviceConfiguration *DeviceConfigurationType `json:"deviceConfiguration,omitempty"` // The email configuration of your user pool. The email configuration type sets // your preferred sending method, Amazon Web Services Region, and sender for // messages from your user pool. + EmailConfiguration *EmailConfigurationType `json:"emailConfiguration,omitempty"` // This parameter is no longer used. See VerificationMessageTemplateType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html). + EmailVerificationMessage *string `json:"emailVerificationMessage,omitempty"` // This parameter is no longer used. See VerificationMessageTemplateType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html). + EmailVerificationSubject *string `json:"emailVerificationSubject,omitempty"` // A collection of user pool Lambda triggers. Amazon Cognito invokes triggers // at several possible stages of authentication operations. Triggers can modify // the outcome of the operations that invoked them. + LambdaConfig *LambdaConfigType `json:"lambdaConfig,omitempty"` // Specifies MFA configuration details. + MFAConfiguration *string `json:"mfaConfiguration,omitempty"` // A string used to name the user pool. + // +kubebuilder:validation:Required + Name *string `json:"name"` // The policies associated with the new user pool. + Policies *UserPoolPolicyType `json:"policies,omitempty"` // An array of schema attributes for the new user pool. These attributes can // be standard or custom attributes. + Schema []*SchemaAttributeType `json:"schema,omitempty"` // A string representing the SMS authentication message. + SmsAuthenticationMessage *string `json:"smsAuthenticationMessage,omitempty"` // The SMS configuration with the settings that your Amazon Cognito user pool // must use to send an SMS message from your Amazon Web Services account through @@ -83,16 +99,20 @@ type UserPoolSpec struct { // in the Amazon Web Services Region that you want, the Amazon Cognito user // pool uses an Identity and Access Management (IAM) role in your Amazon Web // Services account. + SmsConfiguration *SmsConfigurationType `json:"smsConfiguration,omitempty"` // This parameter is no longer used. See VerificationMessageTemplateType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html). + SmsVerificationMessage *string `json:"smsVerificationMessage,omitempty"` // The tags to assign to the user pool. + Tags map[string]*string `json:"tags,omitempty"` // The settings for updates to user attributes. These settings include the property // AttributesRequireVerificationBeforeUpdate,a user-pool setting that tells // Amazon Cognito how to handle changes to the value of your users' email address // and phone number attributes. Formore information, see Verifying updates to // email addresses and phone numbers (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates). + UserAttributeUpdateSettings *UserAttributeUpdateSettingsType `json:"userAttributeUpdateSettings,omitempty"` // User pool add-ons. Contains settings for activation of advanced security // features. To log user security information but take no action, set to AUDIT. @@ -100,13 +120,16 @@ type UserPoolSpec struct { // set to ENFORCED. // // For more information, see Adding advanced security to a user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html). + UserPoolAddOns *UserPoolAddOnsType `json:"userPoolAddOns,omitempty"` // The tag keys and values to assign to the user pool. A tag is a label that // you can use to categorize and manage user pools in different ways, such as // by purpose, owner, environment, or other criteria. + UserPoolTags map[string]*string `json:"userPoolTags,omitempty"` // Specifies whether a user can use an email address or phone number as a username // when they sign up. + UsernameAttributes []*string `json:"usernameAttributes,omitempty"` // Case sensitivity on the username input for the selected sign-in option. When // case sensitivity is set to False (case insensitive), users can sign in with @@ -119,6 +142,7 @@ type UserPoolSpec struct { // // This configuration is immutable after you set it. For more information, see // UsernameConfigurationType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UsernameConfigurationType.html). + UsernameConfiguration *UsernameConfigurationType `json:"usernameConfiguration,omitempty"` // The template for the verification message that your user pool delivers to // users who set an email address or phone number attribute. @@ -128,6 +152,7 @@ type UserPoolSpec struct { // blank. For CONFIRM_WITH_CODE, specify an EmailMessage and leave EmailMessageByLink // blank. When you supply both parameters with either choice, Amazon Cognito // returns an error. + VerificationMessageTemplate *VerificationMessageTemplateType `json:"verificationMessageTemplate,omitempty"` } @@ -138,7 +163,7 @@ type UserPoolStatus struct { // constructed ARN for the resource // +kubebuilder:validation:Optional ACKResourceMetadata *ackv1alpha1.ResourceMetadata `json:"ackResourceMetadata"` - // All CRS managed by ACK have a common `Status.Conditions` member that + // All CRs managed by ACK have a common `Status.Conditions` member that // contains a collection of `ackv1alpha1.Condition` objects that describe // the various terminal states of the CR and its backend AWS service API // resource diff --git a/config/controller/kustomization.yaml b/config/controller/kustomization.yaml index 6cda41b..9a21f6e 100644 --- a/config/controller/kustomization.yaml +++ b/config/controller/kustomization.yaml @@ -6,4 +6,4 @@ kind: Kustomization images: - name: controller newName: public.ecr.aws/aws-controllers-k8s/cognitoidentityprovider-controller - newTag: 1.0.4 + newTag: 1.0.5 diff --git a/config/crd/bases/cognitoidentityprovider.services.k8s.aws_userpools.yaml b/config/crd/bases/cognitoidentityprovider.services.k8s.aws_userpools.yaml