Class: Aws::CognitoIdentityProvider::Types::CustomDomainConfigType
- Inherits:
-
Struct
- Object
- Struct
- Aws::CognitoIdentityProvider::Types::CustomDomainConfigType
- Includes:
- Structure
- Defined in:
- lib/aws-sdk-cognitoidentityprovider/types.rb
Overview
The configuration for a custom domain, including the SSL certificate and TLS security policy.
Constant Summary collapse
- SENSITIVE =
[]
Instance Attribute Summary collapse
-
#certificate_arn ⇒ String
The Amazon Resource Name (ARN) of an Certificate Manager SSL certificate.
-
#security_policy ⇒ String
The security policy for the custom domain.
Instance Attribute Details
#certificate_arn ⇒ String
The Amazon Resource Name (ARN) of an Certificate Manager SSL certificate. You use this certificate for the subdomain of your custom domain.
5004 5005 5006 5007 5008 5009 |
# File 'lib/aws-sdk-cognitoidentityprovider/types.rb', line 5004 class CustomDomainConfigType < Struct.new( :certificate_arn, :security_policy) SENSITIVE = [] include Aws::Structure end |
#security_policy ⇒ String
The security policy for the custom domain. Defines the minimum TLS version and cipher suites that Amazon CloudFront supports when communicating with clients. For specific guidance, see Supported protocols and ciphers between viewers and CloudFront. Valid values are as follows:
-
TLS_V1_3_2025(strictest): A post-quantum-ready policy requiring TLS 1.3. It provides the strongest security posture and is ideal for workloads where all clients and browsers are updated to the latest versions. Supported protocols and ciphers for TLSv1.3_2025. -
TLS_V1_2_2021(recommended): A post-quantum-ready policy which prefers TLS 1.3 but allows fallback to TLS 1.2 to accommodate older clients. It is the recommended minimum for typical commercial-grade consumer applications. Supported protocols and ciphers for TLSv1.2_2021. -
TLS_V1(strongly discouraged): Permits fallback to TLS 1.0. It offers the broadest compatibility, including support for legacy clients that are more than a decade old. This compatibility comes at the expense of allowing TLS versions and cryptographic algorithms that are no longer considered safe for commercial use. Supported protocols and ciphers for TLSv1.
5004 5005 5006 5007 5008 5009 |
# File 'lib/aws-sdk-cognitoidentityprovider/types.rb', line 5004 class CustomDomainConfigType < Struct.new( :certificate_arn, :security_policy) SENSITIVE = [] include Aws::Structure end |