index a90df91..f7df857 100644 --- a/config/crd/bases/cognitoidentityprovider.services.k8s.aws_userpools.yaml +++ b/config/crd/bases/cognitoidentityprovider.services.k8s.aws_userpools.yaml @@ -41,13 +41,13 @@ spec: properties: accountRecoverySetting: description: |- - The available verified method a user can use to recover their password when - they call ForgotPassword. You can use this setting to define a preferred - method when a user has more than one method available. With this setting, - SMS doesn't qualify for a valid password recovery mechanism if the user also - has SMS multi-factor authentication (MFA) activated. In the absence of this - setting, Amazon Cognito uses the legacy behavior to determine the recovery - method where SMS is preferred through email. + The settings for user message delivery in forgot-password operations. Contains + preference for email or SMS message delivery of password reset codes, or + for admin-only password reset. + + This data type is a request and response parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) + and UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and a response parameter of DescribeUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html). properties: recoveryMechanisms: items: @@ -75,7 +75,14 @@ spec: type: array type: object adminCreateUserConfig: - description: The configuration for AdminCreateUser requests. + description: |- + The settings for administrator creation of users in a user pool. Contains + settings for allowing user sign-up, customizing invitation messages to new + users, and the amount of time before temporary passwords expire. + + This data type is a request and response parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) + and UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and a response parameter of DescribeUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html). properties: allowAdminCreateUserOnly: type: boolean @@ -94,36 +101,40 @@ spec: type: integer type: object aliasAttributes: - description: |- - Attributes supported as an alias for this user pool. Possible values: phone_number, - email, or preferred_username. items: type: string type: array autoVerifiedAttributes: - description: 'The attributes to be auto-verified. Possible values: - email, phone_number.' items: type: string type: array deletionProtection: - description: |- - When active, DeletionProtection prevents accidental deletion of your userpool. - Before you can delete a user pool that you have protected against deletion, - youmust deactivate this feature. - - When you try to delete a protected user pool in a DeleteUserPool API request, - Amazon Cognito returns an InvalidParameterException error. To delete a protected - user pool, send a new DeleteUserPool request after you deactivate deletion - protection in an UpdateUserPool API request. type: string deviceConfiguration: description: |- - The device-remembering configuration for a user pool. A null value indicates - that you have deactivated device remembering in your user pool. + The device-remembering configuration for a user pool. A DescribeUserPool + (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html) + request returns a null value for this object when the user pool isn't configured + to remember devices. When device remembering is active, you can remember + a user's device with a ConfirmDevice (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmDevice.html) + API request. Additionally. when the property DeviceOnlyRememberedOnUserPrompt + is true, you must follow ConfirmDevice with an UpdateDeviceStatus (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateDeviceStatus.html) + API request that sets the user's device to remembered or not_remembered. - When you provide a value for any DeviceConfiguration field, you activate - the Amazon Cognito device-remembering feature. + To sign in with a remembered device, include DEVICE_KEY in the authentication + parameters in your user's InitiateAuth (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html) + request. If your app doesn't include a DEVICE_KEY parameter, the response + (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html#API_InitiateAuth_ResponseSyntax) + from Amazon Cognito includes newly-generated DEVICE_KEY and DEVICE_GROUP_KEY + values under NewDeviceMetadata. Store these values to use in future device-authentication + requests. + + When you provide a value for any property of DeviceConfiguration, you activate + the device remembering for the user pool. + + This data type is a request and response parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) + and UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and a response parameter of DescribeUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html). properties: challengeRequiredOnNewDevice: type: boolean @@ -135,6 +146,18 @@ spec: The email configuration of your user pool. The email configuration type sets your preferred sending method, Amazon Web Services Region, and sender for messages from your user pool. + + Amazon Cognito can send email messages with Amazon Simple Email Service resources + in the Amazon Web Services Region where you created your user pool, and in + alternate Regions in some cases. For more information on the supported Regions, + see Email settings for Amazon Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-email.html). + + This data type is a request parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html), + UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and SetUserPoolMfaConfig (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUserPoolMfaConfig.html), + and a response parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html), + UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and GetUserPoolMfaConfig (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUserPoolMfaConfig.html). properties: configurationSet: type: string @@ -148,18 +171,18 @@ spec: type: string type: object emailVerificationMessage: - description: This parameter is no longer used. See VerificationMessageTemplateType - (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html). type: string emailVerificationSubject: - description: This parameter is no longer used. See VerificationMessageTemplateType - (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html). type: string lambdaConfig: description: |- A collection of user pool Lambda triggers. Amazon Cognito invokes triggers - at several possible stages of authentication operations. Triggers can modify - the outcome of the operations that invoked them. + at several possible stages of user pool operations. Triggers can modify the + outcome of the operations that invoked them. + + This data type is a request and response parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) + and UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and a response parameter of DescribeUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html). properties: createAuthChallenge: type: string @@ -224,13 +247,17 @@ spec: type: string type: object mfaConfiguration: - description: Specifies MFA configuration details. type: string name: - description: A string used to name the user pool. type: string policies: - description: The policies associated with the new user pool. + description: |- + A list of user pool policies. Contains the policy that sets password-complexity + requirements. + + This data type is a request and response parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) + and UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and a response parameter of DescribeUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html). properties: passwordPolicy: description: |- @@ -258,9 +285,6 @@ spec: type: object type: object schema: - description: |- - An array of schema attributes for the new user pool. These attributes can - be standard or custom attributes. items: description: |- A list of the user attributes and their properties in your user pool. The @@ -324,16 +348,20 @@ spec: type: object type: array smsAuthenticationMessage: - description: A string representing the SMS authentication message. type: string smsConfiguration: description: |- - The SMS configuration with the settings that your Amazon Cognito user pool - must use to send an SMS message from your Amazon Web Services account through - Amazon Simple Notification Service. To send SMS messages with Amazon SNS - in the Amazon Web Services Region that you want, the Amazon Cognito user - pool uses an Identity and Access Management (IAM) role in your Amazon Web - Services account. + User pool configuration for delivery of SMS messages with Amazon Simple Notification + Service. To send SMS messages with Amazon SNS in the Amazon Web Services + Region that you want, the Amazon Cognito user pool uses an Identity and Access + Management (IAM) role in your Amazon Web Services account. + + This data type is a request parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html), + UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and SetUserPoolMfaConfig (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUserPoolMfaConfig.html), + and a response parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html), + UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and GetUserPoolMfaConfig (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUserPoolMfaConfig.html). properties: externalID: type: string @@ -343,13 +371,10 @@ spec: type: string type: object smsVerificationMessage: - description: This parameter is no longer used. See VerificationMessageTemplateType - (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html). type: string tags: additionalProperties: type: string - description: The tags to assign to the user pool. type: object userAttributeUpdateSettings: description: |- @@ -358,6 +383,10 @@ spec: Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. Formore information, see Verifying updates to email addresses and phone numbers (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates). + + This data type is a request and response parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) + and UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and a response parameter of DescribeUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html). properties: attributesRequireVerificationBeforeUpdate: items: @@ -372,6 +401,10 @@ spec: set to ENFORCED. For more information, see Adding advanced security to a user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html). + + This data type is a request and response parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) + and UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and a response parameter of DescribeUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html). properties: advancedSecurityMode: type: string @@ -379,31 +412,18 @@ spec: userPoolTags: additionalProperties: type: string - description: |- - The tag keys and values to assign to the user pool. A tag is a label that - you can use to categorize and manage user pools in different ways, such as - by purpose, owner, environment, or other criteria. type: object usernameAttributes: - description: |- - Specifies whether a user can use an email address or phone number as a username - when they sign up. items: type: string type: array usernameConfiguration: description: |- - Case sensitivity on the username input for the selected sign-in option. When - case sensitivity is set to False (case insensitive), users can sign in with - any combination of capital and lowercase letters. For example, username, - USERNAME, or UserName, or for email, email@example.com or EMaiL@eXamplE.Com. - For most use cases, set case sensitivity to False (case insensitive) as a - best practice. When usernames and email addresses are case insensitive, Amazon - Cognito treats any variation in case as the same user, and prevents a case - variation from being assigned to the same attribute for a different user. - - This configuration is immutable after you set it. For more information, see - UsernameConfigurationType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UsernameConfigurationType.html). + The configuration of a user pool for username case sensitivity. + + This data type is a request and response parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) + and UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and a response parameter of DescribeUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html). properties: caseSensitive: type: boolean @@ -413,11 +433,9 @@ spec: The template for the verification message that your user pool delivers to users who set an email address or phone number attribute. - Set the email message type that corresponds to your DefaultEmailOption selection. - For CONFIRM_WITH_LINK, specify an EmailMessageByLink and leave EmailMessage - blank. For CONFIRM_WITH_CODE, specify an EmailMessage and leave EmailMessageByLink - blank. When you supply both parameters with either choice, Amazon Cognito - returns an error. + This data type is a request and response parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) + and UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and a response parameter of DescribeUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html). properties: defaultEmailOption: type: string @@ -469,7 +487,7 @@ spec: type: object conditions: description: |- - All CRS managed by ACK have a common `Status.Conditions` member that + All CRs managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource diff --git a/helm/Chart.yaml b/helm/Chart.yaml index e790f99..6ef7c00 100644 --- a/helm/Chart.yaml +++ b/helm/Chart.yaml @@ -1,8 +1,8 @@ apiVersion: v1 name: cognitoidentityprovider-chart description: A Helm chart for the ACK service controller for Amazon Cognito Identity Provider (Cognito Identity Provider) -version: 1.0.4 -appVersion: 1.0.4 +version: 1.0.5 +appVersion: 1.0.5 home: https://github.com/aws-controllers-k8s/cognitoidentityprovider-controller icon: https://raw.githubusercontent.com/aws/eks-charts/master/docs/logo/aws.png sources: diff --git a/helm/crds/cognitoidentityprovider.services.k8s.aws_userpools.yaml b/helm/crds/cognitoidentityprovider.services.k8s.aws_userpools.yaml index a90df91..f7df857 100644 --- a/helm/crds/cognitoidentityprovider.services.k8s.aws_userpools.yaml +++ b/helm/crds/cognitoidentityprovider.services.k8s.aws_userpools.yaml @@ -41,13 +41,13 @@ spec: properties: accountRecoverySetting: description: |- - The available verified method a user can use to recover their password when - they call ForgotPassword. You can use this setting to define a preferred - method when a user has more than one method available. With this setting, - SMS doesn't qualify for a valid password recovery mechanism if the user also - has SMS multi-factor authentication (MFA) activated. In the absence of this - setting, Amazon Cognito uses the legacy behavior to determine the recovery - method where SMS is preferred through email. + The settings for user message delivery in forgot-password operations. Contains + preference for email or SMS message delivery of password reset codes, or + for admin-only password reset. + + This data type is a request and response parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) + and UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and a response parameter of DescribeUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html). properties: recoveryMechanisms: items: @@ -75,7 +75,14 @@ spec: type: array type: object adminCreateUserConfig: - description: The configuration for AdminCreateUser requests. + description: |- + The settings for administrator creation of users in a user pool. Contains + settings for allowing user sign-up, customizing invitation messages to new + users, and the amount of time before temporary passwords expire. + + This data type is a request and response parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) + and UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and a response parameter of DescribeUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html). properties: allowAdminCreateUserOnly: type: boolean @@ -94,36 +101,40 @@ spec: type: integer type: object aliasAttributes: - description: |- - Attributes supported as an alias for this user pool. Possible values: phone_number, - email, or preferred_username. items: type: string type: array autoVerifiedAttributes: - description: 'The attributes to be auto-verified. Possible values: - email, phone_number.' items: type: string type: array deletionProtection: - description: |- - When active, DeletionProtection prevents accidental deletion of your userpool. - Before you can delete a user pool that you have protected against deletion, - youmust deactivate this feature. - - When you try to delete a protected user pool in a DeleteUserPool API request, - Amazon Cognito returns an InvalidParameterException error. To delete a protected - user pool, send a new DeleteUserPool request after you deactivate deletion - protection in an UpdateUserPool API request. type: string deviceConfiguration: description: |- - The device-remembering configuration for a user pool. A null value indicates - that you have deactivated device remembering in your user pool. + The device-remembering configuration for a user pool. A DescribeUserPool + (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html) + request returns a null value for this object when the user pool isn't configured + to remember devices. When device remembering is active, you can remember + a user's device with a ConfirmDevice (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_ConfirmDevice.html) + API request. Additionally. when the property DeviceOnlyRememberedOnUserPrompt + is true, you must follow ConfirmDevice with an UpdateDeviceStatus (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateDeviceStatus.html) + API request that sets the user's device to remembered or not_remembered. - When you provide a value for any DeviceConfiguration field, you activate - the Amazon Cognito device-remembering feature. + To sign in with a remembered device, include DEVICE_KEY in the authentication + parameters in your user's InitiateAuth (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html) + request. If your app doesn't include a DEVICE_KEY parameter, the response + (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_InitiateAuth.html#API_InitiateAuth_ResponseSyntax) + from Amazon Cognito includes newly-generated DEVICE_KEY and DEVICE_GROUP_KEY + values under NewDeviceMetadata. Store these values to use in future device-authentication + requests. + + When you provide a value for any property of DeviceConfiguration, you activate + the device remembering for the user pool. + + This data type is a request and response parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) + and UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and a response parameter of DescribeUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html). properties: challengeRequiredOnNewDevice: type: boolean @@ -135,6 +146,18 @@ spec: The email configuration of your user pool. The email configuration type sets your preferred sending method, Amazon Web Services Region, and sender for messages from your user pool. + + Amazon Cognito can send email messages with Amazon Simple Email Service resources + in the Amazon Web Services Region where you created your user pool, and in + alternate Regions in some cases. For more information on the supported Regions, + see Email settings for Amazon Cognito user pools (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-email.html). + + This data type is a request parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html), + UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and SetUserPoolMfaConfig (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUserPoolMfaConfig.html), + and a response parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html), + UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and GetUserPoolMfaConfig (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUserPoolMfaConfig.html). properties: configurationSet: type: string @@ -148,18 +171,18 @@ spec: type: string type: object emailVerificationMessage: - description: This parameter is no longer used. See VerificationMessageTemplateType - (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html). type: string emailVerificationSubject: - description: This parameter is no longer used. See VerificationMessageTemplateType - (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html). type: string lambdaConfig: description: |- A collection of user pool Lambda triggers. Amazon Cognito invokes triggers - at several possible stages of authentication operations. Triggers can modify - the outcome of the operations that invoked them. + at several possible stages of user pool operations. Triggers can modify the + outcome of the operations that invoked them. + + This data type is a request and response parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) + and UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and a response parameter of DescribeUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html). properties: createAuthChallenge: type: string @@ -224,13 +247,17 @@ spec: type: string type: object mfaConfiguration: - description: Specifies MFA configuration details. type: string name: - description: A string used to name the user pool. type: string policies: - description: The policies associated with the new user pool. + description: |- + A list of user pool policies. Contains the policy that sets password-complexity + requirements. + + This data type is a request and response parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) + and UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and a response parameter of DescribeUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html). properties: passwordPolicy: description: |- @@ -258,9 +285,6 @@ spec: type: object type: object schema: - description: |- - An array of schema attributes for the new user pool. These attributes can - be standard or custom attributes. items: description: |- A list of the user attributes and their properties in your user pool. The @@ -324,16 +348,20 @@ spec: type: object type: array smsAuthenticationMessage: - description: A string representing the SMS authentication message. type: string smsConfiguration: description: |- - The SMS configuration with the settings that your Amazon Cognito user pool - must use to send an SMS message from your Amazon Web Services account through - Amazon Simple Notification Service. To send SMS messages with Amazon SNS - in the Amazon Web Services Region that you want, the Amazon Cognito user - pool uses an Identity and Access Management (IAM) role in your Amazon Web - Services account. + User pool configuration for delivery of SMS messages with Amazon Simple Notification + Service. To send SMS messages with Amazon SNS in the Amazon Web Services + Region that you want, the Amazon Cognito user pool uses an Identity and Access + Management (IAM) role in your Amazon Web Services account. + + This data type is a request parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html), + UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and SetUserPoolMfaConfig (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_SetUserPoolMfaConfig.html), + and a response parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html), + UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and GetUserPoolMfaConfig (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_GetUserPoolMfaConfig.html). properties: externalID: type: string @@ -343,13 +371,10 @@ spec: type: string type: object smsVerificationMessage: - description: This parameter is no longer used. See VerificationMessageTemplateType - (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_VerificationMessageTemplateType.html). type: string tags: additionalProperties: type: string - description: The tags to assign to the user pool. type: object userAttributeUpdateSettings: description: |- @@ -358,6 +383,10 @@ spec: Amazon Cognito how to handle changes to the value of your users' email address and phone number attributes. Formore information, see Verifying updates to email addresses and phone numbers (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html#user-pool-settings-verifications-verify-attribute-updates). + + This data type is a request and response parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) + and UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and a response parameter of DescribeUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html). properties: attributesRequireVerificationBeforeUpdate: items: @@ -372,6 +401,10 @@ spec: set to ENFORCED. For more information, see Adding advanced security to a user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-advanced-security.html). + + This data type is a request and response parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) + and UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and a response parameter of DescribeUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html). properties: advancedSecurityMode: type: string @@ -379,31 +412,18 @@ spec: userPoolTags: additionalProperties: type: string - description: |- - The tag keys and values to assign to the user pool. A tag is a label that - you can use to categorize and manage user pools in different ways, such as - by purpose, owner, environment, or other criteria. type: object usernameAttributes: - description: |- - Specifies whether a user can use an email address or phone number as a username - when they sign up. items: type: string type: array usernameConfiguration: description: |- - Case sensitivity on the username input for the selected sign-in option. When - case sensitivity is set to False (case insensitive), users can sign in with - any combination of capital and lowercase letters. For example, username, - USERNAME, or UserName, or for email, email@example.com or EMaiL@eXamplE.Com. - For most use cases, set case sensitivity to False (case insensitive) as a - best practice. When usernames and email addresses are case insensitive, Amazon - Cognito treats any variation in case as the same user, and prevents a case - variation from being assigned to the same attribute for a different user. - - This configuration is immutable after you set it. For more information, see - UsernameConfigurationType (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UsernameConfigurationType.html). + The configuration of a user pool for username case sensitivity. + + This data type is a request and response parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) + and UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and a response parameter of DescribeUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html). properties: caseSensitive: type: boolean @@ -413,11 +433,9 @@ spec: The template for the verification message that your user pool delivers to users who set an email address or phone number attribute. - Set the email message type that corresponds to your DefaultEmailOption selection. - For CONFIRM_WITH_LINK, specify an EmailMessageByLink and leave EmailMessage - blank. For CONFIRM_WITH_CODE, specify an EmailMessage and leave EmailMessageByLink - blank. When you supply both parameters with either choice, Amazon Cognito - returns an error. + This data type is a request and response parameter of CreateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_CreateUserPool.html) + and UpdateUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UpdateUserPool.html), + and a response parameter of DescribeUserPool (https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_DescribeUserPool.html). properties: defaultEmailOption: type: string @@ -469,7 +487,7 @@ spec: type: object conditions: description: |- - All CRS managed by ACK have a common `Status.Conditions` member that + All CRs managed by ACK have a common `Status.Conditions` member that contains a collection of `ackv1alpha1.Condition` objects that describe the various terminal states of the CR and its backend AWS service API resource diff --git a/helm/templates/NOTES.txt b/helm/templates/NOTES.txt index 04cf0a1..e705885 100644 --- a/helm/templates/NOTES.txt +++ b/helm/templates/NOTES.txt @@ -1,5 +1,5 @@ {{ .Chart.Name }} has been installed. -This chart deploys "public.ecr.aws/aws-controllers-k8s/cognitoidentityprovider-controller:1.0.4". +This chart deploys "public.ecr.aws/aws-controllers-k8s/cognitoidentityprovider-controller:1.0.5". Check its status by running: kubectl --namespace {{ .Release.Namespace }} get pods -l "app.kubernetes.io/instance={{ .Release.Name }}" diff --git a/helm/values.yaml b/helm/values.yaml index b138e9e..de94c11 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -4,7 +4,7 @@ image: repository: public.ecr.aws/aws-controllers-k8s/cognitoidentityprovider-controller - tag: 1.0.4 + tag: 1.0.5 pullPolicy: IfNotPresent pullSecrets: []